Application Security News and Articles


EPA Memorandum Directs Public Water Systems to Survey OT/ICS Cybersecurity

Water is one of the most abundant and precious resources on Earth, yet the increasingly digital and networked operations that supply clean and safe drinking water have experienced some neglect when it comes to modern day cybersecurity best ...

Cyberattack Hits Major Hospital in Spanish City of Barcelona

A ransomware attack on one of Barcelona’ s main hospitals has crippled the center’s computer system and forced the cancellation of non-urgent operations and patient checkups. The post Cyberattack Hits Major Hospital in Spanish City of ...

Benefits of Data Fabric for Compliance

How can Compliance leaders utilize data effectively to scale their businesses? Join anecdotes and explore the benefits of data fabric for GRC professionals. The post Benefits of Data Fabric for Compliance appeared first on Security Boulevard.

Voice-Clone AI Scams — it’s NOT ME on the Phone, Grandma

Voice AI tech being misused by scammers: Scrotes fake your voice and call your grandparents. Then “you” beg them for money. The post Voice-Clone AI Scams — it’s NOT ME on the Phone, Grandma appeared first on Security Boulevard.

VMware NSX Manager vulnerabilities being actively exploited in the wild

The Wallarm Detect team has found exploit attempts in the wild of CVE-2022-31678 and CVE-2021-39144. The original vulnerabilities were found in VMware NSX Manager at the end of last year, and can lead to remote code execution (RCE) by ...

Police Looking for Russian Suspects Following DoppelPaymer Ransomware Crackdown

Several locations in Germany and Ukraine were raided recently as part of an international law enforcement operation targeting the DoppelPaymer ransomware. The post Police Looking for Russian Suspects Following DoppelPaymer Ransomware Crackdown ...

Randall Munroe’s XKCD ‘Obituary Editor’

via the comic artistry and dry wit of Randall Munroe, resident at XKCD! Permalink The post Randall Munroe’s XKCD ‘Obituary Editor’ appeared first on Security Boulevard.

Identity verification in today’s digital-first era

The identity verification market was valued at $11B in 2022. It’s anticipated that in the... The post Identity verification in today’s digital-first era appeared first on Entrust Blog. The post Identity verification in today’s digital-first ...

ZTNA and the Death of the Network Perimeter

Tony Bradley Editor-in-Chief at TechSpective     Zero trust network access (ZTNA) is becoming increasingly relevant as the concept of the perimeter, and the traditional “castle-and-moat” mentality of cybersecurity, becomes obsolete. The ...

USENIX Security ’22 – Shravan Srinivasan, Alexander Chepurnoy, Charalampos Papamanthou, Alin Tomescu, Yupeng Zhang – ‘Hyperproofs: Aggregating and Maintaining Proofs in Vector Commitments’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Shravan Srinivasan, Alexander ...

Business-grade routers compromised in low-key attack campaign

An unknown threat actor has discreetly compromised business-grade DrayTek routers in Europe, Latin and North America, equipping them with a remote access trojan (dubbed HiatusRAT) and a packet capturing program. “The impacted models are ...

Prioritizing AWS Vulnerabilities With Sonrai Identity Insights

Reading Time: 5 minutes Vulnerability management is nothing new to the cybersecurity world, but the paradigms, practices and solutions built for on-prem management are not holding up in the cloud. This calls for a new approach to vulnerability ...

6 Ways to Vet Your Next ASM Vendor

Attack surface management (ASM) is a critical security function, and the market for ASM solutions is growing rapidly. However, with the evolution to ASM 2.0, the process of selecting a new ASM vendor can be confusing. This article will outline ...

New ATM Malware ‘FiXS’ Emerges

Metabase Q documents FiXS, a new malware family targeting ATMs in Latin America. The post New ATM Malware ‘FiXS’ Emerges appeared first on SecurityWeek.

New Tool Made by Microsoft and Mitre Emulates Attacks on Machine Learning Systems

Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems. The post New Tool Made by Microsoft and Mitre Emulates Attacks on Machine Learning Systems appeared first on ...

Find More Secrets with Nosey Parker v.0.12.0

On March 2, 2023, we issued some updates to our secrets sniffing tool, Nosey Parker, which has been available as an Apache 2-licensed open-source project since December 2022. We originally developed the full version to embed in Chariot, our ...

5 Tactical Tips For Security Teams Using AWS

Security teams face new and unique challenges as they move their workloads to AWS. Legacy SIEM solutions were not built for the cloud, and as a result, they are often unable to keep up with the speed and scale of AWS. This can leave your ...

The State of the Security Team

The success of the cybersecurity team requires support across the entire organization. LogRhythm’s 2022 State of the Security Team global research report, provides insightful statistics regarding the current stressors security professionals ...

European Police, FBI Bust International Cybercrime Gang

Authorities disrupted an international cybercrime gang which has been blackmailing large companies and institutions for years. The post European Police, FBI Bust International Cybercrime Gang appeared first on SecurityWeek.

Adaptable ‘Swiss Army Knife’ Malware a Growing Threat

There is a worrying rise in multipurpose malware, which can perform a variety of malicious actions and is adept at evasion, lateral movement and data encryption. These were among the findings of a report from Picus, a security company ...