Almost 80% of more than 3,000 software security flaws publicly reported
so far this year have been in Web technologies such as Web servers,
applications, plugins and Web browsers.
That number is about 10% higher than the number of flaws reported in
the same period last year — and nine out of 10 of the flaws were found
in commercial code. Read the full article. [Computerworld]
Almost 80% of more than 3,000 software security flaws publicly reported
so far this year have been in Web technologies such as Web servers,
applications, plugins and Web browsers.
That number is about 10% higher than the number of flaws reported in
the same period last year — and nine out of 10 of the flaws were found
in commercial code. Read the full article. [Computerworld]
Less than a day after reports began surfacing that the Flashback trojan was hitting Mac OS X machines, Apple today released a fix to stop the latest variant of the password-stealing malware. The update closes numerous vulnerabilities in Java 1.6.0_29, including a serious hole that allowed an untrusted Java applet to help spread the malicious code.
A report of a massive ‘privacy breach’ at Facebook reveals, instead, the rickety underpinnings of the modern Internet straining at the demands of new applications.
When the Wall Street Journal broke a story on Monday about a “Privacy Breach” at Facebook, all the elements were in place for a tech-driven earthquake: the world’s largest social network, the privacy of what the Journal described as ‘tens of millions’ of users of Facebook applications (or ‘apps’) including mega hits like Zynga’s Farmville.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
