application security

Program code on a monitor

Code Tutorials Spread Application Flaws Far and Wide

In-brief: Researchers at universities in Germany, working with the security firm Trend Micro, discovered more than 100 vulnerabilities in GitHub code repositories simply by looking for re-used code from tutorials and other free code samples. The same method could be harnessed by cyber criminals or other sophisticated attackers to find and exploit vulnerabilities in software applications, the researchers warned.

A researcher for the firm Equus Security warns that Samsung's Tizen mobile operating system is dangerously insecure. (Image courtesy of Samsung.)

Samsung’s Tizen Operating System: a Hacker’s Dream | Motherboard

In-brief: Motherboard reports on an audit of Samsung’s Tizen mobile and IoT operating system that suggests it contains numerous, serious security holes. 

The hack of civil defense sirens in Dallas is just the latest such incident - and likely not the last, security experts say.

Hack of Dallas Sirens Not the First or Last on Emergency Systems, Experts Warn

In-brief: The weekend hack of civil defense sirens in Dallas, Texas is similar to two incidents in Illinois in 2012. The underlying problem? Woeful security for emergency alerting and other civil defense systems in the U.S., according to security experts. 

Twitter accounts belonging to media organizations and prominent personalities (like tennis great Boris Becker) were hacked and hijacked, displaying pro Turkish messages accusing Dutch and German officials of Nazi sympathies. (Image courtesy of Twitter.)

Twitter Hack is latest to underscore Third Party App Risk

In-brief: security experts are warning about the threat posed by third-party applications that tap into prominent social media platforms like Twitter after accounts belonging to media organizations and prominent personalities were hacked and hijacked to display messages accusing Dutch and German officials of Nazi sympathies. 

The FTC announced a $2.2 million settlement with smart TV maker Vizio after the company was caught selling customer viewing information without consent.

TV Maker Vizio Settles with FTC Over Selling Viewer Data

In-brief: Smart TV maker VIZIO agreed to pay $2.2 million to the FTC and the State of New Jersey to settle charges that it collected the viewing history of some 11 million smart televisions without users’ consent. The settlement stems from a 2014 case and requires the company to “prominently disclose and obtain affirmative express consent” for data collection and sharing.