Application Security News and Articles
Onyxia unveiled a AI-powered Cybersecurity Performance Management (CPM) platform, a vital management platform for security leaders to better measure the performance of their cybersecurity programs and reduce risk. By having real-time ...
An APT group linked to Russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with phishing attacks via Microsoft Teams, says Microsoft. A social engineering attack to bypass MFA protection “To ...
Fresh research showed critical infrastructure (CI) employees are more likely to recognize and report phishing and other malicious emails.
The post Critical Infrastructure Workers Better at Detecting Phishing appeared first on Security Boulevard.
Vulcan Cyber unveiled graph technology tool that will make it simpler to visualize cybersecurity attack paths and measure the impact those attacks might have on an organization.
The post Vulcan Cyber Adds Graph Tool to Better Manage Attack ...
Endor Labs raises $70 million in oversubscribed Series A financing from Lightspeed Venture Partners (LSVP), Coatue, Dell Technologies Capital, Section 32, and over 30 industry-leading CEOs, CISOs, and CTOs. Arif Janmohamed of Lightspeed, Sri ...
Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into benign mobile apps and evade security scanning tools. Google says it has updated its app malware detection ...
If you ask Alexa, Amazon’s voice assistant AI system, whether Amazon is a monopoly, it responds by saying it doesn’t know. It doesn’t take much to make it lambaste the other tech giants, but it’s silent about its own corporate parent’s ...
Torq announced an evolution of the Torq security Hyperautomation platform: Torq Socrates, cybersecurity’s Tier-1 analysis AI Agent. Torq Socrates is designed to transform security operations by using AI to hyperautomate key security operations ...
Ivanti has disclosed a critical vulnerability (CVE-2023-35082) affecting old, out-of-support versions of MobileIron Core, an enterprise device solution that has since been rebranded to Ivanti Endpoint Manager Mobile (EPMM). “The ...
Deloitte and Palo Alto Networks announced a new product and service offering, Secure Software Development Lifecycle (SSDL), to help clients reduce “alert fatigue,” increase operational efficiency and decrease time to market. SSDL is a ...
Forty-two cybersecurity-related merger and acquisition (M&A) deals were announced in July 2023.
The post Cybersecurity M&A Roundup: 42 Deals Announced in July 2023 appeared first on SecurityWeek.
Google has paid out over $60,000 for three high-severity type confusion vulnerabilities in Chrome’s V8 engine.
The post Google Awards Over $60,000 for V8 Vulnerabilities Patched With Chrome 115 Update appeared first on SecurityWeek.
Threat actors have exploited a Salesforce zero-day vulnerability and abused Meta features in a sophisticated phishing campaign, according to web browsing security company Guardio. Attackers sent out legitimate-looking emails designed to lure ...
Articles related to cyber risk quantification, cyber risk management, and cyber resilience.
The post New SEC Cyber Requirements Unite Security Leaders and Business Stakeholders | Kovrr Blog appeared first on Security Boulevard.
Endor Labs has closed a massive $70 million Series A round of financing to fuel ambitious plans to build a dependency lifecycle management platform.
The post Software Supply Chain Startup Endor Labs Scores Massive $70M Series A Round appeared ...
Sophos released new findings on CryptoRom scams—a subset of pig butchering schemes designed to trick users of dating apps into making fake cryptocurrency investments. Since May, Sophos X-Ops has observed CryptoRom fraudsters refining their ...
CRLF (Carriage Return Line Feed) injection is a web application vulnerability that occurs when an attacker can inject malicious CRLF characters into an HTTP response. This vulnerability can lead to various security issues, such as HTTP header ...
Let's explore the bond between digital marketing and cybersecurity to ensure protection against cyber threats.
The post Digital Marketing Security: Dangerous Cyber Threats & Necessary Security Measures appeared first on Security Boulevard.
With the rise of ML, traditional red teams tasked with probing and exposing security vulnerabilities found themselves facing a new set of challenges that required a deep and comprehensive understanding of machine learning. Google’s recent ...
Ermetic released CNAPPgoat, an open-source project that allows organizations to test their cloud security skills, processes, tools, and posture in interactive sandbox environments that are easy to deploy and destroy. It is available on GitHub. ...
