Application Security News and Articles
via the comic artistry and dry wit of Randall Munroe, resident at XKCD!
Permalink
The post Randall Munroe’s XKCD ‘Taxiing’ appeared first on Security Boulevard.
A decade-long data breach in Toyota’s online service put some information on more than 2 million vehicles at risk.
The post Toyota: Data on More Than 2 million Vehicles in Japan Were at Risk in Decade-Long Breach appeared first on SecurityWeek.
Insight #1
"Privacy is becoming a problem for many organizations. In a 2023 report by IAPP, 80% of consumers sometimes or always stop doing business with a company after a breach."
Insight #2
"We need to start treating all ...
Key Points
CryptNet is a new ransomware-as-a-service that has been advertised in underground forums since at least April 2023
The CryptNet threat group claims to perform double extortion attacks by combining data exfiltration with file ...
A vulnerability in a WordPress plugin exposed the official website of sports car maker Ferrari to hacker attacks.
The post WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers appeared first on SecurityWeek.
Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel.
Permalink
The post USENIX Enigma 2023 – Moderator: Melanie Ensign, Panelists: Joseph ...
DTEX offers partners an opportunity to provide insider risk management services to customers with an easy assessment to get started.
The post DTEX Insider Risk Assessment Development Strategy for Partners appeared first on DTEX Systems Inc.
The ...
Ted Chiang has an excellent essay in the New Yorker: “Will A.I. Become the New McKinsey?”
The question we should be asking is: as A.I. becomes more powerful and flexible, is there any way to keep it from being another version of McKinsey? ...
OneTrust announces new innovations across the Trust Intelligence Platform to help organizations responsibly use data and drive trust intelligence at scale. As companies tackle the challenges of data sprawl, OneTrust’s enhancements provide ...
Spanish authorities have announced the arrest of 40 individuals for their roles in a group involved in bank fraud, identity theft, and money laundering.
The post Spain Arrests Hackers in Crackdown on Major Criminal Organization appeared first on ...
AI Spera announced a data-sharing partnership agreement between its flagship search engine, Criminal IP, and DNS0.EU. This strategic collaboration makes perfect sense, as both entities share a common objective of providing the utmost protection ...
The era of remote work was the catalyst for many workplace changes. As businesses navigate this landscape, IT systems are subject to a sudden increase in cybersecurity attacks. This further encouraged IT leaders to dive deeper into their security ...
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
The post How to Handle Secrets in Terraform appeared first on Security Boulevard.
SentinelOne sees multiple threat groups adopting the leaked Babuk source code to build their own VMware ESXi lockers.
The post Leaked Babuk Code Fuels New Wave of VMware ESXi Ransomware appeared first on SecurityWeek.
Enterprise companies are increasing spending on software-as-a-service (SaaS) tools to enhance employee productivity and drive digital transformation projects. In doing so, IT teams are facing new challenges to ensure the right level of access to ...
Rockwell Automation customers have been informed about potentially serious vulnerabilities in several products, shortly after news of an investigation into the firm’s China operations.
The post Organizations Informed of Over a Dozen ...
CISA and FBI have observed a ransomware gang exploiting a recent PaperCut vulnerability in attacks targeting the education facilities subsector.
The post CISA, FBI: Ransomware Gang Exploited PaperCut Flaw Against Education Facilities appeared ...
Manufacturing businesses, healthcare organizations, and tech companies in English-speaking countries are the most targeted by phishers leveraging a relatively new phishing-as-a-service (PaaS) tool called Greatness, created to phish Microsoft 365 ...
France's privacy watchdog doled out further penalties to US firm Clearview AI for failing to pay a 20-million-euro fine imposed last year over data breaches.
The post France Punishes Clearview AI For Failing To Pay Fine appeared first on ...
What is a Material Weakness in SEC filings and how to prevent itIn the first quarter of 2023, material weaknesses increased by 25%. For businesses, there's no greater alarm than a material weakness. Even the possibility of a material weakness can ...
