Application Security News and Articles
Victoria's Secret took down its U.S. website this week after an unspecified security incident that cybersecurity experts believe is related to similar attacks on UK retailers earlier this month by the high-profile threat group Scattered Spider, ...
Stay updated on the latest in application security with the OWASP Top 10 vulnerabilities.
The post The OWASP Top 10 Vulnerabilities appeared first on Security Boulevard.
As AI agents take on more autonomous roles across the web, the Model Context Protocol (MCP) emerges as a promising, but risky, foundation for enabling secure, structured, and intent-aware interactions at scale.
The post What Is MCP? The New ...
CISA and ASD’s new SIEM & SOAR guidance reveals challenges with playbook maintenance and paves the way for autonomous SOC automation.
The post CISA’s New SOAR Guidance Shows Where Automation Must Go Next appeared first on D3 ...
The accelerated adoption of software as a service (SaaS) has fundamentally changed software consumption patterns, but it has also introduced a significant concentration of risk across enterprise environments and global critical ...
AttackIQ has released a new assessment template that contains a curated list of Tools and Malware samples associated with Scattered Spider to help defenders improve their security posture against this sophisticated and persistent threat.
The ...
Author/Presenter: Aldo Salas
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and ...
IntroductionLogonBox is pleased to announce the immediate availability of LogonBox SSPR 2.4.12.This release includes performance improvements for large user counts, disabled account license changes, and retries for cloud-delivered OTP messages. ...
A survey of 625 IT and IT security professionals in the U.S. published today finds only half (50%) consider the investments made in identity and access management (IAM) tools to be effective. Conducted by the Ponemon Institute on behalf of ...
One of the most talked-about developments in cybersecurity this month is Zscaler’s acquisition of Red Canary, a move that highlights a larger industry trend: the growing demand for unified, automated security platforms that accelerate threat ...
Traditional PKI often creates security and agility bottlenecks due to manual processes and poor integration. As enterprises adopt cloud, DevOps, and Zero Trust, automated and scalable certificate management becomes essential. Modern PKI solutions ...
The world has a long history of hiding messages in plain sight. My own crude attempts as a kid included hours spent inserting code words and number sequences into notes and messages to avoid detection by parents, teachers and other kids. And ...
A breath of fresh air: Security fixes and other updates will be “orchestrated” by Redmond’s own update tool.
The post Microsoft Opens Windows Update to 3rd-Party Apps appeared first on Security Boulevard.
Active since at least 2023, the hacking group has been targeting the financial, government, IT, logistics, retail, and education sectors.
The post Chinese Hacking Group ‘Earth Lamia’ Targets Multiple Industries appeared first on ...
Security startup Unbound has raised $4 million in funding to help organizations adopt generative-AI tools securely and responsibly.
The post Unbound Raises $4 Million to Secure Gen-AI Adoption appeared first on SecurityWeek.
The latest Go release — Go 1.24, released in February 2025 — introduced a significant security enhancement: the os.Root type.
The post Navigating os.Root and Path Traversal Vulnerabilities | Go 1.24 Detection and Protection Methods | ...
Learn how Digital Ghosting and microsegmentation strategies can enhance cyber defense, boosting your organization's breach readiness.
The post Digital Ghosting, The Third Step in Breach Readiness appeared first on ColorTokens.
The post Digital ...
Professional hackers have built a network of ASUS routers that can survive firmware upgrades, factory reboots and most anti-malware scans.
The post GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability appeared first on ...
As open source adoption accelerates across the enterprise, so too does its complexity. Development teams are building software with hundreds of components, each carrying its own risks, release cycles, and dependencies.
The post Streamline SCA ...
IntroductionLogonBox is pleased to announce the immediate availability of LogonBox VPN 2.4.12.This release includes performance improvements for large user counts, disabled account license changes, and retries for cloud-delivered OTP messages. ...
