Six Best Practices for Security Testing in the SDLC
Even if an application has been built following security and defensive coding best practices, it will still require significant testing before it's ready for release. Whether this is routine testing for common vulnerabilities or security-focused penetration testing to pick up on the types of problems that often slip through the [...]
Mobile App Leads to Speeding Ticket Email Scam
A clever scam that involves a “free mobility or traffic app” is duping users by tracking their whereabouts and then sending a fake speeding ticket. Police in Pennsylvania detailed a scam that involves a mobile app, which may have been used to target people by sending them legitimate-looking speeding tickets [...]
Two thirds of companies fail to declare data breaches
A poll of 1000 Institute of Directors members in the UK has found that two thirds of the companies who fall victim to a data breach are failing to declare it publicly or report it to the police for fear of reputational damage. Also, only around half of companies have [...]
Spot a Phishing Attack
Smart companies know the best offense against security threats is a strong defense. And what type of defense is the most successful, you ask? Educating Employees! A stunning 91% of data breaches start with employees, making it essential for organizations to educate all employees on the threats [...]
The costs of security bugs and why penetration testing can help
A report accompanied with a rating taxonomy aimed to help researchers and customers to determine appropriate payouts for bugs found by researchers in bug bounty programs has recently been released by Bugcrowd. These tools, especially the Vulnerability Rating Taxonomy (VRT), which details a number of vulnerabilities, classified by severity, are [...]