Application Security News and Articles
Maven Central Repository has made the biggest change to its platform since its inception.
Hosted by Sonatype, Maven Central Repository is one of the largest Java repositories in the world. It has helped countless Java developers download and ...
“Zero Trust” is a cybersecurity framework and philosophy that assumes no user, device, or network can be inherently trusted. Instead, it requires the verification of every user and device attempting to access resources on a network, ...
When it comes to business operations, it would be nice if we could house everything neatly under one roof. But unless you have the financial muscle of a global corporation like Ford or Amazon, it’s not always possible. As such, we may find ...
We’ve already had the first major API-related cybersecurity incidents for 2023. The T-Mobile API breach exposed the personally identifiable information (PII) of 37 million customers. The API attack had been going on since November but was not ...
SecurityScorecard is offering free digital forensics and incident response (DFIR) services to customers that have scored an ‘A’ rating if they have been breached.
The post SecurityScorecard Guarantees Accuracy of Its Security Ratings appeared ...
OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an actively exploited vulnerability.
The post ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable ...
Semiconductors had their moment in the spotlight during the worst of the pandemic-induced supply chain disruptions. The shortage of semiconductors wreaked havoc on the industries that rely on them, opening up devices to potential threats. “The ...
Apple has released security updates for – pardon the pop-culture reference – everyhing everywhere all at once, and has fixed the WebKit vulnerability (CVE-2023-23529) exploited in the wild for users of older iPhones and iPads. This ...
Ransomware, or malicious malware designed to shut down or block access to vital business data until ransom fees are paid, continues to disrupt organizations worldwide. In recent years, it’s become clear that every business, regardless of ...
Australian financial services provider Latitude says roughly 14 million user records were stolen in a recent cyberattack.
The post 14 Million Records Stolen in Data Breach at Latitude Financial Services appeared first on SecurityWeek.
The UK’s National Crime Agency has been running several DDoS-for-hire websites to collect information about individuals looking to launch such attacks.
The post Thousands Access Fake DDoS-for-Hire Websites Set Up by UK Police appeared first on ...
In the continuous delivery (CI)/continuous delivery (CD) pipeline, one of the key ingredients to add to the pot is software composition analysis (SCA), an automated process that identifies the open source software in a codebase. We know that app ...
Apple has released security updates for older iPhones to address a vulnerability exploited in attacks.
The post iOS Security Update Patches Exploited Vulnerability in Older iPhones appeared first on SecurityWeek.
Check out our latest roundup highlighting newly added and updated coverage for several ransomware and malware variants, including BlackLotus malware, HardBit ransomware amongst others.
The post Hacker’s Playbook Threat Coverage Roundup: March ...
With the increased public interest in ChatGPT, the Europol Innovation Lab took the matter seriously and conducted a series of workshops involving subject matter experts from various departments of Europol. These workshops aimed to investigate ...
Introduction In today’s world, where people spend a significant portion of their time online, cyber threats are becoming increasingly sophisticated and dangerous. One such threat is “PasteJacking or clipboard hijacking.” It is a type of ...
Imagine being a young person who wants a career, of whatever type you can find, as a cybersecurity professional.
Related: Up-skilling workers to boost security
Related Although you were born with an agile and analytical mind, you have very ...
Photo by Claudel Rheault on Unsplash
Broken Object Level Authorization (BOLA) is the #1 vulnerability in the OWASP API Security Project’s API Security Top Ten in 2019. Using BOLA, an attacker exploits a vulnerable API endpoint by manipulating ...
What were the most notorious hacks in history? They’re subject to debate, but we bring you 27 of them, which would be strong candidates for the title.
The post 23 Most Notorious Hacks History that Fall Under OWASP Top 10 appeared first on ...
Cyberattacks tend to come from two angles: criminals take advantage of employees with privileged access or of security weaknesses in your hardware/software infrastructure. These broad categories encompass attack vectors such as phishing, ...
