Application Security News and Articles
Zscaler identified 117 vulnerabilities in Microsoft 365’s support for SketchUp files and bypassed initial patches.
The post Microsoft Temporarily Disables SketchUp Support After Discovery of 117 Vulnerabilities appeared first on SecurityWeek.
Action1 announced its latest release. Global enterprises navigating complex environments can now ensure rapid adoption of Action1’s platform within their organization for reduced Mean-Time-To-Remediate (MTTR) while eliminating gaps in their ...
The United States Securities and Exchange Commission (SEC) filed a landmark lawsuit against SolarWinds and its CISO for securities fraud.
The post The SEC and SolarWinds’ CISO: A Wake-Up Call appeared first on Security Boulevard.
European privacy officials have widened a ban on Meta’s “behavioral advertising” practices to most of Europe.
The post European Privacy Officials Widen Ban on Meta’s Behavioral Advertising to Most of Europe appeared first on SecurityWeek.
The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has confirmed. “It is important to note that not all exploited systems ...
Boeing has confirmed that parts of its distribution business were hit by a cyberattack after a ransomware group claimed to have breached the company’s systems.
The post Boeing Confirms Distribution Business Hit by Cyberattack appeared first on ...
Automating the enforcement of least-privilege access brings numerous advantages to companies, encompassing heightened security, heightened operational efficiency, and improved compliance. By automating the process of granting and revoking access, ...
The Associated Press news website experienced an outage that appeared to be consistent with a denial-of-service attack.
The post AP News Site Hit by Apparent Denial-of-Service Attack appeared first on SecurityWeek.
Cisco has released software updates to address 27 vulnerabilities in Cisco ASA, FMC, and FTD software.
The post Cisco Patches 27 Vulnerabilities in Network Security Products appeared first on SecurityWeek.
Kubernetes security has been in the news this week, highlighting the need for a fresh approach to container protection Cybersecurity practitioners operating in cloud environments are increasingly facing complex security challenges. Last ...
MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. MITRE ATT&CK v14 ATT&CK’s goal is to catalog and ...
To build a robust information security strategy, one must understand and apply the core principles of information security. This blog post will delve into the fundamental principles underpinning effective information security principles and ...
Overview Recently, NSFOCUS CERT monitored that Atlassian officially fixed an improper authentication vulnerability in the Atlassian Communication Data Center and Server (CVE-2023-22518). Unauthenticated remote attackers can bypass the ...
Security Information and Event Management (SIEM) tools are indispensable in an organization’s cybersecurity framework. SIEM tools collect, analyze, and correlate log data from various devices and applications across an organization to identify ...
By Tom Cupples, Ed.D., CISSP, CGRC, PMP, CAICO-PI, CAICO-PA, CCP, CCA, Sec+, Net+, Security Controls Assessor & Senior Cybersecurity Trainer at CISO Global, Inc. The Cybersecurity Maturity Model Certification (CMMC) 2.0 is a compliance ...
The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security ...
The global cybersecurity workforce has reached 5.5 million people, an 8.7% increase from 2022, representing 440,000 new jobs, according to ISC2. While this is the highest workforce ever recorded, the report shows that demand is still outpacing ...
Modern security tools continue to improve in their ability to defend organizations’ networks and endpoints against cybercriminals. But the bad actors still occasionally find a way in. Security teams must be able to stop threats and restore ...
In this Help Net Security interview, Kai Roer, CEO at Praxis Security Labs, explores the theoretical underpinnings, practical implications, and the crucial role of human behavior in cybersecurity. Roer explains why a comprehensive understanding ...
The persistent neglect of patching legacy systems is plaguing critical infrastructure and industries. The consequences of such neglect can be damaging to organizations, ranging from costly security vulnerabilities to compliance risk and ...
