As just one symptom, 83 percent of the Top 30 U.S. retailers have vulnerabilities which pose an “imminent” cyber-threat, including Amazon, Costco, Kroger and Walmart. 2020 is shaping up to be a banner year for software vulnerabilities, leaving security professionals drowning in a veritable sea of patching, reporting and looming attacks, many of which they […]
The newly published Building Security in Maturity Model provides the software security basics organizations should cover to keep up with their peers. As application security methodology and best practices have evolved over more than a decade, the Building Security in Maturity Model (BSIMM) has been there each year to track how organizations are making progress. BSIMM11, […]
There are growing concerns around the number of businesses vulnerable to cyberattacks due to hackers’ ability to bypass their WAF. Source: 40% of security pros say half of cyberattacks bypass their WAF – Help Net Security Sorry About your WAF – Modern WAF Bypass Techniques Download a Security Risk Assessment Steps paper! Subscribe to DISC […]
There is a considerable demand for data-centric projects, that is why companies have quickly opened their data to their ecosystem through REST or SOAP APIs. Source: API Security and Hackers: What’s the Need? … Download a Security Risk Assessment Checklist paper! Subscribe to DISC InfoSec blog by Email
10 Most Critical API Security Risks [2019] – OWASP Foundation Advanced Web Application Scanning with OWASP Zed Attack Proxy (ZAP) Web Application Security and OWASP – Top 10 Security Flaws Ethical Hacking 101: Web App Penetration Testing Subscribe to DISC InfoSec blog by Email
Most popular programming languages  Subscribe in a reader
To make sure a deleted file can’t be recovered, you’ll need to use a third-party shredding tool. Here’s a look at three such free programs: Eraser, File Shredder, and Freeraser. Source: How to completely and securely delete files in Windows Enter your email address: Delivered by FeedBurner
Better hardware security key support means our post-password future is one step closer to reality. Source: Google’s most secure logon system now works on Firefox and Edge, not just Chrome Subscribe to DISC InfoSec blog by Email
2FA is an important step in preventing your account from being accessed by unauthorized users — here’s how to enable 2FA on your accounts across the web. Source: How to set up two-factor authentication on all your online accounts
When collaborating on a document with several people, leaving comments is an essential part of the process. You can print the document along with comments, but what if you want you print just the comments? You can do that. Source: How to Print Comments Only in Word InfoSec Cheat Sheets
A vulnerability in the update service of the Cisco Webex Meetings Desktop App for Windows could allow elevation of privilege Source: Cisco WebEx Meetings affected by a new elevation of privilege flaw Enter your email address: Delivered by FeedBurner
Follow the guidance in this CIS document to configure Microsoft 365 security settings to the level that suits your organization. Source: Center for Internet Security releases Microsoft 365 benchmarks
Easy Desktop Access to Cloud Files Ditch Email Attachments. With your files in the cloud, you can easily share them with anyone — even if they’re outside your company firewall — with a simple link via email or straight from Box. Keep Everybody on the Same Page. Easily share files and folders, and add, move or edit […]
Top 5 Programming Languages In 2018  Eslam Medhat Programming world is rising exponentially with every passing year. With over 600 unique programming languages. The main question which comes to everyone’s thought is which language is most appropriate given the current and future market needs. Let’s see which programming languages are popular enough today to deserve […]
Personal Banking Apps study has been out,  a security researcher spent about 40 hours testing iPhone and iPad banking applications from the top 60 most influential banks in the world and his findings were totally shocking. 40 of those 60 applications were found to have major mobile security vulnerabilities, which is not something you’d expect […]
CMS Security Handbook: The Comprehensive Guide for WordPress, Joomla, Drupal, and Plone Open Source Software certainly does have the potential to be more secure than its closed source counterpart. But make no mistake, simply being open source is no guarantee of security. Learn how to secure Web sites built on open source CMSs (Content Management […]
Download a Free copy of “Next-Generation Firewalls for Dummies” ebook to find out why traditional firewalls can’t protect your network | Checkout the sample chapter online By Ellen Messmer The traditional port-based enterprise firewall, now looking less like a guard and more like a pit stop for Internet applications racing in through the often open […]
Since 2007, illicit organizations have employed Zeus to launch damaging, highly publicized attacks targeting the login credentials and other personal data associated with millions of computers, thousands of organizations, and uncounted numbers of users and their accounts. Relatively small groups of sophisticated criminal bands based in various nations–particularly in Eastern European countries such as Russia […]
Image via CrunchBase San Francisco (GaeaTimes.com) – Microsoft Office 2010 is the latest version of Microsoft Office productivity suite. The new features of Office 2010 are its extended file compatibility and a refined user interface. Microsoft PowerPoint is one of the most important parts of the Office suite and has many advanced features. But Microsoft […]
