Category Archives: Application Security

DDoS Attacks – A Mainstream Occurrence and Disruption to Your Business

Corero recently partnered with John Pescatore, Director of Emerging Security Trends with the SANS Institute in developing a survey program designed to shed more light on organizations’ experiences with DDoS attacks. What we uncovered does not come as a surprise to those well entrenched in the DDoS defense space. The results continue reinforce the need for businesses to build and execute … Read more

Posted in Application Security, DDoS, Network Security, Security Threats | Tagged , , | Leave a comment

National Cybersecurity Career Fair in June Will Connect Employers to Entry Level Cybersecurity Workers

Do you know anyone who is an aspiring cyber security professional? Here is some important information to pass along to help them get their career started. This is also big news if your organization is looking to recruit entry-level people for IT security positions. Coming up this June 18 and 19, 2014, Cyber Aces is presenting the first National Cybersecurity … Read more

Posted in Application Security, Cloud Security, Data Protection, Governance, Risk and Compliance, Mobile Security, Network Security, Security Management, Security Threats, Uncategorized | Tagged , , | Leave a comment

Cybersecurity in the U.S. Healthcare System is in Critical Condition and Needs Intensive Care

Last fall my husband was visiting a relative in the hospital when he noticed an Ethernet port on the side of the bed. He asked the nurse what the hospital uses the port for. She explained that they occasionally connect patient-monitoring devices to the port on the bed to facilitate transmission of alerts to the nurses’ station. For example, if … Read more

Posted in Application Security, Data Protection, Governance, Risk and Compliance, Network Security, Security Management, Security Threats, Uncategorized | Tagged , , , , , | Leave a comment

Attack of the Month Video Blog Series: Application Layer DDoS Attacks

Happy Valentine’s Day everyone. For the LOVE of DDoS defense, I’m pleased to share with you another video blog, this time focused on Application Layer attacks. Today’s 5 minute session I will cover Application Layer attacks in more detail: What are these attacks? Why are they an emerging threat, or continue to be a successful attack tool? What is the … Read more

Posted in Application Security, Data Protection, Network Security, Security Management, Security Threats, Uncategorized | Leave a comment

A new generation of IT security solutions for an evolving threat landscape

I recently had a chat with Manish Gupta, senior vice president of products at security vendor FireEye. Gupta described how the IT threat landscape has changed dramatically over the last three or four years, and how this has rendered legacy security solutions rather weak. This means that a new generation of IT security solutions has to be developed to counter … Read more

Posted in Application Security, Cloud Security, Mobile Security, Network Security, Security Threats, Uncategorized | Tagged , , , , | Leave a comment

A must-read report for everyone involved in software development: “The State of Application Security”

If you have any role at all regarding security in the application development process – especially a leadership role that oversees development – you simply must read a new report by the Ponemon Institute and the application security company Security Innovation. You’ll find “The State of Application Security” here. (Behind registration form) To me, this report is absolutely alarming. The … Read more

Posted in Application Security, Data Protection, Governance, Risk and Compliance, Network Security, Uncategorized | Tagged , , | Leave a comment

“Jekyll App” Beats IOS Security Measures

Researchers at Georgia Institute of Technology say they have developed what they call a “Jekyll app” for iOS devices that bypasses Apple’s security measures and can be used for a range of malicious purposes from sending tweets and dialing numbers to operating the camera. In a paper presented this month at the USENIX Security Symposium in Washington, D.C., the researchers say … Read more

Posted in Application Security, Network Security, Security Management, Uncategorized | Tagged , | Leave a comment

Android Master Key Malware Surfaces in China

The first known malware to exploit the Android master key vulnerability described by BlueBox Security has been found in an application market based in China, a McAfee researcher reported this week. Mobile malware researcher Daisuke Nakajima said the app used the vulnerability to hide the malicious classes.dex from Android’s package signature verification. “This vulnerability allows an attacker to inject malicious … Read more

Posted in Application Security, Mobile Security, Security Management, Security Threats, Uncategorized | Tagged , , , , | Leave a comment

I Spy With My Little Eye…A Scam!

If someone offered you the opportunity to secretly read your friends’ instant messages without being detected, would you want to do that? You could spy on your significant other, or your friends and coworkers—and no one would be the wiser. All you have to do is go to a discreet website and provide your cell phone number so you can … Read more

Posted in Application Security, Security Threats, Uncategorized | Tagged , , , , | Leave a comment

What To Do When Ransomware Holds a PC Hostage

In my previous post, I talked about ransomware locking a user out from his PC. This article is geared toward the IT professional who may be called upon to attempt to unlock the PC and clean up the mess the malware leaves behind. For the advice below, I consulted with John Harrison, Group Manager at Symantec Security Response. His team … Read more

Posted in Application Security, Network Security, Security Threats, Uncategorized | Tagged , , , , | 1 Comment