Application Security News and Articles
ConnectSecure is adding deep attack surface scanning and the Exploit Prediction Scoring System (EPSS) to its cybersecurity platform for managed service providers (MSPs) that protect small and midsize businesses. The new capabilities will be fully ...
Chrome 114 stable brings 18 security fixes, including 13 for vulnerabilities reported by external researchers.
The post Chrome 114 Released With 18 Security Fixes appeared first on SecurityWeek.
A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations.
The post Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards appeared first on SecurityWeek.
Cybersecurity is full of acronyms. So many, in fact, that I would be hard-pressed to find someone who knows what they all stand for or clearly explain the subtle differences between many of them. Let’s not forget to mention the cybersecurity ...
PingSafe launched KSPM module to provide an end-to-end security solution that encompasses the entire container lifecycle, from development to production, helping organizations securely navigate the dynamic landscape of container orchestration. By ...
This September organizations in Quebec will face stiff penalties if found non-compliant with Law 25 (previously Bill 64). Here’s what you need to know to ensure compliance.
The post How to Comply with Quebec Privacy Law Bill 25 appeared first ...
Hitachi Vantara introduced Hitachi Data Reliability Engineering (DRE), a suite of consulting services helping organizations improve the quality and consistency of business-critical data. Amid a surge of data from connected devices and ...
When teams have a way to break down enterprise silos and see and understand what is happening, they can improve protection across their increasingly dispersed and diverse environment.
The post Breaking Enterprise Silos and Improving Protection ...
As the pace of application development accelerates, IT and security teams are losing faith in old application security (AppSec) tools. Legacy tools can’t keep up and are stuck in a perpetual game of catch-up, according to a Backslash survey of ...
Ping Identity announced PingOne Protect, a new fraud detection and risk management service to prevent account takeover and fake accounts while solving multi-factor authentication (MFA) fatigue for end users. PingOne Protect takes a unique ...
Since a lot of our customers build and run their applications in AWS, our partnership and joint solution delivery with AWS provides enormous value. We’re excited to share that we’ve deepened our ties to AWS in two compelling ways, by ...
Zyxel has patched a high-severity authenticated command injection vulnerability (CVE-2023-27988) in some of its network attached storage (NAS) devices aimed at home users. About the vulnerability (CVE-2023-27988) The vulnerability was discovered ...
Security researchers have discovered spyware code in 101 Android applications that had over 421 million downloads in Google Play.
The post Spyware Found in Google Play Apps With Over 420 Million Downloads appeared first on SecurityWeek.
Netskope announced an integration between Netskope’s Intelligent Security Service Edge (SSE) platform and Amazon Security Lake from AWS. Amazon Security Lake is a service that automatically centralizes an organization’s security data ...
Small and medium businesses (SMBs) are not exempt from being targeted by advanced persistent threat (APT) actors, according to Proofpoint researchers. By analyzing a year’s worth of APT campaign data they collected from the 200,000+ SMBs that ...
Mirantis announced Lens Control Center, to enable large businesses to centrally manage Lens Pro deployments by standardizing configurations, consolidating billing, and enabling control over outbound network connections for greater security. Over ...
A decade-old critical vulnerability in Jetpack was force-patched on five million WordPress sites over the past few days.
The post Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability appeared first on SecurityWeek.
The recently discovered Barracuda zero-day vulnerability CVE-2023-2868 has been exploited to deliver malware and steal data since at least October 2022.
The post Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery ...
NEW YORK, May 31, 2023 – Rezilion, an automated software supply chain security platform, today announced the release of its new Smart Fix feature in the Rezilion platform, which offers critical guidance so users can understand the most ...
As a part of our mission to improve and accelerate software supply chain security, today we are pleased to unveil Rezilion’s new Smart Fix feature. Vulnerabilities can pose significant risks to organizations, and we all know it’s vital that ...
