Application Security News and Articles
The fast-evolving story of the compromise of voice over IP (VoIP) provider 3CX has refocused attention on the threat that software supply chain compromises pose. State-sponsored hackers tampered with 3CX’s desktop client, compromising the ...
Recent guidance from the Cybersecurity and Infrastructure Security Agency (CISA) about securing software by design and default has garnered praise from the security community.
The post CISA’s Security by Design for software development: ...
In an analysis of over 3,000 websites and over 100,000 associated webpages (using the client-side security scanning feature of Feroot Inspector) across 6 sectors, it was discovered that TikTok pixels/trackers were present on 7.41% of the analyzed ...
Analysis on 3,000 websites and over 100,000 associated webpages (using the client-side security scanning feature of Feroot Inspector) revealed that pixels/trackers are collecting and/or transferring data prior to the explicit consent (e.g., ...
The post Can the Open Source Community Save Europe from the Cyber Resilience Act? appeared first on Security Boulevard.
Cyborg Security is launching a podcast with a twist! Join us for the first fully interactive threat hunting podcast where you can hang out with threat hunters from all over the world! Join a rag-tag bunch of threat hunters as they come out of the ...
Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel.
Permalink
The post USENIX Enigma 2023 – Lucy Simko, George Washington University ...
In a recent cautionary tale of the unintended consequences of AI, Samsung employees input confidential information into ChatGPT on three separate occasions over 20 days, resulting in the leaking of customer data, a recording of a sensitive ...
We are thrilled to kick off the 2023 RSA Conference with two award wins from Cyber Defense Magazine (CDM): Most Comprehensive Insider Threat Prevention and Best Product Data Loss Prevention (DLP). This is the third consecutive year DTEX has been ...
Many organizations have treated FIM as shelfware for years.
The post FIM is Dead, Long Live (Next-Gen) FIM appeared first on Security Boulevard.
Cybersecurity firm Aadya has raised $5 million in Series A funding for its all-in-one platform tailored for small and mid-sized businesses.
The post Aadya Raises $5 Million for SMB-Focused Security Platform appeared first on SecurityWeek.
Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic.
Jim Dempsey, one of the workshop organizers, wrote a blog post on the report:
As a ...
Whenever a data breach takes place involving an entity you are involved with, you should know all the details, particularly involving what data points were compromised in the incident. Depending on the data that was exposed, your next course of ...
Chinese APT Evasive Panda has been observed targeting local members of an international NGO with the MgBot backdoor, delivered via legitimate software updates.
The post Chinese Cyberspies Delivered Malware via Legitimate Software Updates appeared ...
RSA Conference 2023 is taking place at the Moscone Center in San Francisco. Check out our microsite for the conference for all the most important news. The Early Stage Expo is an innovation space dedicated to promoting up-and-comers in the ...
The data tells a compelling story for buyers worldwide: Across all industries surveyed, the most common attack methods in 2022 were stolen credentials, ransomware and phishing. And attackers are typically targeting payment data, personally ...
Skyhigh Security announced the addition of several new capabilities to its Security Service Edge (SSE) portfolio at RSA Conference 2023. The features and functionality converged in the Skyhigh Cloud Platform reinforce Skyhigh Security’s mission ...
A new piece of malware named Atomic macOS Stealer (AMOS), offered for $1,000 per month, offers a wide range of data theft capabilities.
The post New ‘Atomic macOS Stealer’ Malware Offered for $1,000 Per Month appeared first on ...
SecurityWeek editor-at-large Ryan Naraine expects to see an explosion of well capitalized startups promising to protect AI machine learning models behind enterprise products.
The post Innovation Sandbox: Cybersecurity Investors Pivot to ...
On April 19, 2023, the Supreme Court heard oral arguments in the case of Counterman v. Colorado, a case readdressing the question of the mental state the government has to demonstrate to convict a person for making online threats. Specifically, ...
