OWASP



[img_assist|nid=10958|title=Justin Morehouse|desc=|link=none|align=right|width=100|height=100]Corporate executives and other high value employees traveling abroad need to be on guard for attempts to compromise their mobile devices, and could even have their mobile phone compromised before they even disembark the plane following their arrival, according to security researcher Justin Morehouse. A thirst for intellectual property and trade secrets, and a bugeoning market of sophisticated mobile surveillance tools means that executives need to begin thinking and acting like spies in order to avoid being spied upon themselves, according to a presentation at the OWASP AppSec DC 2012 conference in Washington DC on Thursday.

[img_assist|nid=7438|title=|desc=|link=none|align=left|width=64|height=64]The storm clouds over mobile security continued to gather this week with news of a new browser exploits for Android and a URL attack for iPhones, while OWASP’s AppSec conference in D.C. provided an update on Uncle Sam’s security priorities. Read on for Threatpost’s security Week in Review.

WASHINGTON–Despite its reputation for secrecy and technical expertise, the National Security Agency doesn’t have a set of secret coding practices or testing methods that magically make their applications and systems bulletproof. In fact, one of the agency’s top technical experts said that virtually all of the methods the NSA uses for development and information assurance are publicly known.

In this video from the OWASP AppSec Research conference, Gustav Rydstedt from Stanford University, discusses frame-busting and clickjacking vulnerabilities on popular Web sites.

[img_assist|nid=4397|title=|desc=|link=none|align=right|width=100|height=100]The non-profit Open Web Application Security Project (OWASP) has released its latest list of top 10 web application security risks. Read the release statment. [OWASP.org]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.