iOS is the operating system which powers Apple’s iPhone devices, and includes the special version iPadOS which runs on iPads. Apple claims it to be particularly secure, at least partly as a result of the limitations they place on what it is able to run. But regardless of how secure the OS is, apps built for it still need to be written in a secure way. Getting it wrong will leave your customers vulnerable.

BazarLoader (sometimes referred to as BazaLoader) is a popular downloader among criminals, used to distribute multiple malicious payloads including Ryuk and Conti ransomware. According to a recent report by Phishlabs, during Q3 2021 this malware accounted for 24.7% of all attacks, earning the unwelcome accolade of being the most common payload.

ISO/IEC 27001, commonly referred to as ISO 27001, is the most widely adopted international standard for managing data security and information security through an information security management system (ISMS). The standard was first published in 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO 27001:2013 is the latest revision to the standard.

Technology has become an essential part of daily life. From the way we get around to the things we buy, computers are at the forefront of change. This is especially true for vehicles. Vehicle technology has evolved dramatically over recent decades. The latest iteration of vehicle remodelling in the automobile industry is heavily software-focused, from autonomous and connected vehicles to electric vehicles and car-sharing.

Following a series of headline-grabbing ransomware attacks that disrupted critical services in the US, FBI Director Christopher Wray likened the threat posed by ransomware to the September 11 terrorist attacks of 2001. According to Wray, recent attacks against one of the largest oil pipeline operators in the United States and a major meat processing operation may be just a harbinger of what is to come.

Over seven years later, the Heartbleed vulnerability still offers important lessons in application security. Heartbleed is a serious vulnerability discovered in the openssl open source software component in April 2014. This article is a deep dive on Heartbleed and its broader implications for application security.