Despite a big push over the past few years to use encryption to combat security breaches, lack of expertise among developers and overly complex libraries have led to widespread implementation failures in business applications.
Government organizations are struggling when it comes to securing the computer software they use, which could partially explain the large data breaches reported in that sector over the past several years.
In the latest blow to Internet of Things (IoT) security, an analysis of smart home devices has found flaws that could give attackers access to sensitive data or allow them to control door locks and sensors.
The average large global enterprise has about 2,400 unsafe apps on the mobile devices in its environment, according to a new study from mobile security vendor Veracode.
In today's world of agile software development and fast release cycles, developers increasingly rely on third-party libraries and components to get the job done. Since many of those libraries come from long-running, open-source projects, developers often assume they're getting well-written, bug-free code. They're wrong.
Target has named veteran IT executive Bob DeRodes as its CIO and is tasking him with taking the $73 billion retailer in a new technology direction following the mammoth data breach that it disclosed late last year. The breach resulted in information being stolen from 70 million payment card users and prompted the resignation of CIO Beth Jacob.
Microsoft on Monday expanded its $100,000 bounty program, and will accept reports of in-the-wild attacks that demonstrate new techniques of bypassing Windows' anti-exploit technologies.
Hardly a day goes by without a new security threat emerging. Traditional security tools aren't always up to the task of keeping sensitive business information in safe hands. These six innovations will help you stay a step ahead.
Cross-site scripting flaws are the most prevalent vulnerabilities found in Web applications, posing a risk to data and intellectual property, according to a study of thousands of applications by vendor Veracode.
The Lulzsec hacking group continues to cause headaches for IT staffers. On Monday it published data it obtained from servers belonging to the U.S. Senate and Bethesda Softworks, a Rockville, Maryland, game maker.
Security developers are one of the two software sectors most likely to write insecure code, an analysis of applications submitted to code-testing outfit Veracode has found.
The use of third-party code in applications represents a big security risk for companies, according to a study from security vendor Veracode.
Outsourced software is a hotspot for the sort of hidden security problems that leave applications vulnerable, an analysis by code testing outfit Veracode has warned.