Application Security News and Articles
Apple has patched an exploited zero-day kernel vulnerability (CVE-2023-38606) in iOS, iPadOS, macOS, watchOS and tvOS. CVE-2023-38606 fix has been backported In early July, Apple fixed an actively exploited zero-day vulnerability (CVE-2023-37450) ...
Thales has reached an agreement with Thoma Bravo for the acquisition of 100% of Imperva for an enterprise value of $3.6 billion. With this acquisition, Thales is taking its cybersecurity business to the next level. Imperva will enable growth in ...
An Ivanti EPMM product zero-day vulnerability tracked as CVE-2023-35078 has been exploited in an attack aimed at the Norwegian government.
The post Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government appeared first on ...
According to research by the Aite Group, financial institutions are facing a 64% uptick in account takeover attacks than before the pandemic. This number is expected to rise further as the digital ecosystem expands, enlarging the surface area ...
Cybersecurity is the practice of safeguarding systems, networks, and programmes from digital attacks. These cyberattacks are often aimed at accessing, changing, or destroying sensitive information, extorting money from users, or disrupting normal ...
Inside the Attacker’s Playbook: Unmasking the most common lateral movement techniques Lateral movement techniques refer to the methods employed by attackers to move through a network, seeking to escalate privileges, access sensitive data, ...
[For some reason I posted this several months ago on my Dataholics blog, when this one might have been at least as obvious a place to put it. I haven’t anything new to say on the topic: I’m just putting it here for completeness.] There was ...
The growing use of APIs in various business areas exposes organizations to new security risks. An analysis of data breaches reveals that US companies could face losses ranging from $12.
The post API Discovery: Definition, Importance, and ...
The internet is vital in our digital age, offering unmatched connectivity and convenience in daily life. But the internet hides a secret world known as the Dark Web behind its surface. It becomes a place for illegal activities and spawns cyber ...
In software development, the importance of secure coding practices cannot be overstated. Fostering a security culture within development teams has become crucial to ensure the integrity and protection of digital systems. To delve deeper into this ...
While technology advancements and distributed workforces have created efficiencies and flexibility for companies, they’ve also created overcomplexity, which can increase security risk. 53% of senior IT decision-makers say their IT environment ...
Despite mass adoption of generative AI, most companies don’t have a coordinated strategy for deploying it or know how to assess its security—exposing them to risks and disadvantages if they don’t change their approach, according to ...
In the Q2 2023, GuidePoint Research and Intelligence Team (GRIT) tracked 1,177 total publicly posted ransomware victims claimed by 41 different threat groups. The most impacted industries GRIT’s report shows a 38% increase in public ransomware ...
SINGAPORE, July 25, 2023— LogRhythm, the company helping security teams stop breaches by turning disconnected data and signals into trustworthy insights, today announced their partnership with Infoline Tec Group Berhad, an established IT ...
Apple patches another zero-day flaw used in the 'Operation Triangulation' exploit chain. iOS and macOS-powered devices are affected.
The post Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks appeared first on ...
Let’s say you recently acquired a security information and event Management (SIEM) solution and have a new layer of defense in the war against cybercriminals. What comes next? Gaining Quick Time to Value from Your Deployment During the ...
Zenbleed (CVE-2023-20593) was announced today. This is a vulnerability affecting AMD processors based on the Zen2 microarchitecture (certain EPYC CPUs used in datacenter servers and Ryzen/Threadripper CPUs used in desktop/laptop computers). The ...
The average cost to an organization hit with a data breach reached a record high this year, though those companies are split on who they believe should foot the bill, according to a report released today by IBM.
The post IBM: Cost of a Data ...
Machine learning-based fraud decision engines are sometimes viewed as mysterious black boxes that only provide minimal insight into why a decision was made on a login or a transaction. It’s a valid concern; not all fraud solution providers ...
Google is rolling out a red team charged with testing the security of AI systems by running simulated but realistic attacks to uncover vulnerabilities or other weaknesses that could be exploited by cybercriminals.
The post Google Launches Red ...
