Application Security News and Articles
CVE-2023-4966, aka “Citrix Bleed”, a critical information disclosure vulnerability affecting Citrix NetScaler ADC/Gateway devices, is being massively exploited by threat actors. According to security researcher Kevin Beaumont’s ...
Cybersecurity breaches have become the horror stories of the digital age Whispered among tech circles and sending shivers down the spines of IT professionals, this Halloween, we’re delving into the archives to look at ten true tales of ...
Are whistleblowers traitors to the company, a danger to corporate brand image, and a form of insider threat? Or are they an early warning safety valve that can be used to strengthen cybersecurity and compliance?
The post Whistleblowers: Should ...
President Joe Biden on Monday will sign a sweeping executive order to guide the development of artificial intelligence — requiring industry to develop safety and security standards, and introducing new consumer protections.
The post Biden Wants ...
CISA launched a new version of Logging Made Easy (LME), a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. CISA’s version reimagines technology developed by the United ...
As the holiday festivities draw closer, we start to make plans to see the family. Whether you’re a host or a guest, millions will soon gather to catch up, tell stories, watch football, and break bread. Some of us can’t wait, while others are ...
Google has expanded its bug bounty program, aka Vulnerability Rewards Program (VRP), to cover threats that could arise from Google’s generative AI systems. Google’s AI bug bounty program Following the voluntary commitment to the ...
At some point in the movie “Groundhog Day,” Phil Connors breaks his bedside radio when he is woken up (yet again) by the song “I Got You Babe”. This déjà vu seems to await companies that fall victim to ransomware and fail to orchestrate ...
As artificial intelligence amplifies the sophistication and reach of phishing, vishing, and smishing attacks, understanding and managing human cyber risks has become increasingly vital. Security awareness training is essential and must be a live, ...
Generative AI has emerged as a powerful tool, heralded for its potential but also scrutinized for its implications. Enterprises will invest nearly $16 billion worldwide on GenAI solutions in 2023, according to IDC. In this Help Net Security ...
More than one-third of companies still do not have a well-rounded, holistic ransomware strategy in place, according to Zerto. Immediate recovery crucial for businesses’ survival The survey also found that companies are reevaluating their ...
85% of small business leaders say they are ready to respond to a cyber incident despite a record-high 73% reporting an attack in 2023, according to Identity Theft Resource Center. Employee and consumer data continue to be the most impacted ...
Did you know that your mobile phone provider can give data like phone numbers you’ve called and received, the time and date of those calls, and even your location data to their parent companies, affiliates, and agents? In this episode we show ...
The rapid proliferation of Internet of Things (IoT) devices has ushered in a new era of connectivity and convenience, transforming the way we live and work. However, this interconnectivity has also given rise to a host of cybersecurity challenges ...
Windows operating systems and software are complex pieces of software with millions of lines of code. This means that there are many potential vulnerabilities, or flaws, that can be exploited by attackers. Attackers can use vulnerabilities to ...
Enhanced Discovery and Resolution, or more commonly known as XDR, serves as a revolutionary model in cybersecurity. It works by combining multiple security apparatuses into a solitary system, thus uplifting the ability for threat detections and ...
Many thanks to DEF CON 31 for publishing their terrific DefCon Conference 31 presenters content.
Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada; via the organizations YouTube channel. ...
Organizations are twice as likely to get breached through compromised credentials than any other threat vector. Compromised credentials are when credentials, such as usernames and passwords, are exposed to unauthorized entities. When lost, ...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: GOAD: Vulnerable Active Directory environment for practicing attack techniques Game of Active Directory (GOAD) is a free pentesting lab. It ...
Gaining Insight: Decoding MDR's Functions As we navigate the continually evolving cybersecurity landscape, Managed Detection and Response (MDR) surfaces as a game-changing strategy. But, what does MDR truly signify? In its purest form, MDR ...
