Blog Posts Tagged with "applications"

37d5f81e2277051bc17116221040d51c

Five Security Considerations for a Mobile Phone

August 18, 2011 Added by:Robert Siciliano

Mobile users have recently captured the attention of cyber criminals. The Department of Homeland Security and the STOP. THINK. CONNECT. program recommends the following tips to help you protect yourself and to help keep the web a safer place for everyone...

Comments  (0)

4e21f96122846f32545687ad42b271e2

Agnitio v2.0 and Mobile Apps

August 17, 2011 Added by:Security Ninja

Regardless of the resource exposure based on the arguments to the creation function, malicious applications or malicious users that have root access to the device will be able to read or write to anything on the device. Truly sensitive data should never be stored on the device itself...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Mobile Payment Application PA-DSS Cert Clarification

August 02, 2011 Added by:PCI Guru

The PCI SSC has stated in this latest clarification that Category 1 and 2 applications and devices can continue through the certification process. These mobile applications have been explicitly called out even though they have been part of the certification process in the past...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Most Important Security Question Ever Asked

June 01, 2011 Added by:Rafal Los

I've been learning a lot lately from one of my senior colleagues who's been doing this software security assurance thing much longer than I have, and the more time I spend with him the more I understand that it all comes down to one very simple question: Why?

Comments  (5)

0a8cae998f9c51e3b3c0ccbaddf521aa

Security on Mobile Payment Terminals via Consumer Devices

May 16, 2011 Added by:Rafal Los

The reality of the situation is that we don't have any good answers. I've been looking unsuccessfully for some type of guidance that doesn't rely on the underlying mobile OS to protect the application - but that's really a fool's errand anyway...

Comments  (1)

37d5f81e2277051bc17116221040d51c

Mobile Phone Operating System Insecurity

April 26, 2011 Added by:Robert Siciliano

Research is primarily geared towards securing mobile payments, and there is a lack of coordination between mobile payment developers, device manufacturers, and mobile operating system platform developers. Hackers are taking advantage of the loophole created by this lack of coordination...

Comments  (1)

4c1c5119b03285e3f64bd83a8f9dfeec

Forklifting Apps to the Cloud – Realistic or Not?

April 17, 2011 Added by:Ben Kepes

Aspects of this discussion are little more than cloud elites arguing finer points. There are some issues in the message used to justify the cloud to enterprises. We need to have a consistent story about what the cloud really means for an enterprise – something that is sadly lacking today...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Software Security Assurance in a "One Man Show"

April 15, 2011 Added by:Rafal Los

Down-scaling an enterprise security challenge into a smaller fit is more of a challenge than you'd think, because it's just too easy to say 'outsource it all'... but how does that actually help an organization write more secure software? The answer is that it doesn't...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Commodity Clouds for Enterprise: Inside the Economics

April 05, 2011 Added by:Ben Kepes

Unfortunately, in the light of what can only be called FUD on the part of more traditional vendors, it is natural that those building clouds in the most efficient (read cheapest) of ways, fight back against some of that spin...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

LinkedIn Sued for Disclosing User IDs to Advertisers

March 31, 2011 Added by:Headlines

Referrer headers sent to the third parties contain a unique identifier that is associated with a cookie issued by LinkedIn. The suit maintains that this practice reveals sensitive information regarding the referring member's browsing habits and history...

Comments  (0)

11146d62a6c31fb9fac8ac8ac991e08d

Secure Coding: Missing the Goal

March 29, 2011 Added by:Andy Willingham

If we continue to allow poor coding practices then we will always be behind the curve and playing catch-up with the hackers. I know code will always have errors and vulnerabilities in it just as infrastructure and other areas where we implement protections will always have their shortcomings...

Comments  (1)

F520f65cba281c31e29c857faa651872

Cloud in the Enterprise is Far from a Reality

March 23, 2011 Added by:Rahul Neel Mani

IFS Applications are built on the principle of open architecture, allowing other applications to access information and invoke functionality. Total solution integration ensures free flow of information whatever combination of software one uses. Both the services layer and application core are accessible...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Social Networkers Blindly Joining "Connect.me"

March 09, 2011 Added by:Headlines

Users are asked to allow the service's application to interface with their LinkedIn, Facebook, and Twitter accounts. According to Cluley's research, potentially thousands of people have already done so. The problem is, no one is entirely sure what Connect.me is...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Implementing Complex Systems for Testing Application Logic

March 07, 2011 Added by:Rafal Los

Creating a system or a testing framework which can appropriately enable a previously entirely manual process is tricky - and while fully automating the finding of logic flaws may still be beyond our reach the research and ideas presented herein are steps forward to that direction...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Five Tips to Keep Your Android Phone Secure

March 04, 2011 Added by:Headlines

Whenever you download or update an app, you are given a list of permissions for that app. That alarm clock app you are looking at probably shouldn't need to be looking through your contacts. The general rule of thumb is if an app is asking for more than it does, you should probably skip it...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Attackers Utilize Emerging Technologies

March 01, 2011 Added by:Headlines

"Attackers know the limits of traditional security solutions, but they are also very good at taking advantage of emerging technologies and new vectors for attack. Standalone user applications, social engineering attacks, and the move to HTTPS all have the potential to introduce new threats"...

Comments  (0)

Page « < 1 - 2 - 3 > »