In the wake of the discovery of the serious Android Stagefright flaws, which affect an estimated 950 million devices, security researchers reveal that they discovered yet another Stagefright flaw - and that Google's initial fix could be exploited.
The Windows 10 Home edition being released by Microsoft includes on-by-default cloud services that may pose "bring your own device" risks to organizations, F-Secure security expert Sean Sullivan warns.
Thou shalt not reverse engineer Oracle's products. That was the stunning diktat issued by Oracle CSO Mary Ann Davidson in a blog post that some are reading as a declaration of war against the security research community.
The APT gang known as Darkhotel quickly tapped a Hacking Team exploit for Flash, Kaspersky Lab reports. But the gang's ongoing trickery shows that organizations must do more than just patch against the latest threats.
Given that hacking is an everyday threat to most organizations, reliable security depends on understanding the exposure, weaknesses and threats that could lead to a breach in the defences, says PWC's Wouter Veugelen.
The Black Hat conference features presentations that have already led to very public warnings about remotely hackable flaws in everything from Jeep Cherokees and Linux-powered rifles to Android mobile devices and Mac OS X.
Attackers could abuse flaws in Android's Stagefright media library to seize control of almost 950 million devices, just by sending a text, a security researcher warns. But will most devices ever see related fixes?
"All I see are more targets for hackers - starting with just mischief and curiosity, leading to crime and other malicious intents," says Anthony Lim of (ISC)Â². What can leaders do to improve application security?
India's burgeoning mobile penetration has led to a massive uptake in app usage. Frenetic development to meet demand has found security ignored. Dhananjay Rokde discusses how this ecosystem functions today.
Application security is not keeping pace with evolving attacks, says Prasenjit Saha, a CEO at the consultancy Happiest Minds Technologies. One problem: lack of a standard, secure coding process in the application development life cycle.
In an application-driven economy, security is not just about deploying controls for protection. It's about being a business enabler, says Steve Firestone, general manager of the security business at CA Technologies.
With white-hat security researchers gaining increasing mainstream recognition, hacking as a vocation is no longer taboo - and Indian researchers are flocking to the profession, says HackerOne's Katie Moussouris