Mobile banking is growing out of its infancy and experts predict it will soon be the dominant banking and payments channel. With the vast array of endpoints being utilized, and multiple threat vectors being introduced, how are the threats of rogue mobile apps, mobile malware and SMiShing evolving? What vectors are...
Part 1 - Leveraging Global Threat Intelligence to Secure Mobile Banking
To secure our growing dependence on mobile devices, it is critical that we keep a constant eye on the current threat landscape. Only by continuously monitoring and analyzing malicious activity can an appropriate defense be crafted. There are...
As news of the Shellshock bug continues to spread, CISOs in all sectors are taking steps to mitigate the risks posed by the vulnerability. Likewise, regulators and industry groups have ramped up dissemination of alerts.
Attackers have exploited the Shellshock vulnerability - a.k.a. Bash bug - to infect at least 700 Linux systems with malware that includes the ability to launch DDoS attacks. Users of Unix systems are vulnerable.
To mitigate the newly discovered Bash bug - AKA Shellshock - which may make millions of systems vulnerable to remote takeover, organizations must take several key steps, says security expert Alan Woodward.
As more organizations accommodate employees' demands to use mobile devices, ensuring the security of the applications on those smart phones and tablets has become critical. That's why NIST is developing new apps testing guidance.
Attackers increasingly focus on software vulnerabilities in what application security expert Anthony Lim calls "the invisible onslaught." How can the CISO exert more control over software development?
Oracle has stopped supporting XP, but promises the next update for Java 7 -- though not Java 8 -- will still run on XP. But for how long will this continue? Security experts chart XP's "downward spiral."
For too long, code writers have been measured on the features built into their applications - not the potential security vulnerabilities. It's time to change that perspective, says Maty Siman of Checkmarx.
Data exfiltration, network breach, identity theft, brand defacement... Enterprises are under attack. Traditional security methods have been unable to keep up with hackers in today's changing application environment. The success of improved network security products together with the increased attack surface...
A hot topic among U.S. federal government security managers and other infosec pros is developing a process to vet mobile applications. The National Institute of Standards and Technology is offering a solution called AppVet.
The chief executive of the Finnish company that uncovered the Internet website vulnerability known as Heartbleed says security practitioners should rethink how they approach IT security by placing a greater emphasis on vetting software for vulnerabilities.
A notion emerging from the Heartbleed bug is that organizations can't determine if the vulnerability caused data to be exfiltrated. But CERT's Will Dormann says that may not always be the case.
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
