In the wake of the severe Stagefright flaw being discovered, numerous security-savvy experts say they now plan to ditch Android. Is it time for enterprises to start blocking unpatched Android devices?
Attackers could abuse flaws in Android's Stagefright media library to seize control of almost 950 million devices, just by sending a text, a security researcher warns. But will most devices ever see related fixes?
If SSL goes away today, the Internet needs a security plan B, says Uniken's Chief Security Evangelist, Menny Barzilay. Innovation on the application level is what will restore trust, he believes.
"All I see are more targets for hackers - starting with just mischief and curiosity, leading to crime and other malicious intents," says Anthony Lim of (ISC)². What can leaders do to improve application security?
Enterprise developers are under pressure to produce quickly mobile apps, often leaving security as a second thought. Denim Group's John Dickson suggests ways to make security a priority.
India's burgeoning mobile penetration has led to a massive uptake in app usage. Frenetic development to meet demand has found security ignored. Dhananjay Rokde discusses how this ecosystem functions today.
Application security is not keeping pace with evolving attacks, says Prasenjit Saha, a CEO at the consultancy Happiest Minds Technologies. One problem: lack of a standard, secure coding process in the application development life cycle.
In an application-driven economy, security is not just about deploying controls for protection. It's about being a business enabler, says Steve Firestone, general manager of the security business at CA Technologies.
With white-hat security researchers gaining increasing mainstream recognition, hacking as a vocation is no longer taboo - and Indian researchers are flocking to the profession, says HackerOne's Katie Moussouris
The Hong Kong regional headquarters of (ISC)² is collaborating with universities across Asia through its Global Academic Program to deliver essential skills to help grow the information security workforce.
US-CERT warns that all Linux distributions should be immediately updated to patch "GHOST," a serious security vulnerability. Attackers could exploit the bug to remotely seize control of a system.
Because of employees' increasing demands to use mobile devices at work, NIST's latest special publication provides organizations with a process to implement a mobile app vetting process.
Adobe confirms that a zero-day flaw exists in its Flash browser plug-in and promises to soon release Windows, Mac and Linux fixes for affected versions of Flash Player. The vulnerability is reportedly already being targeted by in-the-wild attacks.
The OpenSSL Heartbleed bug hasn't died, with recent scans still finding 250,000 Internet-connected systems that remain vulnerable. Security experts recommend enterprises expand their patching efforts to find devices with embedded firmware that contain the flaw.
Last year, a number of application vulnerabilities led to compromises of many organizations' systems, serving as an important reminder that application security is vital to any breach prevention effort. Here, experts offer four app security tips.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
