First organized in 2005, The CA/Browser Forum is a voluntary group of certification authorities (CAs), vendors of internet browser software and suppliers of other applications that use X.509 v.3 digital certificates for SSL/TLS and code signing. In...
September was another huge month for mobile security news. Headlines included new security features for Android devices and the launch of a $12,000 phone.
Google recently introduced new tools for developers to help them create a better web content security policy. Specifically, the initiatives should target cross-site scripting (XSS) vulnerabilities, which Threatpost said are the “cockroach of...
The new Google API allows a network service to obtain a hardware-backed cryptographic guarantee of the identities of a device and the user accessing it.
August saw many shifts in the mobile security landscape, including several new launches, threats and other snippets providing insight into upcoming trends.
WPAD is an easy way to grab proxy information and get browsers online. When it comes to security, however, this protocol doesn't make the grade.
A security researcher discovered that the Qualcomm-made chips at the center of Android encryption can be exploited in a sophisticated attack.
More ad providers are moving to HTML5 to prevent malvertising, but this shift alone isn't enough to deter cybercriminals from their exploits.
AppConfig Community now supports Android for Work, sharing best practices for developers to refer to when configuring and securing Android mobile apps.
When you hire a third party for some IT work, do you really know about their vendor security practices? Google certainly does.