Heartbleed Potentially Effects All Security Products, Not Just Websites
April 14, 2014
By Brian Monkman

Unless you have been off the grid for the last few days you have undoubtedly heard about the OpenSSL vulnerability known as the Heartbleed (http://heartbleed.com) bug.  Heartbleed is a vulnerability that allows "anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software."

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
ICSA Labs Enters Into Agreement with CCHIT for EHR Testing, Certification
January 29, 2014
By Carlos Arcila

Terms: CCHIT, HIT, ICSA Labs, ONC, EHR

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
Coffee for Smartphone Users. Is It Enough to Awaken Us?
January 20, 2014
By Jack Walsh

It’s been reported in the news that the Starbuck’s payment app saves usernames, passwords and location data in plain text right on consumer’s smartphones. Any devious person with a little know-how can get access to this information and use it to get one caffeine fix after another ad infinitum.

Of course this is not good news. But it is more than that.  This should be a wake-up call – not just for those of us who like to pay for coffee with our smartphones.

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
Cryptolocker
November 21, 2013
By Roger Thompson

One of my friends recently received an alert from her sheriff’s office, warning her about something called Cryptolocker. The language in the alert was quite alarming, and she wanted my opinion.

I told her that Cryptolocker was indeed real and is the criminal’s monetization scheme-du-jour. While it is a real pain if you got nailed by it, basic security practices would keep you perfectly safe.

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
Ad Networks and Smartphones
October 7, 2013
By Jack Walsh

Free mobile apps often come chock full of ads.  And it’s not just the free apps.  A surprising number of paid apps come with ads as well.  App developers typically link in one or more advertising network to monetize their otherwise inexpensive mobile apps.

Users are relatively tolerant of mobile app advertising.  That is until a mobile ad network in a seemingly benign mobile app distributes malware or exfiltrates sensitive user information without the user’s knowledge or consent.

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
Mobile App Development Concerns Echoed
August 28, 2013
By Jack Walsh

When speaking at conferences or to prospective customers about why there is a need to independently test an enterprise’s custom-made mobile apps, I begin by framing the problem.  I explain that one of the primary issues concerning mobile apps is that they are developed by companies with a limited amount of experience as opposed to by large, well-known companies with a lengthy software development history.

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
Personal Information at Stake in Enterprise Mobile Apps
August 22, 2013
By Jack Walsh

There have been several reports this year indicating that many popular, free apps and a surprising number of the most popular paid apps – either Android or iOS – are not good at safeguarding sensitive information.  From contacts to calendars, an amazingly high percentage of app developers don’t seem concerned with protecting your sensitive information. 

Even so, there are apps that accidentally, spectacularly, and unexpectedly transmit your sensitive information. Take Tumblr (now part of Yahoo!) for example.

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
The Age Of Enterprise Malware (A.k.a APT vs AFT)
August 12, 2013
By Roger Thompson

In 2013, most people understand that the acronym APT stands for Advanced Persistent Threat, but I’m coining a new one … AFT, which stands for Another… uh … Freaking Trojan, and I suggest that all malware now falls into one of these two categories.

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
An Android Master Key Solution...But
July 24, 2013
By Jack Walsh

Last week I blogged about the “Android Master Key” vulnerability.  Not long after its discovery by Bluebox, the Chinese firm Android Security Squad found a similar Android Master Key vulnerability.  Both vulnerabilities permit adversaries to circumvent the Android app signature verification process after modifying any app.

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
Almost a Billion Vulnerable Android Devices
July 16, 2013
By Jack Walsh

Researchers at Bluebox, a new mobile security company, recently found a serious vulnerability affecting almost every version of Android. Vulnerable Android versions include all recent versions as well as those dating back to version 1.6 (code name: Donut) that was released in September 2009.

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.