Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A new type of CAPTCHA system introduced by Google is efficient in preventing spam and abuse, and makes it easy for users to verify that they are human.
Google released two new security tools designed to help Google Apps users protect their accounts.
Docker, a platform used to build, ship, and run distributed applications, has been updated to version 1.3.2 to address two critical vulnerabilities.
Thousands of backdoored plugins and themes for popular content management systems (CMS) are being leveraged by a threat group to abuse Web servers on a large scale.
Radware has launched a new hybrid solution designed to help enterprise organizations detect and protect against sophisticated and volumetric DDoS attacks.
WordPress 4.0.1 fixes several vulnerabilities, including a critical flaw that could have been exploited to compromise websites.
Drupal 6.34 and Drupal 7.34 were released to address multiple moderately critical vulnerabilities affecting prior versions.
The creators of the jQuery Validation Plugin have fixed a vulnerability in a demo component that was first reported to them more than three years ago.
Researchers claim that a new attack method can be leveraged to silently modify the digital ballots used in the Internet voting process.
Microsoft has acquired Israeli cyber security startup Aorato, a company focused on protecting Active Directory deployments.

FEATURES, INSIGHTS // Application Security

rss icon

Michael Callahan's picture
The threats that companies face will continue to accelerate. And while that might seem like a very obvious and not so insightful observation, the devil is in the details. Here are the trends both in the threats and how we will respond to them in 2014.
Michael Callahan's picture
There are several steps companies can take on the server side to identify and disrupt brute force attacks.
Michael Callahan's picture
There’s more than functionality and availability issues ailing Healthcare.gov. There’s significant potential for compromise.
Nimmy Reichenberg's picture
There are numerous financial and operational reasons to make the move to a private, public or hybrid cloud, but you must understand the impact on applications .
Tal Be'ery's picture
In this column, Tal explores the recent trend of hackers abusing the target’s Web application in order to launch an attack on the datacenter.
Michael Callahan's picture
While obscuring website code, server architecture, and security mechanisms doesn’t provide bullet-proof security on its own, it is actually pretty effective.
Nimmy Reichenberg's picture
Critical applications fuel the business, yet oftentimes there is a disconnect between the business requirements and the security policy. Aligning the two will ultimately improve security and allow IT to keep up with the dynamic needs of the business.
Nimmy Reichenberg's picture
Today’s businesses must be able to rapidly adapt to changing market conditions – to support a new venture, merger/acquisition, etc. As business needs change, so too must the underlying security policies.
Marc Solomon's picture
To understand today’s array of threats and effectively defend against them, IT security professionals need to start thinking like attackers.
Mark Hatton's picture
There is a term currently permeating the security industry that distracts everyone from the larger goals at hand of making networks safer, mitigating threats and protecting critical data. The term is hype.