Application Security News and Articles
Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers.
The post Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach ...
Crunchy Data in collaboration with the Center for Internet Security, announced the publication of the PostgreSQL CIS Benchmark for PostgreSQL 16. Crunchy Data worked with the Defense Information Systems Agency (DISA) to make PostgreSQL the first ...
Additional contributors to this report: Nic Finn, Justin Timothy October proved to be much quieter than expected. Compared to the […]
The post GRIT Ransomware Report: October 2023 appeared first on Security Boulevard.
Author: Baan Alsinawi, CISSP, CCSP, CISM, CGEIT, CASP+ ce, and Managing Director at CISO Global Validating the security of your organization’s sensitive information at a single point in time with an annual risk assessment can be helpful, but ...
In a significant revelation, security experts have uncovered a substantial number of Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers with potential vulnerabilities that could be exploited by malicious actors. These drivers, ...
GitGuardian can now help you check if your (already) hardcoded secrets have not also leaked publicly in code, issues and gists of projects located outside your GitHub organizations.
The post Unveiling public leak checks for hardcoded secrets in ...
In 2014, the cybersecurity community witnessed a critical OpenSSL vulnerability, “Heartbleed,” which changed how the world perceived digital security. It is considered to be among the most serious flaws in internet history. Heartbleed not ...
CISA has put a spotlight on a high-severity Service Location Protocol (SLP) vulnerability. CISA has bumped it up to the Known Exploited Vulnerabilities catalog. Why the fuss? Well, there’s evidence of bad actors actively taking advantage of it ...
Quantum computers capable of breaking currently used encryption algorithms are an inevitability. And since the US, China and Europe are sprinting to win that arms race, we know that day is coming sooner rather than later. Will organizations be ...
Telemetry logs are missing in nearly 42% of the attack cases studied, according to Sophos. In 82% of these cases, cybercriminals disabled or wiped out the telemetry to hide their tracks. Gaps in telemetry decrease much-needed visibility into ...
Written and directed by Kilian Lieb and Max Rainer, Cyberbunker is a Netflix documentary about a group of hackers that enabled the proliferation of dark web forums where illegal materials were bought and sold. Cyberbunker: The Criminal Underworld ...
In this Help Net Security video, Dara Gibson, Senior Cyber Insurance Manager at Optiv, discusses cyber insurance and what we should expect to see in 2024: Ransomware, BEC, and pixel privacy claims will remain at the forefront of cyber insurance ...
AI is dominating the mindshare of IT leaders this year and next, as 72% believe their organization will be using more AI in the next two to three years, according to Snow Software. While AI may be the top priority for IT leaders for the ...
Of the 239 vulnerabilities, 33% (79 out of 239) were associated with authentication, authorization and access control (AAA) — foundational pillars of API security, according to Wallarm. Prioritizing AAA principles Open authentication (OAuth), ...
Show Notes
The post BTS #17 - Protecting The Digital Supply Chain - Yuriy Bulygin appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.
The post BTS #17 – Protecting The Digital Supply Chain – Yuriy ...
Let’s talk about a topic that’s incredibly important for your privacy and data security. In this blog I’m going to talk about why you should opt out of the sharing of CPNI data and why that seemingly simple annual email from your mobile ...
Mastering the Essential Elements of Services-Focused Programming The methodology of programming using tiny, interdependent software units, often simplified to 'Microservices', has seen a marked uptick in usage in recent times. This distinct ...
As we stand on the horizon of another transformative year in cybersecurity, it’s time to peer into the future. We gathered around our crystal ball and forecast events, accelerating trends and looming decisions that will shape our industry. As ...
Many thanks to DEF CON 31 for publishing their terrific DefCon Conference 31 presenters content.
Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada; via the organizations YouTube channel. ...
Like most software companies, you’ll find customer reviews of our product on G2. If you...
The post The G2 Badges We’re Proud of the Most appeared first on Security Boulevard.
