Application Security News and Articles
With the ever widening talent gap in cybersecurity and the expanding complexity of the cloud, organizations need an intuitive Security Information and Event Management platform (SIEM) that ensures seamless threat detection, investigation, and ...
At LogRhythm, we’re constantly looking for ways to make the life of a security analyst easier and that is why we are always listening to our customers to prioritize the features that matter. With this LogRhythm NDR release, we enhanced…
The ...
Governance, risk, and compliance (GRC) form the pillars upon which organizations build their operations to ensure security, resilience, and adherence to regulations. However, as IT infrastructure becomes more complex and regulations grow ...
Today it seems like more organizations are asking security teams to do more with less. Less staff and tools mean you need to have effective and well-tuned tools that return results with minimal effort. At LogRhythm, our goal is to…
The post ...
DHS is reportedly investigating the impact of the recent Johnson Controls ransomware attack on its systems and facilities.
The post Johnson Controls Ransomware Attack Could Impact DHS appeared first on SecurityWeek.
Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities (CVE-2023-40044, CVE-2023-42657) in WS_FTP Server, another popular secure file transfer solution. Proof-of-concept ...
Patches are being developed for serious Exim vulnerabilities that could expose many mail servers to attacks.
The post Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks appeared first on SecurityWeek.
McAfee announced new AI protections and enhanced privacy and identity features as part of its latest product lineup. As McAfee continues to move beyond protecting individual devices to protecting people, McAfee’s newest portfolio of products ...
The National Institute of Standards and Technology's new proposed guidelines for integrating software supply chain security into CI/CD pipelines have arrived at an opportune time for security teams, with attacks on the software supply chain ...
Fundamental obligations of the Asia-Pacific Personal Data Protection Act (PDPA) for cybersecurity teams In the information age, the significance of data cannot be overstated, and cybersecurity legislation and standards govern its usage around the ...
CISA has announced the Secure Our World cybersecurity awareness program, targeting both businesses and end users.
The post CISA Kicks Off Cybersecurity Awareness Month With New Program appeared first on SecurityWeek.
In-the-wild exploitation of a critical vulnerability in the TeamCity CI/CD server started shortly after a patch was released by developers.
The post Recently Patched TeamCity Vulnerability Exploited to Hack Servers appeared first on SecurityWeek.
Since July 2023, the Federal Bureau of Investigation (FBI) has noticed a new trend: dual ransomware attacks on the same victim, occurring in close proximity of one another. Dual ransomware attacks Dual ransomware attacks are when against the same ...
Silverfort has released the source code for its lateral movement detection tool LATMA, to help identify and analyze intrusions.
The post Silverfort Open Sources Lateral Movement Detection Tool appeared first on SecurityWeek.
Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by masquerading as a recruiter for Meta — the company behind Facebook, ...
According to Fortinet, ransomware activity has intensified, registering an increase of 13 times compared to the beginning of 2023 in terms of all malware detections. The rise of Ransomware-as-a-Service has primarily driven this surge in ...
GitHub Actions provides a platform for continuous integration and continuous delivery (CI/CD), enabling your build, test, and deployment process automation. It allows you to establish workflows that build and test each pull request in your ...
With Halloween approaching, many are ready for ghosts and costumes. But online, the real threat is from websites masquerading as authentic—but aiming to deceive. Spoofed websites are insidious duplicates of genuine sites, aiming to trick users ...
FraudGPT is the evil counterpart to ChatGPT. Criminals use it to target businesses with phishing emails and scams with speed and accuracy like never before. The AI can be prompted to create the most realistic phishing emails, perfected down to a ...
In this episode, we explore the growing trend of AI surveillance in corporations, where cutting-edge technology is used to monitor employees, optimize productivity, and raise ethical concerns. Next, we uncover a disturbing Instagram scam that ...
