Application Security News and Articles
A survey of 1,520 cybersecurity and IT leaders published today found more than half (52%) reporting their organization suffered a data breach in the past two years, with 62% experiencing monthly unplanned downtime attributable to a cybersecurity ...
Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel.
Permalink
The post USENIX Security ’22 – Yuvraj Patel, Chenhao Ye, Akshat ...
Interview with Ginny Wright, Program Director at Idaho National Lab, and Marc Sachs, former White House Advisor and Deputy Director for Research at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security
The post ...
The change management process provides a higher level of control and consistency within the Software Development Life Cycle (SDLC).
The post <strong>Change Management and the SDLC</strong> appeared first on Scytale.
The post ...
Updating your data security policy isn't just a smart way to mitigate risks, it's necessary for compliance. If your policy is severely out-of-date, your human, technology, and regulatory risks may have skyrocketed.
The post Updating Your Data ...
CISA has added to its Known Exploited Vulnerabilities catalog a Zimbra vulnerability exploited in attacks targeting NATO countries
The post Zimbra Flaw Exploited by Russia Against NATO Countries Added to CISA ‘Must Patch’ List ...
California startup Trustle banks a $6 million seed round to join the competitive cloud access management technology space.
The post Trustle Raises $6M Seed Funding for Access Management Tech appeared first on SecurityWeek.
The UK’s data protection regulator fined TikTok £12.7 million for “failing to use children’s personal data lawfully”
The post TikTok’s Trials and Tribulations Continue With UK Data Protection Fine appeared first on SecurityWeek.
Tel Aviv- and Boston-based CardinalOps has extended its detection posture management capability with MITRE ATT&CK Security Layers.
The post CardinalOps Extends MITRE ATT&CK-based Detection Posture Management appeared first on SecurityWeek.
Radware and Cisco have expanded their partnership with an announcement that is good news for Cisco’s customers and bad news for DDoS threat actors. Cisco, the worldwide leader in technology that powers the internet, has added Cisco® Secure ...
How businesses and home users can make improvements to protect themselves The number of stories in the mainstream press about the devastation that hackers cause is proof enough as to who has the upper hand in the cyber war today. But there is ...
At Praetorian, we firmly believe that the most effective way to secure your systems is to look at them through an offensive lens. After all, when you view yourself the same way an attacker does, you get a better understanding of which defenses ...
Sysdig today published a report that described how cybercriminals are exploiting the Log4j vulnerability to gain access to IP addresses that are then sold to entities that resell them. Dubbed proxyjacking, the attacks enable cybercriminals to ...
The White House and TikTok’s critics in Congress have made it clear: They consider TikTok a dangerous social media app and national security threat. Throughout the March 23, 2023, congressional hearing, TikTok CEO Shou Zi Chew defended the ...
The sophisticated, self-propagating Rorschach ransomware is one of the fastest at encrypting victim’s files.
The post Self-Propagating, Fast-Encrypting ‘Rorschach’ Ransomware Emerges appeared first on SecurityWeek.
When Adobe released security updates for its ColdFusion application development platform last month, it noted that one of the vulnerabilities (CVE-2023-26360) had been exploited in the wild “in very limited attacks.” Were your servers ...
A data breach is when sensitive, protected, or confidential information is accessed, stolen, or exposed by an unauthorized individual or group. These incidents can occur in various ways, such as hacking, theft, or human error. More than 4.2 ...
No one wants a repeat of the SUNBURST cyberattack, but without any action to improve cybersecurity within the software supply chain, another SUNBURST—or worse—attack is inevitable. And we still may see a devastating attack that takes down ...
Are you ready to take your threat hunting skills to the next level? Learning to threat hunt can be challenging, but it doesn’t have to be. That’s why Cyborg Security is excited to announce another first-of-its-kind interactive threat hunting ...
NATO is looking for penetration testing vendors to assess the security of its internet-facing web assets.
The post NATO Seeks Contractors to Test Security of Web Assets appeared first on SecurityWeek.
