5 Tips to Break through the Information Security Bubble

by Cigital on Thursday, February 19, 2015

Post written by Caroline Wong, CISSP Security Initiative Director. Step 1: Become your own champion If you have access to a local technology or engineering association at your school or in your community get involved. Many state and private universities offer online courses geared towards these fields, and some even provide more technical tracks for… Read More

MEMSCAN Defined

by Cigital on Wednesday, February 18, 2015

What is MEMSCAN A Cigital consultant – Grant Douglas, recently created a utility called MEMSCAN which enables users to dump the memory contents of a given iPhone app. Dumping the memory contents of a process proves to be a useful technique in identifying keys and credentials in memory. Using the utility, users are able to… Read More

Breach in Heathcare Data: One Step Too Far

by Cigital on Wednesday, February 11, 2015

Post written by Jim Ivers, Vice President. I am a victim. One of every nine of you is also a victim. I am an Anthem customer, and according to CSO: “one in nine Americans have medical coverage through one of Anthem’s affiliated plans” (CSO, “Anthem: How does a breach like this happen?”, Steve Ragan). It… Read More

Striking the Balance: App Security Features and Usability

by Cigital on Monday, February 9, 2015

Post written by Zack Allen, Consultant Last week, I installed a new app from the Google Play store onto an Android device. While the app was downloading and installing, I took a look at a few of the user reviews and found their contents interesting. Four of the top ten comments were both negative and… Read More

The Role of Randomness in Online Gambling

by paco on Monday, February 2, 2015

Cigital has long certified the random number generators (RNGs) for online gaming sites. The role of random numbers in online gaming is simultaneously critical to the game’s integrity and poorly understood by most players. In this article we will take a look at the role of randomness, what certification can and cannot tell you about… Read More

Vulnerabilities Left Unannounced

by Cigital on Monday, January 26, 2015

Post written by William Bengtson, Security Consultant In the fall the headlines were littered with news of the “iCloud Data Breach” which exposed nude photographs of celebrities and potentially left all iCloud accounts vulnerable to exposure. Fingers were pointed and people and/or companies were blamed for the breach, but it all boils down to a… Read More

Medical Device Security: Building It In or Bolting It On?

by Cigital on Monday, January 19, 2015

Post written by Dan Lyon, Senior Consultant Medical device security is making strides, however one area that isn’t being addressed is patching. A webinar I attended described a hospital which performed a reconnaissance of their network and found several hundred Windows XP machines. There was no service pack revision; these machines were running the initial… Read More

5 Security New Year’s Resolutions

by Cigital on Friday, January 9, 2015

Happy 2015! With the dawn of the New Year we are betting you have made some resolutions, like losing weight, getting a promotion, or finally taking the two minutes to delete the unwanted U2 album from your iTunes account, but why not up your security game while you’re at it. Here is a list of… Read More

Page 1 of 2612345...1020...Last »