Application Security News and Articles
The industry’s first-ever directory of virtual CISO (vCISO) service providers has gone live. This list of vCISO providers means that SMBs can tap the expertise of qualified cybersecurity professionals to protect their digital assets and ensure ...
In recent years there’s been a rise in “API Abuse” attacks, which includes detrimental automated behaviors such as malicious bots, account takeover (ATO), credential stuffing, application layer (L7) DDoS, data scraping, and more. For ...
A security researcher has published proof-of-concept (PoC) exploit code targeting a recent high-severity vulnerability (CVE-2023-20178) in Cisco AnyConnect Secure.
The post PoC Exploit Published for Cisco AnyConnect Secure Vulnerability appeared ...
Keeping organizations safe from cybercriminals is a constant cat-and-mouse game of developing better defenses only to have attackers discover new ways around that defense. This struggle is most apparent in defending against hidden threats in ...
The SafeBreach Labs team uncovers a vulnerability in a popular HR information system. See their process and how it is mitigated.
The post HiBob – Can You Please Share Customers’ Data? appeared first on SafeBreach.
The post HiBob – Can You ...
Incorporating Red Zone threat intelligence into your security strategy will help you stay on top of the latest threats and better protect your organization.
The post The Benefits of Red Zone Threat Intelligence appeared first on SecurityWeek.
This week, researchers at Group-IB discovered that upwards of 100,000 ChatGPT user accounts were up for sale on the dark web market over the last year. The type of malware used to gain stolen credentials is known as information-stealing malware. ...
There is a lot of talk about building an effective cybersecurity program, with security analysts recommending that your organization strive for cybersecurity maturity. But what do they mean by maturity, and what is the role of the SOC in reaching ...
In the world of modern application development, Kubernetes is the de facto container orchestration platform. It helps platform and development teams manage applications and services in distributed environments reliably and at scale. However, to ...
Today we’re pleased to announce an integration partnership with HacWare that empowers MSPs and other technology providers to easily deliver cybersecurity awareness training to clients that must meet compliance requirements.
The post ...
A new bill proposes to increase cybersecurity funding for rural water systems by $7.5 million dollars per year.
The post Bipartisan Bill Proposes Cybersecurity Funds for Rural Water Systems appeared first on SecurityWeek.
Apple has released patches for three zero-day vulnerabilities (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) exploited in the wild. The first two have been reported by Kaspersky researchers Georgy Kucherin, Leonid Bezvershenko and Boris Larin ...
The global financial sector stands as a crucial pillar, driving the world economy, but it increasingly relies on digitization and large-scale data ingestion. The heart of its operations is the ceaseless influx of processed, analyzed, and stored ...
Prime Day is Amazon’s largest, most highly anticipated retail event, often thought as bigger than Cyber Monday and Black Friday combined. Shoppers enjoy two days of special sales, this year running from July 11th-12th, on everything from Amazon ...
Unleashing the Power of Digital Transformation: Digital transformation encompasses a range of strategies and technologies aimed at leveraging digital advancements to optimize processes, enhance customer experiences, and drive business growth. ...
ChatGPT can be used to generate phishing sites, but could it also be used to reliably detect them? Security researchers have tried to answer that question. Can ChatGPT detect phishing sites based on URLs? Kaspersky researchers tested 5,265 (2322 ...
Infosecurity Europe is taking place at ExCeL London from 20-22 June 2023 and Help Net Security is on site. The first gallery is available here, and the second gallery is here. Here’s a closer look at the conference featuring: Swimlane, ...
Technologies like Kubernetes and K3S are synonymous with the success of cloud native computing and the power of open source. It is no accident they have steamrolled the competition. As enterprises look to secure cloud-native environments, open ...
Not only are macroeconomic headwinds causing more significant stress for security and DevOps teams, but the increasing number of threats against shrinking teams is causing an uneven playing field. In this Help Net Security video, Ev Kontsevoy, ...
In today’s interconnected world, telecom companies serve as gateways, connecting individuals, businesses, and governments. However, this role also makes them prime targets for cyberattacks. From DDoS attacks to sophisticated spyware ...
