Salesforce says it has nearly recovered from a botched database update that wiped out user permissions within its Pardot marketing management product on Friday. The error allowed Salesforce users access to previously restricted profiles.
The lack of secure coding is a pervasive and serious threat to national security, according to a new paper from the Institute for Critical Infrastructure Technology. In an interview, Rob Roy, co-author of the report, outlines what steps should be taken to encourage or enforce secure coding practices.
Application Shielding Considered Must-Have Protection
By 2020, 30% of enterprises will use application shielding to protect at least one of their mobile, IoT and JavaScript critical applications, up from 5% today, according to Gartner's latest Market Guide for Application Shielding.
The evolving threat landscape,...
Newly discovered microarchitectural data sampling flaws in Intel processors - collectively dubbed "ZombieLoad" - could be exploited to steal private data from PCs and servers, including shared cloud environments. Intel, Microsoft, Apple and others have begun to ship patches designed to help mitigate the problems.
While cloud computing offers many advantages, a major disadvantage has been security, because data physically resides with the cloud service provider (CSP) and out of the direct control of the owner of the data. For enterprises that elect to use encryption to protect their data, securing their encryption keys is of...
Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their phone - and then alter call logs to hide attack traces is "a bit of a nightmare scenario," says cybersecurity expert Alan Woodward.
Application Security can't continue to be the responsibility of just security experts anymore. After all, anyone can code! And while there are certainly best practices, there is no one-size-fits all. A reasonably designed and executed program should make everyone's job easier.
Join this session for first-hand insight...
A Chinese hacking group was using exploits and tools developed by the NSA months before the tools were released by another group, Symantec says in a new report. The surprising report deepens the mystery around an extraordinary situation in which the U.S.'s most effective cyberweapons were compromised.
With today's challenges from an increasingly hostile threat landscape, combined with a lack of people, expertise, and budget, organizations are driving toward optimizing their SIEM and SOAR solutions in order to get the highest return their investment. Of the greatest areas of unmet need with SIEM and SOAR solutions,...
New exploits released online that target long-known configuration weaknesses in SAP's NetWeaver platform could pose risks to payroll, invoicing and manufacturing processes, according to researchers at Onapsis. As many as 50,000 companies could be vulnerable.
Federal regulators and medical device maker Philips have issued alerts about a security vulnerability in the company's Tasy electronic medical records system that could put patient data at risk. How common is this type of vulnerability?
The U.S. Department of Homeland Security is requiring that federal agencies speed up patching and remediating "critical" and "high" software vulnerabilities. Security experts say this change is long overdue. But does it go far enough?
Do you know how attackers can move once they're inside your network? The access footprint changes constantly as users log on and off, restart systems, change roles, and access resources. Until now, these conditions have only been visible when skilled analysts inspect individual systems. Attack Surface Manager reveals...
Every organization has systems that can't be secured well enough - perhaps because they can't be patched in a timely manner, can't provide data for monitoring, or aren't compatible with standard security tools. When unsecurable systems support mission-critical processes or hold valuable data, cyberattackers are adept...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.