On Prime Day, more U.S. households became Prime members than any other single day in Amazon's history, and the company likely generated more than $1 billion in sales during the 30-hour period that started at 9 p.m. Eastern Time on July 10.
At some major banks, you no longer need to have your debit card in hand to use the ATM. But that won't necessarily protect you from fraudsters.
The average Web application has slightly fewer flaws, but more than half continue to remain vulnerable 365 days a year, according to data from Web security firm WhiteHat Security.
Researchers have found that the latest SQLi hits to some organizations have come by way of a new hacking tool that has made it easier than ever for attackers to wage these exploits: via their smartphones.
Organizations made some improvements to their security posture last year, but only marginally, as the average time-to-fix is still too high and remediation rates are too low, according to the 12th annual application security statistics report from WhiteHat Security.
Does the DevSecOps approach make a difference when it comes to improving application security? According to this year’s 12th annual WhiteHat Security “Application Security Statistics Report,” it certainly does.
Despite the number of vulnerabilities found in a single Web application falling by 25% in 2016 over the previous year, the number of exploitable flaws remains too high, according to WhiteHat Security's 12th Annual Application Security Statistics Report released today.
Cross-site scripting (XSS), which occurs when cybercriminals insert malicious code into webpages to steal data or facilitate phishing scams, has been around almost since the dawn of the web itself.
Lack of resources is the biggest barrier for small businesses’ cybersecurity. So it’s not surprising that the U.S. Congress wants to help by making resources available. New legislation intends to help small businesses strengthen their security. But industry practitioners are skeptical about its impact.
The strain of malicious code, dubbed Petya (and often referred to as Petrwrap, and Notpetya) was first spotted encrypting computers in Ukraine last week before reportedly infecting systems in Spain, Germany, Israel, the UK, Netherlands and the US.
NotPetya, as this new threat was dubbed, is definitely made to look like Petya, and uses some of its code, but has its own specific characteristics.
A virulent new strain of ransomware named Petya wreaked havoc on some of the most-established companies in Europe and North America on Tuesday, capitalizing on the same vulnerabilities that froze hundreds of thousands of computers a month ago.
With a skimmer and Bluetooth technology, crooks can intercept payment transaction details.
While tech skills are a must, successful DevOps engineers also possess the ability to collaborate, multi-task, and always put the customer first.
Here are 9 security certifications that can move your cybersecurity career ahead.
Know your risk, then look to use cases to understand what a security product actually does before you invest in anything.
In this age of destructive and fast-spreading malware, companies are giving whitelisting a second look -- and with cloud-based, peer-to-peer whitelists and reputation scoring, the technology now has a chance to be widely adopted.
Despite Microsoft rolling out a patch for a vulnerability almost two months prior, some companies hadn’t implemented the patch because they still needed to test it in their environment. But that lag is what left the UK’s National Health Service open to attack.
Behavioral analytics and A.I, among other technologies, are needed for better corporate defenses.
The first sign of trouble was a call from Brooke Frizzell's bank: Had her husband, Craig, just called in claiming to have forgotten his account password?
Employees booting up computers at work Monday could see red as they discover they're victims of a global "ransomware" cyberattack that has created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear.
The speed of wire and electronic transfers makes bank and brokerage accounts a more appealing target, especially as security advances in other areas — like chip and pin technology on debit and credit cards.
My team in the Threat Research Center at WhiteHat Security specializes in mobile application business logic assessments, which is a hands-on penetration test of both mobile client-side apps and the business logic that can be used to circumvent the security built into the program.
Transparency is everything; privacy is next to impossible.
Belfast is set to deliver the definitive master class in how “not to get hacked” next week when the city hosts two major cyber security conferences which will include insights from a former spy agency boss, some of the world’s top online security entrepreneurs and international professional hackers.
Can a deleted app keep on tracking you, even if the app is off the phone? The unsatisfying answer: Yes and no.
The U.S. House of Representatives voted Tuesday to overturn rules scheduled to go into effect later this year that would have banned internet service providers such as Comcast, Time Warner Cable and Verizon from tracking user online activities and reselling the data without consumers first opting-in.
Getting ahead in life involves doing the right things day in and day out.
Many of these VPN apps could actually be sabotaging your security and privacy. A recent study by U.S. and Australian researchers found that many Android VPN apps were potentially malicious, let third parties spy on "secure" transmissions, tracked users or just plain didn't work.
Sun Tzu’s counsel to ‘Know thy enemy’ is a staple of cyber-security advisories, yet it’s only recently that security practitioners have been able to flesh out our knowledge of hackers as human entities.
Another busy week in the channel with movement across all tiers as vendors distributors and resellers bring on some fresh talent to help drive growth.
Matt Gangwer, CTO of Rook Security and Ryan O'Leary, VP of Threat Research Center and Tech Support at WhiteHat Security join CSO Online's Steve Ragan to talk about the evolution of ransomware, and what companies need to do to combat it.