Posted in Application Security, IBM, Microsoft Office, Microsoft Windows, Patch Management, security, security management, Vulnerability Assessment on December 14th, 2011 by InfoWorld Tech Watch
In 2011 the number of critical vulnerabilities in Microsoft software fell to its lowest level in six years. In addition, data from IBM shows fewer vulnerabilities overall are being exploited by security researchers and attackers.
Posted in Application Security, IBM, Microsoft Office, Microsoft Windows, Patch Management, security, security management, Vulnerability Assessment on December 14th, 2011 by InfoWorld Tech Watch
In 2011 the number of critical vulnerabilities in Microsoft software fell to its lowest level in six years. In addition, data from IBM shows fewer vulnerabilities overall are being exploited by security researchers and attackers.
Posted in Application Security, IBM, Microsoft Office, Microsoft Windows, Patch Management, security, security management, Vulnerability Assessment on December 14th, 2011 by InfoWorld Tech Watch
In 2011 the number of critical vulnerabilities in Microsoft software fell to its lowest level in six years. In addition, data from IBM shows fewer vulnerabilities overall are being exploited by security researchers and attackers.
Posted in Anti-Spyware, Application Security, security, Web Security on December 12th, 2011 by InfoWorld Tech Watch
Programmers have a strong sense of ownership for the software they create.
Posted in Application Development, Application Security, Cyber Crime, Malware, security on November 17th, 2011 by InfoWorld Tech Watch
Signed code has become one of the common measures used to secure various computing platforms. Relatively young operating systems -- such as Apple's iOS and Google's Android -- require that all code be signed using a valid developer signature.
Posted in Application Development, Application Security, Java Programming, security on November 15th, 2011 by Roger A. Grimes
There's no denying the popularity of Java, as evidenced by its ubiquity on home and work systems worldwide. But it's easy for computers -- both in homes and at organizations -- to have multiple versions of Java installed, thus exposing those systems to security exploits. IT admins need to do a better job of closing those holes. One critical step, which I've recommended for years, is for admins and users to update to the most recent version of Java (applications permitting) and to remove all other existing versions.
Posted in Application Security, Authentication, security, Security Standards, Vulnerability Assessment, Web Security on November 8th, 2011 by Roger A. Grimes
Microsoft has taken the unusually bold step of revoking the Windows Root Certificate Program's trust in a specific certification authority (CA), and the same CA is being blacklisted by browser makers Mozilla and Opera.
Posted in Application Development, Application Security, security on October 11th, 2011 by Roger A. Grimes
The Apache Software Foundation rolled out a patch last week to fix an Apache Server reverse-proxy vulnerability that allowed malicious hackers to access protected folders. Whether or not your organization runs Apache, the incident serves as a great reminder of the importance of performing vulnerability testing -- not just on the code you write in-house but that of third-party offerings as well.
Posted in Application Development, Application Security, security on October 11th, 2011 by Roger A. Grimes
The Apache Software Foundation rolled out a patch last week to fix an Apache Server reverse-proxy vulnerability that allowed malicious hackers to access protected folders. Whether or not your organization runs Apache, the incident serves as a great reminder of the importance of performing vulnerability testing -- not just on the code you write in-house but that of third-party offerings as well.
Posted in Anti-virus, Application Development, Application Security, Applications, Free Tools, Internet, Internet Privacy, Open-Source Software, security, Web Development on July 25th, 2011 by lblackwelder
Music to c0d3 too: