Application Security News and Articles
Multiple DDoS botnets have been observed targeting CVE-2023-28771, a Zyxel firewall vulnerability patched in April.
The post Multiple DDoS Botnets Exploiting Recent Zyxel Vulnerability appeared first on SecurityWeek.
Banyan Security’s mission has been the same since day one; enable the modern workforce to securely, safely, and easily access the applications and services they need, while working from anywhere. This means the good guys get access to what is ...
While technology still plays a vital role in job success, it's just as essential for a CISO to foster a strong security culture.
The post Beyond Technology: The Crucial Role of Culture in a CISO’s Realm appeared first on Security Boulevard.
Impinj released the Impinj M800 series RAIN RFID tag chips to meet enterprise needs for item connectivity in global IoT deployments. The new M800 series delivers readability in enterprise deployments and offers enhanced tag reliability and ...
Internet of Things (IoT) email authentication is becoming ...
The post IoT Email Authentication: Why It Matters appeared first on EasyDMARC.
The post IoT Email Authentication: Why It Matters appeared first on Security Boulevard.
Weaving security into every process.Continue reading on Simform Engineering »
The Rust-based peer-to-peer worm ‘P2PInfect’ is targeting a Lua sandbox escape vulnerability in internet-accessible Redis servers.
The post P2PInfect: New Peer-to-Peer Worm Targeting Redis Servers appeared first on SecurityWeek.
Compliance with information security and privacy regulations is a critical concern for organizations operating in cloud-native environments. The speed and frequency of changes in these dynamic environments pose a challenge, as misconfigured ...
Securing APIs is a noble, though complex journey. Security teams can leverage these 10 steps to help secure their APIs.
The post 10 Steps to Help Secure Your APIs appeared first on SecurityWeek.
The recently discovered SophosEncrypt ransomware is impersonating the cybersecurity firm Sophos.
The post New Ransomware With RAT Capabilities Impersonating Sophos appeared first on SecurityWeek.
Adobe ColdFusion, a popular web development platform, has been targeted by malicious actors exploiting the recently disclosed vulnerabilities, including severe CVE-2023-29300. The exploit has been observed in the wild, posing.
The post Adobe ...
Organizations are embracing new cloud-native container services to deliver applications faster and boost business agility. The adoption of containers and container-orchestration systems like Kubernetes has been fueled by the shift towards modern, ...
Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised Microsoft Exchange servers to control them. Turla APT Turla (aka Secret ...
Cerbos is adding major new features to Cerbos Cloud based on beta user feedback. Cerbos Cloud was first introduced in April and is currently in private beta. “I’m impressed by Cerbos Cloud’s architecture, featuring a hosted ...
Generative AI can be used to amplify cybercriminals' nefarious deeds against web applications, especially those that rely heavily on APIs.
The post Why Generative AI is a Threat to API Security appeared first on Security Boulevard.
The Atlantic Council released a detailed commentary on the White House’s new “Implementation Plan for the 2023 US National Cybersecurity Strategy.” Lots of interesting bits.
So far, at least three trends emerge:
First, the plan contains a ...
DataVisor announced a partnership with Q6 Cyber to centralize relevant threat intelligence data in a single platform to increase fraud detection accuracy. Q6 Cyber’s proprietary threat intelligence enriches DataVisor’s existing fraud signals, ...
A hacking campaign, which began in mid-May, saw Chinese hackers infiltrating US government email accounts, including those of federal agencies such as the State Department and the Department of Commerce. While the breach campaign impacted ...
Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have ...
With the second quarter of 2023 behind us, it’s time to talk about GRIT’s findings from April, May, and June. […]
The post Quarterly GRIT Ransomware Report – Q2 2023 appeared first on Security Boulevard.
