Blog

In recent weeks, news broke that Docker registry misconfigurations could have exposed countless organizations to data theft and supply-chain attacks, following a discovery by Palo Alto Networks’ Unit 42 researchers.

On Jan. 8, we learned that a series of vulnerabilities in the popular social media app TikTok left the personal information of its users susceptible to exposure, potentially allowing cybercriminals to manipulate content on user accounts.

With the tensions in Iran escalating over the past few weeks, nation-state cyberattacks have been on the forefront of government agencies’ minds.

Applications are quickly becoming a top target for digital adversaries, as more businesses rely on them to drive their revenue and success.

Mobile app security can be very challenging. It’s an attack surface that is often an easy entry point for hackers to gain access to sensitive information.

For many people, January is primetime to finally install or deploy new technology like home care gadgets they were gifted during the holiday season.

2020 is upon us, and with a new calendar year comes new goals and New Year’s resolutions.

For decades, nation-state attacks have caused serious havoc across the world, primarily targeting critical infrastructure such as power grids and industrial control systems, as well as government agencies, often disrupting operations and leaking sensitive information.

As we head into 2020, application security remains an essential consideration for every organization operating in this digital era.

The trend to outsource a development project or the development function has been growing in recent years, and for some very good reasons.

As 2019 draws to a close and we reflect on our accomplishments and determine how we can improve in the year ahead, it’s become a year-end tradition for us (and extremely valuable) to look back and share the major application security lessons we’ve learned individually as a team.

Out of the 350 popular Android apps reviewed, 70% leak sensitive personal data (2019 WhiteHat Security Stats Report). These online retail, brick-and-mortar retail, finance, insurance and travel apps have privacy risks that expose personally identifiable information (PII).

With the holiday season now in full swing, retail companies have been readying their stores and websites for the influx of holiday shoppers over the next few weeks.

A recent study by Zimperium of the world’s leading travel applications to understand how they manage users’ security and privacy risks reveals that 100% of the iOS apps failed to receive a passing privacy or security grade. 45% of Android apps failed to pass the privacy tests, and 97% failed on security.

While nearly 75 percent of developers worry about the security of their applications, and 85 percent rank security as very important in the coding and development process, nearly half of their teams lack a dedicated security expert.

Whether you’re planning to celebrate Thanksgiving with family, a Friendsgiving with your closest mates or perhaps even a Worksgiving with coworkers this year, the spirit of gratitude has lasting benefits no matter who you’re with or where you are.

It’s that time of year again: the holidays are among us. Soon, millions of us will be on the road and in the air, on our way to visit friends and relatives to celebrate the season (or perhaps to get away from it all).

If you work in the public sector, you’ll notice a familiar pause to your work routine this week, as many offices and schools nationwide are closed briefly in observance of Veteran’s Day.

Each November, National Stress Awareness Day is recognized on the first Wednesday of the month and aims to identify and reduce the stress factors in your life.

This decade has seen an unprecedented number of connected systems and devices, automated delivery systems and increased mobile device usage in the healthcare industry.

October is known for being the “spookiest” of all the months. While there’s always debate on if ghosts, ghouls and witches are real, no one can argue the existence of scary vulnerabilities lurking in the dim corners of the web and on applications.

Artificial intelligence (AI) is a bit of a buzzword, and it has been thrown around quite a bit in the past few years. But many companies are making real game-changing use of it.

The modern-day developer faces an inordinate amount of challenges daily. Between constantly fighting to create the most innovative apps to help their product stand out to working to meet tight deadlines, developers juggle many responsibilities.

October marks the 16th annual National Cyber Security Awareness Month (NCSAM).

A collaborative effort between government and industry, National Cybersecurity Awareness Month (NCSAM) is observed every October in an effort to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to stay safer and more secure online.

Previously, we discussed in part 1 of this blog series, application security issues are becoming the first and foremost cause of security breaches, leading to some real challenges among organizations attempting to achieve DevSecOps.

Whether it was the millions of users left vulnerable by Fortnite, or hackers gaining access to Dunkin’ customer accounts, 2019 has already seen some of the worst data breaches to date.

Recently, there has been a constant upward trajectory in spending on IT security, and there are no signs of that trend abating.

If businesses hadn’t already woken up to the financial clout that’s now in the hands of the world’s data protection regulators, the recent compliance fines in the US and UK have made everyone sit up and take notice.

“The customer is always right,” is the go-to customer service phrase originally coined by Harry Gordon Selfridge in London in the early 20th century.