application security

Dev Ops Secrets are a major source of breaches, including the recent hack of Uber. We speak with Elizabeth Lawler of CyberArk about it.

Podcast: Uber Breach Puts Focus on Securing DevOps Secrets

The hack of Uber and the loss of information on 57 million customers is just the latest security incident stemming from what our guest Elizabeth Lawler calls “DevOps secrets” – valuable credentials, APIs and other sensitive information that often end up exposed to the public as a result of lax continuous development operations. In this Spotlight Edition* of The Security Ledger Podcast, sponsored by CyberArk, we talk with Elizabeth about how to contain DevOps secrets and secure the secret super user lurking in modern organizations: highly privileged application code.  Podcast: Play in new window | DownloadSubscribe: Android | RSS

Furby Connect - just one of many insecure, connected toys for sale this holiday season.

Surveillance Under The Tree: Connected Device Audit Turns up Sensors, Security Holes

Sensors and security holes are common companions on a range of connected toys and consumer devices available to consumers this holiday season. 

Cisco said that it discovered a slew of new flaws in Foscam's indoor IP cameras that could expose the devices to remote attacks.

Cisco Talos finds More Flaws in Foscam Cameras

Cisco Systems is warning the public about a range of new vulnerabilities it has discovered in IP cameras from the firm Foscam, a popular maker of commercial and consumer surveillance cameras, the second trove of software security holes uncovered since June. 

A Security Ledger and LogMeIn survey of device makers finds concerns about security - but a tendency to leave low hanging fruit unpicked.

Survey finds Device Makers Security Priorities Often Misplaced

Low-hanging Internet of Things security fruit may be left unpicked, as connected device makers fret about the predation of sophisticated hackers, but balk at simple security fixes, a Security Ledger and LogMeIn survey finds. You can download the full report here.

UPDATED: Is this Cyber War? Ransomware Attack Hits Banks, Transport, Government in Ukraine

UPDATED: Is this Cyber War? Ransomware Attack Hits Banks, Transport, Government in Ukraine

Fast spreading ransomware dubbed Petya has crippled parts of Ukraine and hit companies in The Netherlands, France, Russia and Spain. It appears to be spreading using a combination of software exploit and stolen passwords.