Clean Data Alliance launches to promote human controlled data economy
Wednesday, February 11, 2026 by Richard Harris
Clean Data Alliance (CDA) announced its launch as an apolitical 501(c)(6) nonprofit dedicated to creating a digital economy built on Clean Data produced through Data Agency. CDA’s mission is to shift the world from an exploitive data system where personal information is captured without consent and used against people’s interest, to one where Humans share da...
Push for FTC to Investigate Microsoft
Monday, September 22, 2025 by Austin Harris
U.S. Senator Ron Wyden has formally requested the Federal Trade Commission to examine Microsoft for what he describes as significant cybersecurity shortcomings. The request cites repeated security incidents and raises questions about the company’s role in safeguarding critical infrastructure.
Senator highlights cybersecurity risks
In a letter addressed to FT...
Salesforce breach let hackers steal Google customer data
Monday, August 25, 2025 by Richard Harris
In June, one of Google’s corporate Salesforce instances was affected by activity consistent with the UNC6040 campaign described in the post. Google responded by conducting an impact analysis and implementing mitigation steps. The affected instance stored contact information and related notes for small and medium-sized businesses. Investigators confirmed that data ...
Microsoft SharePoint hit by widespread zero-day attacks
Wednesday, July 30, 2025 by Austin Harris
The Cybersecurity and Infrastructure Security Agency (CISA) has reported active exploitation of a newly identified remote code execution (RCE) vulnerability affecting on-premise Microsoft SharePoint servers. The vulnerability, cataloged as CVE-2025-53770, is a variant of the previously known CVE-2025-49706 and presents significant risks to organizations by enabling unau...
Apple lawsuit filed by UK developers
Tuesday, December 10, 2024 by Austin Harris
A leading competition law expert pursuing a class action lawsuit against Apple on behalf of UK app developers has been told his case can go ahead, with the UK’s Competition Appeal Tribunal (CAT) certifying his claim for £785m (just over one billion US dollars) on behalf of UK app developers. Today, the CAT made the collective proceedings order, confirming it...
Vulnerabilities in Apple products alert
Monday, September 30, 2024 by Richard Harris
CERT-In has recently issued Advisory CIAD-2024-0046, highlighting multiple high-severity vulnerabilities in Apple products. The vulnerabilities affect a wide range of Apple software, including iOS versions prior to 18, iPadOS versions prior to 18, macOS Sonoma versions prior to 14.7, macOS Ventura versions prior to 13.7, and the upcoming macOS Sequoia versions prior to ...
Secure software development education report from the Linux Foundation
Wednesday, August 7, 2024 by Richard Harris
Linux Foundation Research and the Open Source Security Foundation (OpenSSF) are pleased to release a new report titled "Secure Software Development Education 2024 Survey: Understanding Current Needs." Based on a survey of nearly 400 software development professionals, the analysis explores the current state of secure software development. It underscores&n...
In game audio ads platform Odeeo sees growth in active users
Wednesday, March 15, 2023 by Austin Harris
Odeeo, the global audio ads in games platform has recorded 300% year-on-year revenue and daily active user (DAU) growth in 2022, and served over a billion ads, with 10B ad opportunities created.
Odeeo connects advertisers to the world's 2.9B mobile gamers. Its record growth is driven by its technical innovation and its timely exploitation of the burgeoning audio ...
Decentralized wallets suggested after Solana hack
Wednesday, August 17, 2022 by Austin Harris
The recent hack on the Solana cryptocurrency wallet has led to a drain of millions of dollars, which raised concerns about the security of the crypto ecosystem. Against this backdrop, the volume of discussions around 'Solana' among Twitter influencers surged in the first week of August as most of them commended the use of decentralized or open source w...
App security testing platform lands from Oxeye
Monday, January 3, 2022 by Austin Harris
Oxeye announced the company’s Cloud-Native Application Security Testing Platform (CNAST). The new platform identifies code vulnerabilities, open-source vulnerabilities, and secrets to highlight the most critical issues in the software development lifecycle, delivering clear guidance for fast and accurate remediation.
App security testing platform CNAST
Accor...
The Senate Resolution to fix app ratings
Monday, December 2, 2019 by Richard Harris
A resolution was introduced by Senator Mike Johnson to recognize the need for an independent app rating review board and for user-friendly parental controls. This is endorsed by the National Center on Sexual Exploitation, a non-partisan nonprofit in Washington D.C.
“Greater transparency and accountability in-app ratings is vital in the modern digital...
