Application security and coding requirements news, help and research

News : Application security and coding requirements

October 13, 2021 13 Oct'21
Microsoft warns of MysterySnail on October Patch Tuesday

Microsoft has fixed a zero-day that is being actively exploited to deliver a new remote access trojan dubbed MysterySnail to targets
October 08, 2021 08 Oct'21
Craft beer specialist Brewdog fixes serious app vulnerability

Vulnerability in brewer’s mobile app could have resulted in serious consequences for its shareholders and customers
October 05, 2021 05 Oct'21
New Python-based ransomware attacks unfold in record time

Sophos researchers detail a new variety of Python-based ransomware attack targeting VMware ESXi-hosted VMs
September 30, 2021 30 Sep'21
Team leaders urged to address developer mental health

The pandemic led to many developers working from home, and many have experienced burnout

Bridging the gender gap in cyber security

Some professional groups and companies in Asia are working hard to improve awareness of the cyber security profession and mentoring talented women in a bid to bridge the gender gap Continue Reading
Considerations when deciding on a new SIEM or SOAR tool

A successful deployment of any security tool very much depends on the maturity of security processes in the organisation Continue Reading
Five ways to ensure remote working security and compliance

A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security Continue Reading

Please protect us from our own stupidity

It seems like the simplest thing. Compose an email message and then CC colleagues. But,due to a Ministry of Defence blunder, this simple action, built into pretty much every piece of email client ... Continue Reading
Making sense of the UK Cybersecurity Sector

The UK cybersecurity industry is heavily concentrated. Only 150 suppliers, employing 2/3rd of the work force are large enough to provide realistic in-house work experience for trainees/apprentices. ... Continue Reading
How To Save IT From Drowning In Its Own Self-Containerised World (and other stories)

Anyone out there right now could be more than excused for thinking we're drowning in security start-ups; too many "me too" vendors trying to resolve the same perceived problems - niche or broad. ... Continue Reading

No easy fix for vulnerability exploitation, so be prepared

Vulnerability management and disclosure is a tricky business with ethical and business ramifications for software vendors, CISOs and ethical hackers alike – and CISOs sit right in the middle of this Continue Reading
Doing the right thing: How CISOs should approach responsible disclosure

Owen Wright, responsible for penetration testing and adversary simulation at Context, part of Accenture Security, advises how CISOs should approach responsible disclosure Continue Reading
Security Think Tank: Responsible vulnerability disclosure is a joint effort

By working hand-in-hand, developers and security researchers can both play a vital role in ensuring newly-discovered vulnerabilities are addressed appropriately, writes Paddy Francis of Airbus CyberSecurity Continue Reading

CW500 Interview: Jonathan Moreira, CTO of PrimaryBid.com

In this CW500 video, Jonathan Moreira, CTO of PrimaryBid.com, gives a fintech startup’s perspective on the security challenges small businesses can face when adopting new technologies.
Lauri Love: how reformed hackers halted the WannaCry virus

Lauri Love presents a compelling story of the WannaCry malware that nearly brought down the NHS, and the behind the scenes work of former hackers, and security researchers that helped to prevent lives being lost. Love is facing extradition to the US after allegedly taking part in a hacking protest over the death of internet pioneer Aaron Swartz, who faced jail for using a hidden computer to downloading academic journals at MIT.
Screencast: Employ the FOCA tool as a metadata extractor

Mike McLaughlin demos the FOCA tool as a metadata extractor to expose the 'hidden' data users often post on their own websites.