Researchers: SAP Point-of-Sale systems vulnerable to attack

There are many ways hackers can exploit vulnerabilities to get the information they want. Flaws in Point-of-Sale (PoS) systems is on this list, and ERPScan researchers recently found that PoS software distributed by German vendor SAP is missing crucial checks that leave it vulnerable to unauthorized access and modification. A video demonstration by the research team shows a … continue reading

SD Times GitHub project of the week: Awesome Hacking

When we hear the word hacker today, our minds often wander. We end up picturing a creepy person in dark clothing, in a dark room, maliciously gaining unauthorized access to systems in corporations and governments. While hacker is synonymous with “criminal” or “bad-guy/girl,” there are all kind of hackers in the hacker community. A trending GitHub … continue reading

Have I been Pwned? PyTorch v0.2.0, and new vulnerability data from Netsparker — SD Times news digest: August 7, 2017

Troy Hunt, a Microsoft regional director and security guru, released 320 million freely downloadable “Pwned Passwords” to shed light on how many real-world passwords have been exposed in data breaches. The service was created after NIST released guidance recommending that user-provided passwords be checked against existing data breaches. “My hope is that an easily accessible … continue reading

Apollo Server 1.0, GitHub’s Internet Bug Bounty donation, and the Google Cloud Platform — SD Times news digest: July 21, 2017

A new GraphQL server is now available for all Node.js frameworks. Apollo Server is a open-source GraphQL server that is community-maintained and works across: Express, Connect, Hapi, Joa, AWS Lambda, Restify and Micro. The Apollo team announced version 1.0 of the server this week. It is built for the community, for simplicity and for performance. … continue reading

Distil introduces API security solution to defend against bots

Distil Networks is protecting the web from malicious bots with its newly announced Bot Defense for API solution. Bot Defense is designed to prevent malicious bots from accessing the API servers powering public-facing websites and mobile apps. “While usage of APIs to drive web and mobile apps is exploding, the security of those APIs remains … continue reading

Digital Experience: All eyes on cybersecurity solutions

New York’s plan to ramp up cybersecurity fit in with the overall tone of last night’s Pepcom Digital Experience event, held at the Metropolitan Pavilion in the city, proving that businesses are innovating on all security fronts. Whether it’s a device to protect hackers from getting into your devices, or it’s software to safeguard your … continue reading

Check Point discovers new attack vector through media player subtitles

Malicious hackers will find any way to deliver a cyberattack. This week, Check Point Software researchers discovered a new method for perpetrators, one which is threatening millions of users: Attacking by subtitles. According to Check Point’s research, the new possible attack vector delivers the cyberattack through movie subtitles that are loaded by the user’s media … continue reading

What is the WannaCry ransomware, and why should organizations be concerned?

There’s a new ransomware attack that has affected several organizations globally, and although it’s slow-moving, security experts are urging companies to keep their antivirus programs up-to-date, as well as their software. The ransomware — dubbed WannaCry (WanaCrypt0r 2.0/WCry) — has hit Britain’s National Health Service, some of Spain’s big companies, and has spread across Russia, … continue reading

MIT CSAIL’s WiGait, Check Point discovers OSX/Dok malware, and Apple suggests self-driving changes to Calif. DMV — SD Times news digest: May 1, 2017

Researchers from MIT CSAIL have been working on a system called WiGait, which accurately monitors walking speed in a way that is both continuous and unobtrusive. The researchers’ paper presented the device, saying it measures the walking speed of multiple people, with 95 to 99 percent accuracy using wireless signals. Professor Dina Katabi at MIT’s CSAIL says … continue reading

Black Duck audit highlights risk of open-source security vulnerabilities

Black Duck, a company that serves up information about the latest security vulnerabilities on open source components, released its 2017 Open Source Security and Risk Analysis (OSSRA) today. The OSSRA revealed significant risks related to open-source vulnerabilities and license-compliance challenges, as well as high levels of risk in the retail and ecommerce industry. According to … continue reading

man on a computer

Free learning resources and tools for security savvy developers

Developers will never be responsible for all of security in an organization, but if they keep up with best practices, resources, and find new ways to secure and deliver good code, they could play a key role in developing resilient software. Today, most firms have a software security group (or SSG) or a product security … continue reading

Senate lawmaker asks FTC for answers on recent children’s IoT breaches

Recent data breaches involving children’s Internet-connected toys pushed U.S. Sen. Bill Nelson to write a letter to the Federal Trade Commission (FTC), detailing what steps it’s taken to protect the personal data of the children using such toys. This isn’t the first letter Nelson, a Democrat from Florida, has written in response to security breaches. … continue reading

Next Page »
HTML Snippets Powered By : XYZScripts.com