Monthly Archives: March 2016

­

Mobile App Leads to Speeding Ticket Email Scam

A clever scam that involves a “free mobility or traffic app” is duping users by tracking their whereabouts and then sending a fake speeding ticket. Police in Pennsylvania detailed a scam that involves a mobile app, which may have been used to target people by sending them legitimate-looking speeding tickets via email. The app includes

Two thirds of companies fail to declare data breaches

A poll of 1000 Institute of Directors members in the UK has found that two thirds of the companies who fall victim to a data breach are failing to declare it publicly or report it to the police for fear of reputational damage. Also, only around half of companies have a solid cyber security strategy

March 24th, 2016|Cyber Crime|

Spot a Phishing Attack

  Smart companies know the best offense against security threats is a strong defense. And what type of defense is the most successful, you ask? Educating Employees! A stunning 91% of data breaches start with employees, making it essential for organizations to educate all employees on the threats associated with today's online world.

The costs of security bugs and why penetration testing can help

A report accompanied with a rating taxonomy aimed to help researchers and customers to determine appropriate payouts for bugs found by researchers in bug bounty programs has recently been released by Bugcrowd. These tools, especially the Vulnerability Rating Taxonomy (VRT), which details a number of vulnerabilities, classified by severity, are not only useful in the

March 17th, 2016|Web Application Security|

A Simple Explanation of Cross Site Scripting

Cross-site scripting (XSS) is a security vulnerability allowing a user to alter the code that an application delivers to a user which is executed in the user’s web browser. It is most commonly found in web applications affecting the user's browser, but also possible in other applications with embedded web content, such as an interactive