One hundred percent—all of the applications Positive Technologies tested—had some kind of vulnerability. You might think, “Yeah, but how many of those were real, critical vulnerabilities?” Well, ninety-four percent of web applications tested contained a high-severity software flaw. Eighty-five percent of those same applications contained at least one confirmed, exploitable vulnerability.
Web application attacks are on the rise. A recent study found that they were the primary cause of reported breaches in 2017 and Q1 2018. This marked increase is partly due to the greater variety in web application vulnerabilities, as new attack vectors are found and exploited.
Continuous Integration (CI) and Continuous Delivery (CD), or CI/CD, are part of the Agile approach to software development. The most prominent aspect of Agile development—and it’s most important rule—is that it requires software development to be responsive to change through an iterative process.
Many Android devices are susceptible to “Android Installer Hijacking” attacks that have the potential to compromise devices and give illegitimate apps access to sensitive data. This type of attack exploits a vulnerability called “Time-of-Check to Time-of-Use...
Shellshock reared its ugly on September 24, 2014 when Stephane Chazelas discovered the bug that is also referred to as Bash Bug or Bashdoor. Its name(s) comes from the fact that this bug affects the Unix Bash shell, which provides an interface for the UNIX operating...
A pattern is definitely starting to become apparent in recent data breaches. It starts with banks discovering fraudulent activity on their customers’ credit cards and informing security expert and investigative reporter, Brian Krebs, of KrebsonSecurity.com. He then...
More than one million websites are running on Drupal worldwide. So when a security threat is announced regarding this popular open-source content management platform, website administrators around the globe start to scramble. Websites such as the San Francisco...
The discount retailer known for their Blue Light Specials has been added to the increasingly long list of companies in 2014 that have experienced serious data breaches. On October 9, 2014 Kmart’s IT team discovered that its payment data systems were hacked. They...
Known for its delicious frozen treats, the Dairy Queen restaurant chain joins the unenviable group of major retailers that has been hacked. On October 9, 2014, the same day Kmart announced its data breach, Dairy Queen notified its customers that 394 of its 4,500...