Sybase Fixes Nine ASE Flaws

Enterprise software and services company Sybase has again patched holes in its Adaptive Server Enterprise (ASE) product, fixing a handful of database vulnerabilities that could have allowed a hacker to execute code and bypass security parameters on the company’s main database server product.

A CISO’s Guide To Application Security – Part 1: Defining AppSec

Editor’s Note: This post is the first in a multi-part series on Application Security, or “AppSec” prepared by our friends over at application testing firm Veracode. The series will define the components of a sound AppSec program, delineate the growing threats to software, weigh the costs of a data breach, and outline the CISO’s responsibility in managing software security risk. Taken together, they are a primer on AppSec best practices that will help organizations build the business case for further investment in this critical IT security Fergal Glynn, Veracode Inc.

Executives Abroad May Get Owned Before They’re Off The Tarmac

Corporate executives and other high value employees traveling abroad need to be on guard for attempts to compromise their mobile devices, and could even have their mobile phone compromised before they even disembark the plane following their arrival, according to security researcher Justin Morehouse. A thirst for intellectual property and trade secrets, and a bugeoning market of sophisticated mobile surveillance tools means that executives need to begin thinking and acting like spies in order to avoid being spied upon themselves, according to a presentation at the OWASP AppSec DC 2012 conference in Washington DC on Thursday.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.