Attackers increasingly focus on software vulnerabilities in what application security expert Anthony Lim calls "the invisible onslaught." How can the CISO exert more control over software development?
Oracle has stopped supporting XP, but promises the next update for Java 7 -- though not Java 8 -- will still run on XP. But for how long will this continue? Security experts chart XP's "downward spiral."
We've been talking about shifting away from legacy mag-stripe technology and a move toward EMV chip cards for the last decade in the U.S. So is it too late, or is there still hope for EMV?
Security executives who attended ISMG's Fraud Summit Chicago said they see a growing need for sharing more cyber-intelligence with community banks and credit unions. But how else could smaller institutions improve their fraud-fighting efforts?
For too long, code writers have been measured on the features built into their applications - not the potential security vulnerabilities. It's time to change that perspective, says Maty Siman of Checkmarx.
The fact that the U.S. federal government would, under some circumstances, exploit software vulnerabilities to attack cyber-adversaries didn't perturb a number of IT security providers attending the 2014 Infosecurity Europe conference in London.
A hot topic among U.S. federal government security managers and other infosec pros is developing a process to vet mobile applications. The National Institute of Standards and Technology is offering a solution called AppVet.
The chief executive of the Finnish company that uncovered the Internet website vulnerability known as Heartbleed says security practitioners should rethink how they approach IT security by placing a greater emphasis on vetting software for vulnerabilities.
A notion emerging from the Heartbleed bug is that organizations can't determine if the vulnerability caused data to be exfiltrated. But CERT's Will Dormann says that may not always be the case.
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
The rise in usage of mobile devices has also come with a commensurate rise in application risk. View this webinar to find out how to make mobile app security a priority and tame the chaos.
Leading today's RSA Conference 2014 industry news roundup, Thycotic announces RSA survey results, while Freescale Semiconductor announces support for software.
Cisco has launched a new open source initiative focused on application identification, says Scott Harrell, vice president of the company's security business group.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.