Application Security News and Articles
3CX hack is the first known cascading supply chain attack, with the breach starting after an employee downloaded compromised software from a different firm.
The post Cascading Supply Chain Attack: 3CX Hacked After Employee Downloaded Trojanized ...
Cisco this week released patches for critical-severity vulnerabilities impacting its Industrial Network Director and Modeling Labs applications.
The post Cisco Patches Critical Vulnerabilities in Industrial Network Director, Modeling Labs ...
The Air Force is investigating how a lone airman could access and distribute possibly hundreds of highly classified documents, and in the meantime has taken away the intelligence mission from the unit where the leaks took place
The post Air Force ...
The UK government's information security arm warns of Russian state-aligned groups aiming to disrupt and destroy critical infrastructure in Western countries.
The post UK Warns of Russian Hackers Targeting Critical Infrastructure appeared first ...
Print management solutions provider PaperCut warns that exploitation of a recently patched vulnerability has commenced.
The post PaperCut Warns of Exploited Vulnerability in Print Management Solutions appeared first on SecurityWeek.
Fortra has shared a summary of its investigation into the GoAnywhere zero-day incident that hit dozens of the company’s customers earlier this year.
The post Fortra Completes Investigation Into GoAnywhere Zero-Day Incident appeared first on ...
The recent data breach of personal information for thousands of users of Washington D.C.’s health insurance exchange, including members of Congress, was caused by basic human error
The post DC Health Link Data Breach Blamed on Human Error ...
Too many people have access to company data they don’t need. Also, too many companies focus on authentication (verifying identity) as a security measure and overlook the importance of authorization (verifying right to access). While ...
A recent Code42 report reveals a rapidly growing number of inside risk incidents and a concerning lack of training and technology, further exacerbated by increasing workforce turnover and cloud adoption. In this Help Net Security video, Joe ...
Almost all IT and security leaders (96%) globally are concerned their organization will be unable to maintain business continuity following a cyberattack, according to Rubrik. Data security is becoming increasingly complex Data security is ...
Organizations experienced a significant increase in ransomware – from an average of four attacks over five years in 2021 versus four attacks over the course of one year in 2022, according to ExtraHop. Of those who fell victim, 83% admitted to ...
Worldwide IT and business services revenue is expected to grow (in constant currency) from $1.13 trillion in 2022 to $1.2 trillion in 2023, or 5.7% year-over-year growth, according to IDC. In nominal dollar-denominated revenue based on ...
Picus Security has announced the expansion of its continuous threat exposure management (CTEM) solution to help CISOs better answer the question: “what is our cyber risk?”. The company’s new capabilities – Picus Cyber Asset Attack Surface ...
NICE Actimize has launched its Suspicious Activity Monitoring (SAM-10) solution. Built to detect more suspicious activity while reducing false positives, NICE Actimize’s SAM-10 introduces enhancements to its anti-money laundering solution, ...
Venafi has introduced Venafi Firefly, the lightweight machine identity issuer that supports highly distributed, cloud native environments. Part of the Venafi Control Plane for Machine Identities, Firefly enables security teams to easily and ...
Daon has unveiled TrustX, its next-generation cloud-based platform for identity proofing and authentication to support the creation and deployment of user journeys across their entire digital identity lifecycle. Daon TrustX is optimized by ...
VMware has unveiled VMware Cross-Cloud managed services, a set of prescriptive offers with enhanced partner and customer benefits that will enable skilled partners to expand their managed services practices. Cross-Cloud managed services will make ...
Tentacle has announced Tentacle AI Control Mapping; a machine learning and natural language processing-fueled feature expected to transform an organization’s ability to centralize and leverage critical cyber security information. AI Control ...
Digi International has released its latest value-added service — Digi WAN Bonding — to deliver true Gigabit speeds for enhanced network performance. This solution, which is fully integrated into the Digi technology stack, also improves ...
Oracle is introducing new capabilities across Oracle Fusion Cloud Applications Suite that help customers accelerate supply chain planning, increase operational efficiency, and improve financial accuracy. The updates include new planning, usage ...