Zeroday vulnerability announced byMcAfee at Defcon
Monday, August 19, 2019 by Richard Harris
At DEFCON, McAfee has announced the discovery of a zero-day vulnerability in a commonly used Delta industrial control system.
The vulnerability found in the Delta enteliBUS Manager could allow malicious actors complete control of the operating system, enabling remote manipulation of access control systems, boiler rooms, temperature control for critical systems and mo...
Testing software updates with production traffic
Thursday, July 18, 2019 by Robert Ross
Test and development cycles have significantly changed under the DevOps model. To remain competitive, software developers must continually release new application features. They’re sometimes pushing out code updates as fast as they are writing them. This is a significant change from how software and dev teams traditionally operated. It used to be that teams could ...
Decentralized exchange system launched by Totle
Wednesday, December 26, 2018 by Austin Harris
Totle, a startup backed by TechCrunch founder Michael Arrington's crypto-fund Arrington XRP amongst others, has announced the launch of a first-of-its-kind solution for the fragmented decentralized trading and exchange ecosystem. The Totle Movement platform provides a solution for the lack of liquidity hampering cryptocurrency markets and DApp economies by supportin...
AI for cybersecurity
Tuesday, November 27, 2018 by Richard Harris
As organizations struggle to deal with the growing sophistication of hackers and the influx in data breaches, it's becoming clear that AI could be a critical tool for automatically defending applications from cyber attacks - but there are challenges to overcome. Ivan Novikov, the CEO of AI security company Wallarm, offers some insight below on how AI can be utilized...
Information security event Black Hat USA celebrates 21 years
Tuesday, August 14, 2018 by Austin Harris
Black Hat has highlighted their 2018 event programming and new initiatives that will help make Black Hat USA 2018 its most successful show to date. The event welcomed nearly 19,000 of the most security-savvy professionals across the InfoSec spectrum - spanning academia, world-class researchers, and leaders in the public and private sectors. The event’s robust line...
What American companies can learn from Europe's new GDPR laws
Wednesday, June 13, 2018 by Austin Harris
People around the world have recently started to receive tons of emails from companies updating their privacy policies. Naturally, many ask, why this is happening, and the ones with a deeper understanding of the process mutter a four-letter combination - GDPR. While an astounding part of the US Senate appears to be confused about the concept of Net Neutrality, Europe&rs...
CloudPassage debuts Project Cielo
Monday, May 7, 2018 by Richard Harris
CloudPassage announced the beta release of its newest product built on the Halo platform, (code-name: Project Cielo), which offers complete visibility and insights into the resources in use across all cloud service providers (CSP) accounts and services within a single interface.Currently, CloudPassage's Halo platform, which includes Container Secure and Server Secure, i...
MFiles explains intelligent information management
Tuesday, December 26, 2017 by Richard Harris
M-Files Corporation has announced M-Files 2018, a new product release that represents a step forward in how businesses manage information. M-Files 2018 and the new Intelligent Metadata Layer provide a unified interface that enables users to quickly access documents and other information regardless of the system in which they are stored. In addition, AI in M-Files 2018 e...
Sending out an S.O.S. for SMS
Wednesday, October 4, 2017 by Will LaSala
What a difference a year makes. Just one year after the National Institute of Standards and Technology issued guidance that found SMS is insecure and no longer suitable as a strong authentication mechanism, it has walked all of that back.At the time the original draft was published, it was highly unusual for any US government agency to get out in front of the security i...
Androids failing at double the rate of iPhones
Thursday, September 14, 2017 by Richard Harris
As the two main players in the mobile space, the Android and iOS operating systems are at constant odds with one another for market share and performance. In the second quarter of 2017, Android devices struggled to keep pace with the performance of iPhones. In fact, Android devices had a failure rate worldwide of 25 percent - that is more than double the failure rate of...
The future of cybersecurity in machine learning
Sunday, July 30, 2017 by Richard Harris
McAfee, a cybersecurity company, has announced several new innovations that expand machine learning and automation capabilities to strengthen human-machine teams. Plus, McAfee announces support of OpenDXL.com, a new, independent collaboration portal that offers forums and free apps, giving OpenDXL users easy access to ideas and resources available for application integr...
InnoVault lets you embed endtoend data security encryption to apps
Friday, July 21, 2017 by Richard Harris
Tozny, which has built a secure, privacy-preserving and password-free mobile authentication system, has announced the launch of InnoVault, an easy-to-use toolkit allowing developers to embed end-to-end data security encryption capabilities into their websites, apps, or software. As a result, developers can now raise the level of their data security and privacy managemen...
