Application Security News and Articles
Executive summary
In this blog post we list at least 10 open source packages affected by the HTTP/2 'Rapid Reset' vulnerability, disclosed by Cloudflare this week.
The post Top 10 open source projects hit by HTTP/2 ‘Rapid Reset’ ...
Wallarm today announced general availability of the seamless Application and API Security policy integration with MuleSoft AnyPoint Platform. In today’s digital landscape, business and technical leaders must ensure that their Apps and APIs ...
A backdoor deployed on a compromised WordPress website poses as a legitimate plugin to hide its presence.
The post Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin appeared first on SecurityWeek.
Semperis has expanded Forest Druid, its community-driven attack path management tool, to include support for Microsoft Entra ID (formerly Azure AD), saving time for cybersecurity teams in identifying and closing risky attack paths across hybrid ...
Apple has released iOS 16.7.1 and iPadOS 16.7.1 to patch CVE-2023-42824, a kernel vulnerability that has been exploited in attacks.
The post Apple Releases iOS 16 Update to Patch Exploited Vulnerability appeared first on SecurityWeek.
Modern corporate strategies now include cloud computing as a key component because it provides scalable and adaptable solutions for a variety of industries. Microsoft Azure stands out among the major companies in the cloud services market as a ...
Understanding the current ransomware landscape is the first step to helping defenders protect their organizations.
The post Making Sense of the 2023 Ransomware Landscape appeared first on Security Boulevard.
Check Point launched Quantum SASE, integrating technologies from newly acquired Perimeter 81. This integrated offering addresses organizations’ needs for a unified user experience, simplified SASE management, and a fast, secure browsing ...
Most of the time, the terms “secure” and “safe” can be used interchangeably. You’re never going to get hung up on whether a bank tells you’re your money is “secure” or “safe” within its vault. But when it comes to your ...
Author: Anonymous Hacker, as told to Lindsey Watts PREFACE: In our last installment of this series, we were introduced to some dangerous characters one might encounter on darknets. This week, we will finish out that list, looking into both ...
Each year, the costs of data breaches continue to rise, and there haven’t been many signs that this trend will slow down any time soon. In 2014, the average data breach cost companies $3.5 million. Fast forward to 2023, and the number has risen ...
The “contain user” feature select Microsoft Defender for Endpoint customers have been trying out since November 2022 is now available to a wider pool of organizations, Microsoft has announced. The feature aims to help organizations ...
A recently observed phishing campaign targeting Microsoft accounts is using LinkedIn smart links to bypass defenses.
The post LinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft Accounts appeared first on SecurityWeek.
NetWitness has partnered with SDG to deliver comprehensive managed security services for effective threat detection and response capabilities, addressing cyber threats for even the most complex organizations. NetWitness offers organizations an ...
Guest Blogger: Branden Williams | VP, IAM Strategy | Ping Identity This Cybersecurity Awareness Month, join GuidePoint Security for A […]
The post Cybersecurity Awareness Month: The Dark Side of Centralized Personal Identification ...
Industrial routers made by Chinese company Yifan are affected by several critical vulnerabilities that can expose organizations to attacks.
The post Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks appeared first on ...
How much do CISOs make? Survey provides compensation trends for Chief Information Security Officers, but don't take surveys at full face value.
The post CISO Pay Increases Are Slowing – a Look Behind the Figures appeared first on SecurityWeek.
Quantum announced new bundled offerings for organization-wide data protection based on Quantum DXi-Series Backup Appliances. With continued data growth, the increasing value of data, and the constant threat of ransomware, customers must be ...
This is a Guest Blog written by the CyLab-Africa team : Theoneste Byagutangaza, Lena Chacha, Trevor Henry Chiboora, Joel Jefferson Musiime and George McGregor from Approov.
This week, we published a new report: “The Security Challenges of ...
Simpson Manufacturing is experiencing disruptions after taking IT systems offline following a cyberattack.
The post Simpson Manufacturing Takes Systems Offline Following Cyberattack appeared first on SecurityWeek.
