Top 3 biggest mistakes enterprises make in application security
Enterprise information security encompasses a broad set of disciplines and technologies, but at the highest level it can be broken down into three main categories: network security, endpoint security ...
http://www.net-security.org/article.php?id=2362
Apple Patches QuickTime Crash and Code Execution Flaws
Security Awareness for Managers: Protecting Yourself and Your Company
Nowadays, security awareness training (SAT) is a top priority for organizations of any sizes. Thanks to SAT, management and employees can understand IT governance issues and control solutions as well as recognize concerns, understand their relevance and respond accordingly. Many companies invest heavily in cybersecurity education programs for employees to learn how to protect their...
http://resources.infosecinstitute.com/security-awareness-for-managers-protecting-yourself-and-your-company/
WordPress Compromises Behind Spike in Neutrino EK Traffic
APPLE-SA-2015-08-20-1 QuickTime 7.7.8QuickTime 7.7.8 is now available and addresses the following:QuickTimeAvailable for: Windows 7 and Windows VistaImpact: Processing a maliciously crafted file may lead to anunexpected application termination or arbitrary code execution [...]
http://prod.lists.apple.com/archives/security-announce/2015/Aug/msg00004.html
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
http://www.zerodayinitiative.com/advisories/ZDI-15-395/
ZDI-15-396: ManageEngine Service Desk File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine ServiceDesk. Authentication is not required to exploit this vulnerability.
http://www.zerodayinitiative.com/advisories/ZDI-15-396/
Splunk Input Validation Flaw in Splunk Web Lets Remote Conduct Cross-Site Scripting Attacks