Vulnerabilities

What is cross-site scripting (XSS)? Low-hanging fruit for both attackers and defenders

With XSS, attackers enter malicious code into a web form or web app URL to trick the application into doing something it's not supposed to do.

Adobe’s CSO talks security, the 2013 breach, and how he sets priorities

Brad Arkin has led Adobe's new approach to security and aims to make sure one of history’s biggest data breaches doesn’t happen again.

MS Office vulnerabilities, unexplained outage puts Microsoft in a tough spot

The biggest software company in the world, Microsoft has had a rough month with significant spikes in targeted malware attacks and an out-of-the-blue Office 365 outage that threw enterprises out of gear all over the globe. 

Cybersecurity remains biggest barrier to fintech, banking sector partnerships in APAC

Lack of cybersecurity safeguards in fintech companies has raised serious concerns, especially with the implementation of EU’s GDPR in May 2018.

Verizon report: Ransomware top malware threat of 2017, moving into critical systems

DDoS attacks are also on the rise, but spying reports are down. Fewer people are clicking on phishing links.

Cisco broadens Tetration security delivery with cloud, virtual buying options

Cisco's Tetration-V and Tetration-SaaS give businesses interested in the security-analytics platform the option of a cloud service or software that runs on virtual appliances.

More cyber criminals turn towards mining cryptocurrencies: Kaspersky

The experts at Kaspersky Lab found evidence showing that criminals are adding mining capacities into legitimate applications and spreading them under the guise of football broadcasting and VPN applications

5 myths of API security

In light of Panera Bread’s API-related data breach, here what is — and isn’t — true about protecting application programming interfaces.

What hackers do: their motivations and their malware

Whether a hacker uses a computer exploit or malware, their motivations are the same. Understanding why and how hackers hack is key to your defense.

Drupal CMS bug may leave a million websites compromised

Drupal releases fixes for the vulnerabilities on its Drupal 7.x and 8.x versions, to offset vulnerabilities that could compromise a million websites powered by the affected versions.

In the face of rampant threats, learn, implement and adapt: S Srikanth, TVS Motor

People need to understand the business and reputational impact of a data breach, says S. Srikanth, head of information security at TVS Motor Company.