This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Template:Application Security News"
From OWASP
| Line 3: | Line 3: | ||
: Comment or "Quote" | : Comment or "Quote" | ||
--> | --> | ||
| + | |||
| + | ; '''Mon ## - [http://www.infoworld.com/article/06/06/26/79520_26NNpcideadline_1.html?source=NLC-SEC2006-06-26 PCI update coming]''' | ||
| + | : "Track data from magnetic strips isn’t necessary to process credit card transactions but is valuable to hackers and identity thieves because it can be used to make counterfeit cards, said Avivah Litan, an analyst at Gartner. The data is often automatically saved by payment applications because developers assumed it was needed. In fact, many merchants may be unaware that their payment applications collect and cache the track data, leaving the data unprotected while giving the merchant a misplaced sense of security, Visa’s Elliott said." | ||
; '''Jun 24 - [http://soasecurityarchitect.com/2006/06/24/discussion-with-jeff-wiliams-ceo-of-aspect-security--about-owasp.aspx SOA Security Architect Interviews OWASP Chair Jeff Williams]''' | ; '''Jun 24 - [http://soasecurityarchitect.com/2006/06/24/discussion-with-jeff-wiliams-ceo-of-aspect-security--about-owasp.aspx SOA Security Architect Interviews OWASP Chair Jeff Williams]''' | ||
| Line 12: | Line 15: | ||
; '''Jun 19 - [http://security.tekrati.com/research/news.asp?id=7293 Analyst research discovers that hackers go for low hanging fruit]''' | ; '''Jun 19 - [http://security.tekrati.com/research/news.asp?id=7293 Analyst research discovers that hackers go for low hanging fruit]''' | ||
: The trend continues - less overall security breaches, and more web related attacks (12%). "Internet-enabled software applications, especially custom applications, present the most common security risk encountered today," said John Andrews, President, Evans Data. "Overall we're witnessing better software security practices early in the software lifecycle, which is positively affecting overall security breaches." | : The trend continues - less overall security breaches, and more web related attacks (12%). "Internet-enabled software applications, especially custom applications, present the most common security risk encountered today," said John Andrews, President, Evans Data. "Overall we're witnessing better software security practices early in the software lifecycle, which is positively affecting overall security breaches." | ||
| − | |||
| − | |||
| − | |||
; [[Application Security News|Older news...]] | ; [[Application Security News|Older news...]] | ||
Revision as of 08:25, 28 June 2006
- Mon ## - PCI update coming
- "Track data from magnetic strips isn’t necessary to process credit card transactions but is valuable to hackers and identity thieves because it can be used to make counterfeit cards, said Avivah Litan, an analyst at Gartner. The data is often automatically saved by payment applications because developers assumed it was needed. In fact, many merchants may be unaware that their payment applications collect and cache the track data, leaving the data unprotected while giving the merchant a misplaced sense of security, Visa’s Elliott said."
- Jun 24 - SOA Security Architect Interviews OWASP Chair Jeff Williams
- SOA Security Architect interviews Jeff Williams on OWASP and SOA security. Jeff answers questions about SOA security, talks about the limitations of SOA appliances, and the future of WS Security and web services. "They think that they are getting 80% protection, but they really aren’t. I think the false sense of security is the most dangerous risk of using these appliances. The same sort of thing applies to using application scanning technologies."
- Jun 23 - Citibank wrestles with XSS
- On the same day that Neosmart makes the ridiculous claim that XSS is not a vulnerability, a hacker has highlighted an XSS flaw in citibank.com and claims dozens more major sites have similar problems. It's not rocket science, but of course it's a vulnerability.
- Jun 19 - Analyst research discovers that hackers go for low hanging fruit
- The trend continues - less overall security breaches, and more web related attacks (12%). "Internet-enabled software applications, especially custom applications, present the most common security risk encountered today," said John Andrews, President, Evans Data. "Overall we're witnessing better software security practices early in the software lifecycle, which is positively affecting overall security breaches."
