Application Security News and Articles
Recent research findings have brought to light a new DLL variant pertaining to search order hijacking techniques. As per recent reports, this dynamic link library variant could potentially be used by threat actors for malicious code execution. ...
For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the bait. Over time, however, ...
In this Help Net Security video, John Morello, CTO of Gutsy, discusses the often-overlooked aspect of cybersecurity – the offboarding process. He outlines the real-world implications and potential impact on an organization’s security ...
Adalanche provides immediate insights into the permissions of users and groups within an Active Directory. It’s an effective open-source tool for visualizing and investigating potential account, machine, or domain takeovers. Additionally, ...
In episode 312, Tom and Scott discuss the implications of a new law in Ohio that may require parental consent for children under 16 using social media, including the pros and cons of this legislation. They also discuss Meta’s new link history ...
In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of cyber risk management strategies and practices, uncovering common mistakes and highlighting key components for successful risk resolution. ...
Cyber threats targeting government organizations have become increasingly sophisticated, posing significant risks to national security, public infrastructure, and sensitive data. These threats are diverse in nature, originating from various ...
The top 10 ransomware groups of 2023 discusses their methods, impact on the global economy and insights into groups like LockBit, BlackCat, and Clop.
The post The Top 10 Ransomware Groups of 2023 appeared first on Security Boulevard.
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access.
Originating from the conference’s events situated at the Anaheim Marriott; and via the ...
Introduction With the recent rise and adoption of artificial intelligence technologies, open-source frameworks such as TensorFlow are prime targets for attackers seeking to conduct software supply chain attacks. Over the last several years, ...
The purpose of PCI DSS is simply to ensure that all companies that accept, process, store or transmit credit card information, are careful to actively maintain a secure environment. The Payment Card Industry Data Security Standard (PCI DSS) was ...
Today’s businesses don’t operate in a vacuum. To maintain high standards of efficiency, supply chains everywhere need products and services from third-party vendors. Maintaining relationships with suppliers is a well-accepted part of keeping ...
What were the top government technology and security blogs in 2023? The metrics tell us what cybersecurity and technology infrastructure topics were most popular.
The post Most Popular Cybersecurity Blogs from 2023 appeared first on Security ...
Execution is a fundamental component of success for any organization. Companies that struggle to execute effectively often face challenges and miss out on opportunities, and I would argue that execution..
The post 3 Things to Ensure your ...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Social engineer reveals effective tricks for real-world intrusions In this Help Net Security interview, Jayson E. Street, Chief Adversarial ...
The U.S. Attorney's office in Delaware charged Olugbenga Lawal with being a major money launderer for a Nigerian-based international criminal organization that specialized in Business Email Compromise (#BEC) and Romance Scam. Lawal was charged ...
In this brief analysis I'll take a look at who's behind GoatRAT in terms of social media activity C&C servers and actual personally identifiable information.
Personally identifiable ...
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access.
Originating from the conference’s events situated at the Anaheim Marriott; and via the ...
Understanding SCA and SAST: A Practical Guide for Real-World Software SecurityContinue reading on Medium »
We’re looking forward to having you join us for our upcoming webinar on January 24th, at 10AM PST/1PM EST. It’s sure to be worth your time if you work in a large SOC or for an MSSP. Titled “Solving the Bi-Directional Sync Problem Once and ...
