Category Archive for "Web Security"
Third-party Web UI for Docker has major security flaws
DockerUI, a third-party Web interface for the popular software containerization system, has “multiple persistent [security] vulnerabilities,” according to research conducted by Vulnerability Lab. Vulnerability Lab reported two separate issues in the most recent build of DockerUI, 0.10.0. Although still in beta, it…
Microsoft details changes to the schedule for Office updates
Earlier this week, Microsoft made an official announcement that Office patches — previously released on Patch Tuesday — would henceforth appear in two groups. Non-security patches would released be on the first Tuesday of the month, security patches would appear…
With all eyes on security, talent shortage sends salaries sky high
Jason Hoffman started his career as an internal auditor, but after seven years he was ready to leave the job he was “really good at” and try something different. The transition to security more than 18 years ago “was probably…
Microsoft UWP boosts security for Windows apps
Microsoft’s renewed focus on Universal Windows Platform (UWP) is about more than an improved user experience or an attempt to get additional apps into the Windows Store. UWP moves Windows application development closer to a more secure ecosystem where Windows…
5 dev tools for better code security
5 dev tools for securing your code Image by geralt via pixabay Information security is of paramount importance these days, and there is no better place to start securing systems and data than in the software development process itself. To…
Custom-developed Dripion backdoor used for targeted attacks in Asia, U.S.
A new custom-developed backdoor program has been used in highly targeted attacks against organizations from Taiwan, Japan, South Korea, and the United States over the past year. Malware researchers from Symantec first came across the program, which they’ve named Dripion,…
Security Sessions: How to transition from tech professional to a business leader
Many security pros came up through the career ranks with a solid tech background. But security leadership demands more business acumen and expertise today. Lorna Koppel, Direction of Information Security for Tufts University, has been through this process in her…
CNBC just collected your password and shared it with marketers
CNBC inadvertently exposed peoples’ passwords after it ran an article Tuesday that ironically was intended to promote secure password practices. The story was removed from CNBC’s website shortly after it ran following a flurry of criticism from security experts. Vice’s…
Free Bitdefender tool prevents Locky, other ransomware infections — for now
Antivirus firm Bitdefender has released a free tool that can prevent computers from being infected with some of the most widespread file-encrypting ransomware programs: Locky, TeslaCrypt, and CTB-Locker. The new Bitdefender Anti-Ransomware vaccine is built on the same principle as…
FBI hack may raise questions about iPhone security
The FBI hack of an iPhone 5c running iOS 9 may have left the device just a little bit insecure in the eyes of some users, as the agency has not provided details of how it was able to access…