Application Security News and Articles


USENIX Security ’22 – Ning Luo, Samuel Judson, Timos Antonopoulos, Ruzica Piskac, Yale University; Xiao Wang – ‘ppSAT: Towards Two-Party Private SAT Solving’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Ning Luo, Samuel Judson, Timos ...

New National Cybersecurity Strategy: What Do You Need to Know?

The White House released a new national cybersecurity strategy this past week with five pillars. What’s in the plan, and how will this impact public- and private-sector organizations? The post New National Cybersecurity Strategy: What Do You ...

Autonomous Vehicles Need No Drugs Or Drink To Be Bad Drivers

Humans often get cited for being influenced by drugs or alcohol when they make terrible decisions. Autonomous vehicles (AV), on the other hand, need no drugs or alcohol to make such bad decisions. This often gets reported as an AV isn’t at risk ...

Week in review: LastPass breach, GCP data exfiltration, UEFI bootkit

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google Cloud Platform allows data exfiltration without a (forensic) trace Attackers can exfiltrate company data stored in Google Cloud Platform ...

Snowflake and AWS expand partnership to drive customer-focused innovation

Snowflake and Amazon Web Services (AWS) have unveiled a multi-year expansion of their partnership, with Snowflake growing its AWS spend and both companies jointly contributing millions of dollars to support go-to-market efforts. The expansion of ...

Akamai acquires Ondat to strengthen its cloud computing offerings

Akamai Technologies reached a definitive agreement to acquire Ondat, a cloud-based storage technology provider with a Kubernetes-native platform for running stateful applications anywhere at scale. Ondat’s technology delivers persistent ...

USENIX Security ’22 – Jiaheng Zhang , Tiancheng Xie, Thang Hoang, Elaine Shi, Yupeng Zhang – ‘Polynomial Commitment with a One-to-Many Prover and Applications’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Jiaheng Zhang , Tiancheng Xie, Thang ...

Clustering Phishing Campaign’s Rogue and Fraudulent and Malicious Hosting Infrastructure Pointing to Massive IPFS Web 3.0 Hosting Infrastructure Abuse – An OSINT Analysis

Dear blog readers, I've recently stumbled upon a pretty interesting phishing campaign including the actual hosting infrastructure behind the campaign where I've decided to share my findings with everyone in particular the fact that the campaign ...

EPA Mandates States Report on Cyber Threats to Water Systems

The Biden administration said it would require states to report on cybersecurity threats in their audits of public water systems, a day after it released a broader plan to protect critical infrastructure against cyberattacks. The post EPA ...

Viasat strengthens network security posture for enterprises with Trusted Cybersecurity Services

The Trusted Cybersecurity Services (TCS) solution, a hosted intrusion detection service that utilizes classified government threat intelligence to identify and address existing, potential, and emerging cyber threats on an organization’s ...

Fingerprint collaborates with Spec to help businesses combat fraud

Spec and Fingerprint joined forces to provide companies with an solution that tackles fraud while ensuring a seamless customer experience. By integrating Fingerprint’s device identification technology into its no-code Trust Cloud platform, ...

HPE acquires Axis Security to expand its edge-to-cloud security capabilities

Hewlett Packard Enterprise (HPE) revealed that it entered into a definitive agreement to acquire Axis Security, a cloud security provider. This acquisition will allow HPE to expand its edge-to-cloud security capabilities by offering a unified ...

SaaS Security under NYDFS with Grip SSCP

NYDFS regulations have significant implications for companies using SaaS solutions, Grip enables customers to secure SaaS and identities to comply with NYDFS The post SaaS Security under NYDFS with Grip SSCP appeared first on Security Boulevard.

USENIX Security ’22 – Yanxue Jia, Shi-Feng Sun, Hong-Sheng Zhou, Jiajun Du, Dawu Gu – ‘Shuffle-based Private Set Union: Faster and More Secure’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Yanxue Jia, Shi-Feng Sun, Hong-Sheng ...

SafeBreach Coverage for US-CERT Alert (AA23-061A) – Royal Ransomware

SafeBreach coverage for US-CERT Alert (AA22-335A) - Cuba Ransomware The post SafeBreach Coverage for US-CERT Alert (AA23-061A) – Royal Ransomware appeared first on SafeBreach. The post SafeBreach Coverage for US-CERT Alert (AA23-061A) – Royal ...

Digital Trust & Safety Roundup: Costly chargebacks, dynamically fighting ATO, and social media scam risks

Explore the cost of rising chargebacks, strategies for fighting ATO, and how new social media features may fuel scams. The post Digital Trust & Safety Roundup: Costly chargebacks, dynamically fighting ATO, and social media scam risks appeared ...

Defeating Malvertising-Based Phishing Attacks

Malvertising Enters a New Age While Google grapples with the potential threat that ChatGPT poses to its advertising business, cybercriminals are taking advantage of Google Ads to ramp up their phishing attacks on unsuspecting victims. To pull off ...

Cowbell Adds Free Cybersecurity Services for Insurance Policy Holders

Cowbell this week added a free 24/7 managed security service for organizations that take out a cyberinsurance policy to help reduce the cost of a cybersecurity breach. Manu Singh, vice president of risk engineering at Cowbell, said Cowbell 365 ...

Randall Munroe’s XKCD ‘Fanservice’

via the comic artistry and dry wit of Randall Munroe, resident at XKCD! Permalink The post Randall Munroe’s XKCD ‘Fanservice’ appeared first on Security Boulevard.

Exposing the "PDF Botnet" – An OSINT Analysis

Dear blog readers, I've recently stumbled upon a pretty interesting and worth mentioning malicious software and botnet spam and malicious software serving campaign that can be best described as a "PDF botnet" where the ultimate idea for both ...