Here’s Why Even Official Public App Stores Can’t Be Trusted

One of the first rules of protecting end user devices has always been “Install anti-virus software and keep it up to date.” Even as people have shifted from laptops and desktops to more mobile devices like smart phones and tablets, security experts Continue Reading →

“Jekyll App” Beats IOS Security Measures

Researchers at Georgia Institute of Technology say they have developed what they call a “Jekyll app” for iOS devices that bypasses Apple’s security measures and can be used for a range of malicious purposes from sending tweets and dialing numbers to operating the Continue Reading →

Report: 86% Of All Vulnerabilities Found In Third-Party Programs; SCADA At Particular Risk

Go ahead, patch those Microsoft products all you want. It won’t necessarily make you impervious to attack, according to a new report. A vulnerability review, issued last week by the vulnerability management company Secunia, found that 86 percent of vulnerabilities discovered in Continue Reading →

That Really Cool App You Put on Your Smart Phone is Probably Collecting All Sorts of Information – and You Don’t Even Know It

A few weeks ago I warned that mobile applications may not behave the way that users expect them to. (See “App Happy Downloaders May Get More Than They Expect.”) As a follow-up to that post, I talked more in-depth with Domingo Guerra, Continue Reading →

App Happy Downloaders May Get More than They Expect

On January 7, Apple announced that customers have downloaded over 40 billion apps, with nearly 20 billion in 2012 alone. The App Store has over 500 million active accounts and had a record-breaking December with over two billion downloads during the month. Continue Reading →

Web Application Vulnerability Statistics Report Released

The exploitation of web application vulnerabilities continues to be one of the leading causes of enterprise data loss, and even in the wake of numerous high profile and well publicized breaches, many organizations have failed to address the most common application flaws, Continue Reading →

Enterprise Accounting Systems Vulnerable to Hacker Mayhem

Hackers have long targeted systems that hold sensitive and proprietary enterprise data with the intent to make a buck on the black market, but a new exploit proof-of-concept unveiled at the Black Hat security conference in Abu Dhabi on December 6 reveals Continue Reading →

SMS Spoofing Attack Leaves Twitter Users Vulnerable

We’ve all seen them. The unsolicited Tweet, direct message, or Facebook posting from a reputable colleague or personal contact that is undoubtedly the result of a compromised account, sometimes utilized for by cybercriminals for general spamming purposes and other times part of Continue Reading →

BYOD, APTs and Applications Top Endpoint Security Concerns

As the information technology landscape changes with the advent of new products and services being adopted by organizations, so do the threat vectors that demand the most attention. According to a new study commissioned by Lumension and conducted by the the Poneman Continue Reading →

Researchers Find More Widespread SSL Vulnerabilities

What is a critical security feature in an application worth if it doesn’t provide any security? Not much, according to researchers who uncovered widespread and very exploitable vulnerabilities in Secure Sockets Layer (SSL) implementations during their examination of a selection of non-browser Continue Reading →