Application Security News and Articles


Ransomware Operators Leak Data Allegedly Stolen From City of Oakland

Play ransomware operators have leaked data allegedly stolen from the City of Oakland last month. The post Ransomware Operators Leak Data Allegedly Stolen From City of Oakland appeared first on SecurityWeek.

BetterHelp Shared Users’ Sensitive Health Data, FTC Says

The online counseling service BetterHelp has agreed to return $7.8 million to customers to settle with the Federal Trade Commission for sharing health data it had promised to keep private The post BetterHelp Shared Users’ Sensitive Health ...

Law enforcement teams score major win against DoppelPaymer ransomware gang

In a joint effort, the German Regional Police, Ukrainian National Police, Europol, Dutch Police, and FBI joined forces on February 28, 2023, to take down the masterminds behind a notorious criminal organization responsible for unleashing ...

Cybercrime Marketplace Leaks Over 2.1 Million Payment Cards

Carding marketplace BidenCash last week released information on more than 2.1 million credit and debit cards. The post Cybercrime Marketplace Leaks Over 2.1 Million Payment Cards appeared first on SecurityWeek.

557 CVEs Added to CISA’s Known Exploited Vulnerabilities Catalog in 2022

There are nearly 900 vulnerabilities in CISA's Known Exploited Vulnerabilities (KEV) catalog, including nearly 100 discovered in 2022. The post 557 CVEs Added to CISA’s Known Exploited Vulnerabilities Catalog in 2022 appeared first on ...

In the News | What Is Third-Party Risk, and What Do Schools Need to Know?

This article was originally published in EdTech Magazine on 2.24.23 by Rebecca Torchia K–12 IT teams must analyze how applications use and store data to protect themselves and their students from cyberattacks Between the federal government’s ...

How Much Does A SOC 2 Audit Cost? [Not expensive]

Let's face it SOC 2 audits can cost a lot and take too much time. Read how anecdotes saves you time and makes your SOC 2 audit cost less! The post How Much Does A SOC 2 Audit Cost? [Not expensive] appeared first on Security Boulevard.

Cybersecurity M&A Roundup: 35 Deals Announced in February 2023

Thirty-five cybersecurity-related M&A deals were announced in February 2023 The post Cybersecurity M&A Roundup: 35 Deals Announced in February 2023 appeared first on SecurityWeek.

PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)

A PoC exploit for CVE-2023-21716, a critical RCE vulnerability in Microsoft Word that can be exploited when the user previews a specially crafted RTF document, is now publicly available. Patches for the flaw – which affects a wide variety ...

Advanced control analytics for retail

Advanced Control Analytics in retail: going to market smarterFew other industries are as full of constant change and challenge as retail. In 2023, the retail industry is experiencing market volatility, supply chain constraints, and omnichannel ...

Critical Vulnerabilities Allow Hackers to Take Full Control of Wago PLCs

Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs). The post Critical Vulnerabilities Allow Hackers to Take Full Control of Wago PLCs appeared first on SecurityWeek.

Merchant Onboarding Made Easy: Benefits of Using a KYC API

Onboarding merchants is crucial for ongoing development if you’re a merchant acquirer or payment service provider (PSP). Of course, you want more businesses since they generate more sales. On the other hand, bringing on dubious merchants that ...

6 cybersecurity and privacy Firefox add-ons you need to know about

In today’s digital age, cybersecurity and privacy have become major concerns for internet users. With the increase in cyber attacks and data breaches, it is vital to protect your online privacy and security. One way to do this is by using ...

How to achieve and shore up cyber resilience in a recession

Today’s business leaders are grappling with two opposing challenges. On the one hand, present day global economic and recessionary pressures mean spending policies need to be reviewed and cash reserves built up. On the other hand, the volume ...

XIoT risk and the vulnerability landscape

Recently, Claroty released its State of XIoT Security Report, which shares analyses of publicly disclosed vulnerabilities affecting operational technology (OT), internet of things (IoT) devices, and most recently, the internet of medical things ...

The LastPass Attack Gets Worse, What is Gamification, Signal’s Encryption Standoff

Popular password manager LastPass suffered a second attack that lasted for over two months. Now new and disturbing information is being released about the attack. Scott discusses the benefits and challenges of using gamification in security ...

Popular fintech apps expose valuable, exploitable secrets

92% of the most popular banking and financial services apps contain easy-to-extract secrets and vulnerabilities that can let attackers steal consumer data and finances, according to Approov. The Approov Mobile Threat Lab downloaded, decoded and ...

OneTrust Certification Automation helps businesses transcend traditional compliance barriers

OneTrust introduces OneTrust Certification Automation to the OneTrust ecosystem to help organizations navigate the complex and evolving regulatory landscape. OneTrust Certification Automation brings together automation, pre-built policies, and ...

Key Security Wins 2022: Securing the Future

Security is becoming more and more important and this is reflected in measures and initiatives many governments and companies are taking. Although there's still a lot to improve and unfortunately the threats and hack cases keep growing, these ...

Personal data [G Temp]

The post Personal data [G Temp] appeared first on Click Armor. The post Personal data [G Temp] appeared first on Security Boulevard.