Magis Spun Rotating Chair

Grasshoppers, Dead Cow, and Controlled Chaos: What We’re Looking Forward to at Black Hat USA

|
Usually, Black Hat USA is all the rage this time of year when it comes to Las Vegas; however, it seems the excitement about the show has been eclipsed by a grasshopper invasion. I admit, I was puzzled when my colleagues informed me of the news and proceeded to show ... Read More
Veracode Capital One Data Breach Coordinated Vulnerability Disclosure

Capital One Benefits From Responsible Disclosure Program Following Massive Data Breach

Capital One’s data breach may be one for the record books, impacting as many as 106 million U.S. and Canadian credit applicants dating back to as early as 2005. While it’s natural to want to draw parallels to the 2017 Equifax breach, there are a couple of details in this ... Read More
Veracode State of Louisiana 2019 Malware Attacks

State of Louisiana Declares State of Emergency Following Malware Attacks

On Wednesday, Louisiana Governor John Bel Edwards declared a state of emergency following a series of cyberattacks impacting the computer and phone systems of several of the state’s school districts. The declaration, which will remain in place for the entire state until Aug. 21, is out of concern that the ... Read More
Veracode British Airways GDPR Data Breach Fine

British Airways Faces £183m Fine Following Data Breach

The Information Commissioner’s Office (ICO) has handed British Airways what it claims is the biggest penalty – and the first to be made public under new rules – since the General Data Protection Regulation (GDPR) came into play last year. According to the ICO, 500,000 customers had their personal information ... Read More
Veracode Information Security Forum Security Assurance Research

Business-Focused Approach to Security Assurance Is More Evolution Than Revolution

According to a new research report from Information Security Forum (ISF), only 32 percent of its membership is satisfied with their security assurance program – though 80 percent say that they want to take a more business-focused approach to security. Given the ever-evolving threat landscape, security leaders understand that they ... Read More
How Veracode Supports DevSecOps Methodologies With SaaS-based Application Security

How Veracode Supports DevSecOps Methodologies With SaaS-based Application Security

Most legacy applications were not developed with security in mind. However, modern businesses and organizations are continuing to undergo digital transformation in order to pursue new business models and revenue channels, as well as giving their customers or constituents a simplified experience. This often means selecting cloud-based tools and solutions ... Read More
What the AMCA Data Breach Teaches Us About Modern Supply Chain Security

What the AMCA Data Breach Teaches Us About Modern Supply Chain Security

The State of Software Security Volume 9 (SOSS Vol. 9) found that the healthcare industry, with its stringent regulations, received relatively high marks in many of the standard AppSec metrics. According to Veracode scan data, healthcare organizations ranked highest of all industries on OWASP pass rate on latest scan, coming ... Read More
veracode-quest-diagnostics-breach-june-2019

Quest Diagnostics Breached Through Third-Party Billing Collections Vendor

Quest Diagnostics has reported that nearly 12 million patients’ may have been impacted by a breach into American Medical Collection Agency (AMCA), the medical testing company’s third-party billing provider. According to a data breach filing with the Security and Exchange Commission, as many as 11.9 million patients may have had ... Read More
Veracode WhatsApp Vulnerability May 2019

WhatsApp Releases Update Following Breach via Remote Code Execution Vulnerability

On Monday, The Financial Times reported that attackers have been exploiting a buffer overflow vulnerability in the popular messaging service WhatsApp. The vulnerability has been fixed, and updates were released on Friday. WhatsApp, owned by Facebook, is urging both iPhone and Android users to update the app as soon as ... Read More
Veracode App Sec Verizon DBIR 2019

2019 Verizon DBIR Shows Web Applications and Human Error as Top Sources of Breach

According to the 2019 Verizon Data Breach Investigations Report, there was a noticeable shift toward financially motivated crime (80 percent), with 35 percent of all breaches occurring as a result of human error, and approximately one quarter of breaches occurring through web application attacks. These attacks were mostly attributable to ... Read More