Metadata can be deadly in cyber exploitation
Tuesday, July 18, 2017 by Austin Harris
When someone says "There's no cause for concern, it's only metadata" you can send them this:Metadata, or “data about data,” is collected and recorded to describe data, identify trends, administer algorithmic solutions, and model potential scenarios. When one understands how to make sense of seemingly random metadata or how to pair the data with other exfiltrated data po...
JavaScript apps get Arxan application protection solution
Friday, February 17, 2017 by Richard Harris
Arxan Technologies, a provider of application protection and management solutions, has announced Arxan Application Protection for JavaScript, a new offering that provides leading protection for JavaScript-based applications, including hybrid iOS and Android apps, in addition to web apps. The comprehensive solution is designed to prevent brand damage, financial loss, IP ...
Capsule8 comes out of stealth to help protect Linux from attacks
Wednesday, February 15, 2017 by Austin Harris
Capsule8 has emerged from stealth mode to unveil its plans for the industry’s first container-aware, real-time threat protection platform designed to protect legacy and next-generation Linux infrastructures from both known and unknown attacks. Founded by experienced hackers John Viega, Dino Dai Zovi and Brandon Edwards, Capsule8 is being built on the real-world experien...
Companies in banking and insurance can use data science to survive
Wednesday, January 4, 2017 by Austin Harris
Editors note: Guest submission by Florian DouetteauOver the course of many centuries, the banking and insurance industries have developed processes, products and infrastructures that have shaped the economic structure of humankind. But now, they are being challenged by industry outsiders who appeared on the world stage a mere couple of decades ago, and some who eme...
Veris Group steps up it's advanced security game with Endgame
Friday, December 16, 2016 by Austin Harris
Endgame has announced that Veris Group's Adaptive Threat Division (ATD), a provider in adversary simulation and detection services, will utilize Endgame's endpoint detection and response platform to enhance detection, response, and threat hunting capabilities to eliminate security threats faster and with greater accuracy for customers.This partnership leverages Endgame'...
Think Your Mobile App is Hack Proof Think Again
Tuesday, September 20, 2016 by Sam Rehman
In today’s mobile app economy, time to market and quality are critical to stay competitive. Developers race against the clock to create amazing apps, and considerable time is spent to test it again and again; agile and automation plays a big part into this. The goal is a release that is user friendly and resilient as defect-free as possible, offering a product that deep...
New Security Report Reveals Increased Threat for Mobile Applications
Sunday, February 21, 2016 by Stuart Parkerson
According to a new cyber security report, mobile applications increasingly have become top security threats plaguing enterprises over the past year. The details are outlined in the recently published Hewlett Packard Enterprise (HPE) Cyber Risk Report 2016.As the company points out in the report, traditional network perimeters are disappearing allowing attack surfaces to...
AppSecUSA Security Conference to Delve Into Application and Cloud Security
Friday, September 11, 2015 by Stuart Parkerson
There is still time to participate in OWASP's 12th Annual AppSecUSA Security Conference designed for developers and security experts focusing on application and cloud security. The conference will be held in San Francisco on September 24-25 and a separate two day training program will be offered September 22-23.Held at the Hyatt Regency San Francisco, more than 40 speak...
How Frightened Should Android Developers Be Of Stagefright
Wednesday, July 29, 2015 by Richard Harris
Stagefright is a new Android vulnerability which was found and announced by Joshua J. Drake, Zimperium zLabs Vice President of Platform Research and Exploitation. Specifically the company says Stagefright is: “…what we believe to be the worst Android vulnerabilities discovered to date.”Here is a rundown according to Zimperium, “These issues in Stagefright code criticall...
Your App is Compromised Thanks to Your Friendly Neighborhood App Hacker
Monday, August 4, 2014 by Stuart Parkerson
The advent of smart devices introduced a brave new world of opportunities for developers who hopped on the train and created mobile apps for iOS, Android and the other app markets. It was and is a great opportunity for developers. Of course humans being human, where an opportunity to make money exists, the more nefarious want to get their hands in the pot. And so, ...
New Regulations to Protect Kids Is Driving Change In the Mobile App Industry
Wednesday, July 23, 2014 by Stuart Parkerson
The European Commission is reporting that Google has agreed to change the way it designates free apps. This is following what the Commission has said have been a large number of complaints in EU countries concerning in-app purchases in online games and in particular, inadvertent purchases by children.According to a recent EU commission announcement, “Google has dec...
