May 17, 2020 | AppSec Classroom, Software Exploits
Many organizations have advanced from the DevOps methodology to DevSecOps, and it is expected this trend will continue throughout 2020 as more enterprises leverage the cloud. A DevSecOps approach promotes collaboration between software application development teams...
Feb 6, 2019 | Software Exploits
One hundred percent—all of the applications tested by Positive Technologies—had some kind of vulnerability. You might think, “Yeah, but how many of those were real, critical vulnerabilities?” Well, 94 percent of web applications tested contained a high-severity...
Dec 13, 2018 | News, Software Exploits
Web application attacks are on the rise. A recent study found that they were the primary cause of reported breaches in 2017 and Q1 2018. This marked increase is partly due to the greater variety in web application vulnerabilities, as new attack vectors are found and...
Oct 22, 2018 | Security Threats, Software Exploits, Software Vulnerabilities
Continuous Integration (CI) and Continuous Delivery (CD), or CI/CD, are part of the Agile and DevOps approach to software development. The most prominent aspect of Agile development—and its most important rule—is that it requires software development to be responsive...
Mar 25, 2015 | Software Exploits
Many Android devices are susceptible to “Android Installer Hijacking” attacks that have the potential to compromise devices and give illegitimate apps access to sensitive data. This type of attack exploits a vulnerability called “Time-of-Check to Time-of-Use...
Dec 10, 2014 | Software Exploits
Shellshock reared its ugly on September 24, 2014 when Stephane Chazelas discovered the bug that is also referred to as Bash Bug or Bashdoor. Its name(s) comes from the fact that this bug affects the Unix Bash shell, which provides an interface for the UNIX operating...
Nov 18, 2014 | Software Exploits
A pattern is definitely starting to become apparent in recent data breaches. It starts with banks discovering fraudulent activity on their customers’ credit cards and informing security expert and investigative reporter, Brian Krebs, of KrebsonSecurity.com. He then...
Nov 18, 2014 | Software Exploits
More than one million websites are running on Drupal worldwide. So when a security threat is announced regarding this popular open-source content management platform, website administrators around the globe start to scramble. Websites such as the San Francisco...
Nov 1, 2014 | Software Exploits
The discount retailer known for their Blue Light Specials has been added to the increasingly long list of companies in 2014 that have experienced serious data breaches. On October 9, 2014 Kmart’s IT team discovered that its payment data systems were hacked. They...
Oct 15, 2014 | Software Exploits
Known for its delicious frozen treats, the Dairy Queen restaurant chain joins the unenviable group of major retailers that has been hacked. On October 9, 2014, the same day Kmart announced its data breach, Dairy Queen notified its customers that 394 of its 4,500...
