SAFECode recommendations way to assess software security

A set of actionable recommendations released by the Software Assurance Forum for Excellence in Code (SAFECode) provides a framework for organizations to extend risk management strategies to include the security of purchased software.

Style sheet vulnerability allowed attacker to hijack LinkedIn pages

LinkedIn has invited a security researcher to join its private bug bounty programme after he identified a novel exploit involving the site's cascading style sheets (CSS).

Google removes 440k links under 'Right to be Forgotten' ruling

Google has released a report on all the data it has removed from its search results, after the Court of Justice of the European Union ruled last May that users have the 'right to be forgotten'.

Nine percent of HTTPS hosts on the web "share the same private keys"

Stefan Viehböck, senior security consultant at SEC Consult, examined 4000 devices from 70 vendors and found widespread reuse of private keys.

Amazon force-resets passwords

Amazon has suddenly force-reset many of it's customers passwords after a vulnerability scare

Featured: Malware

Hilton Worldwide confirms malware on POS targeted payment card info

Thieves that planted unauthorized malware on some Hilton Worldwide point of sale (POS) systems aimed to glean payment card information in a breach that occurred late in 2014 or mid-2015, the hotel company confirmed Tuesday.

Product Reviews

Rsam GRC Platform

Rsam is undeniably a traditional GRC product but with a few nice twists.

Skybox SecuritySkybox Enterprise Suite

Skybox Enterprise Suite is strongly focused on the risk part of GRC.

SolarWinds Network Configuration Manager

The Network Configuration Manager takes everything that SolarWinds does well and wraps it in a cloak of GRC functionality.

November issue now available


Opinions The Security Vulnerability You Can Prevent

The Security Vulnerability You Can Prevent

The Internet of Things is one of the world's fastest growing technologies. Unfortunately, it is also poised to become the fastest growing source of security vulnerabilities in the enterprise - but it doesn't have to be that way.

Opinions All Talk-Talk and No Action

All Talk-Talk and No Action

The latest cyber attack, a breach compromising the data of up to four million of Talk-Talk's loyal customers, is yet another in a growing line of pernicious cyber attacks against corporate infrastructure.

Opinions How vulnerable is the fingerprint scanner on your phone?

How vulnerable is the fingerprint scanner on your phone?

There are legal issues and technical vulnerabilties aound the use of fingerprint scanners on mobiles, hence, Anthony Neary says, it is vital to have a mix of solutions which enable maximum possible security.

Sign up to our newsletters