Oracle's new API deals with Java EE security problems

(Image Credit: iStockPhoto/Hramovnick)

Oracle's staff are fully-aware that security in Java EE hasn't been taken as seriously as it should have, but are working to fix these problems in the new Java EE security API (JSR 375) which is a proposal for baking better security into the environment. 

Java's development environment is notorious when it comes to security problems, at...

By Ryan Daws, 06 November 2015, 0 comments. Categories: API, Java, Security.

Risk-based security: Applying more sophisticated risk assessment and mitigation tools


Not all data is created equal. Right there is why organisations are newly focused on risk based security where the crown jewels get more rigorous protection than, say, humdrum, ordinary files.

This is crucial because – as headlines about breaches of important data files at large insurers such as Anthem, large retailers such as Target, and even federal government agencies demonstrate – hackers have gotten very good at their jobs. Understand, for them this is a job. It’s no...

By Ciklum, 30 July 2015, 0 comments. Categories: Hacking, Security.

IoT and the enterprise: What has the industry got to do to kick-start growth?

(c) Melekhin

The analysts and researchers are in agreement; the Internet of Things (IoT) market will become the largest device market in the world. The question is simply when.

Berg Insight argues that in the industrial automation sector, the number of wireless IoT devices will hit 43.5 million by 2020. In the overall market, the numbers are almost frighteningly big: BI...

By James Bourne, 12 June 2015, 0 comments. Categories: Enterprise, IoT, Security.

The privacy implications of the Internet of Things


The term “Internet of Things” refers to the use of the Internet for monitoring, tracking, controlling, and interconnecting everyday objects. For example, home appliances can be connected to the Internet to facilitate household activities. In this context, it is worth mentioning that refrigerators that allow the users to access the Internet are already commercially available.

According to ABI Research, a...

By Daniel Dimov, 04 June 2015, 0 comments. Categories: IoT, Security.

Opinion: In the interest of public security…

(Image Credit: iStockPhoto/Bliznetsov)

It seems that in the aftermath of almost every major catastrophe comes a reaction from government to increase measures to enhance public security. The atrocities of 9/11 resulted in security measures ranging from increased airport checking procedures, to face recognition devices, from random searches of internet content by intelligence officers, to the use of wiretaps and the ability to intercept and read...

By Andrew Hull, 24 March 2015, 0 comments. Categories: Hacking, Industry, Security.

As HTML5 grows, security risks become a bigger issue


As the combination of JavaScript and HTML5 become the defacto software standard for building websites, enterprise-ready solutions or mobile applications, it’s surprising to discover that 99% of the code used and delivered as production-ready code is literally open, and running naked through the woods.

The W3C (World Wide Web Consortium), as of October 2014 officially approved HTML5 as a complete industry standard. But the adoption process started a...

By Carlos Goncalves, 23 January 2015, 1 comment. Categories: HTML5, Languages, Security.

MoonPig's API breach could cost its business

(Image Credit: ©

Security breaches are frequent news, but fixes are often implemented with due haste to prevent data loss and protect customers. Paul Price, a security researcher, alerted MoonPig to a flaw in its API which allowed hackers to see payment information and view addresses. This fault was left unfixed for 17 months, and...

By Ryan Daws, 08 January 2015, 0 comments. Categories: API, Hacking, Security, Testing.

What issues does a Trusted Execution Environment address?

The richness of today’s connected devices such as smartphones, tablets, set-top boxes and televisions is bringing new challenges to service providers wanting to protect their offering against hackers and malware attacks. At the same time, an increasing number of applications are hosting sensitive, personal and confidential information that could have significant consequences if compromised. Such applications require more protection than can be offered by software solutions alone. This is where the...

By Global Platform, 10 December 2014, 0 comments. Categories: Hacking, Mobile, Monetisation, Security.

Bluetooth 4.2 wants to be "the foundation for the IoT"

As I write this article, there is one technology which is providing a constant link between my smartphone and my smartwatch. Bluetooth's Special Interest Group (SIG) has advanced the standard and its capabilities far-beyond what anyone could have imagined at its conception, but it's not finished yet...

As we move into the age where we're criticised for not connecting a device to the internet, the amount of devices connected to one another will grow exponentially. At the same time, we're just as...

By Ryan Daws, 03 December 2014, 1 comment. Categories: Devices, IoT, Security.

Should or shouldn’t Microsoft patch the IE flaw?

Several headlines can be found across the web which are designed to create fear that Windows XP is now unsecure – and rightly so, it is. What isn’t fair are the articles accusing Microsoft of being irresponsible for not releasing a fix despite announcing support will end months in advance.

It also isn’t Windows, Microsoft’s core product, which is at fault for this particular exploit – it’s Internet Explorer. Pointing the blame at the OS is only designed to further damage a...

By Ryan Daws, 29 April 2014, 0 comments. Categories: Security, Windows.