Application Security News and Articles


The Internet’s Future at Stake (Really!) as Supreme Court Takes Up Provider Immunity

“No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” Those 26 words helped create the modern internet, for better or worse. ...

TruthFinder, Instant Checkmate user data leaked online; Sensitive information stolen in healthcare data breach

When personal information is stolen in a data breach, each compromised data point poses a different risk to the victim. Stolen email addresses and phone numbers can lead to an increase in phishing attempts, while Social Security numbers could be ...

How SSL Monitoring Can Help Safeguard Your Brand’s Identity

SSL certificate monitoring can help detect phishing attacks targeting brands in early stages and help safeguard brand identity and protect users. The post How SSL Monitoring Can Help Safeguard Your Brand’s Identity appeared first on ...

US government puts cybersecurity at forefront with newly announced National Strategy

The National Cybersecurity Strategy was unveiled today by the Biden-Harris Administration. The Strategy recognizes that government must use all tools of national power in a coordinated manner to protect national security, public safety, and ...

MFA and Administrative Access Protection Are the Means. But to What End?

Every so often in cybersecurity it’s useful to reflect on things taken for granted and choices made — specifically why they were made and whether these things achieved their purpose. For example, let’s examine the use of MFA and the ...

New CISA Tool ‘Decider’ Maps Attacker Behavior to ATT&CK Framework

CISA has released a free and open source tool that makes it easier to map an attacker’s TTPs to the Mitre ATT&CK framework. The post New CISA Tool ‘Decider’ Maps Attacker Behavior to ATT&CK Framework appeared first on ...

February Cyber Roundup

Articles related to cyber risk quantification, cyber risk management, and cyber resilience. The post February Cyber Roundup appeared first on Security Boulevard.

Stop Leakage with Advanced Transaction Analytics

REGISTER NOW We live in a digital universe where an increasing number of businesses are adopting enterprise cloud applications unleashing new waves of opportunity. However, the cloud also presents the biggest business threats challenging ...

GitHub Secret Scanning Now Generally Available

GitHub this week made secret scanning generally available and free for all public repositories. The post GitHub Secret Scanning Now Generally Available appeared first on SecurityWeek.

BlackLotus UEFI bootkit disables Windows security mechanisms

ESET researchers have published the first analysis of a UEFI bootkit capable of circumventing UEFI Secure Boot, a critical platform security feature. The functionality of the bootkit and its features make researchers believe that it is a threat ...

Top 3 Security Incidents in Education Institutions and How To Prevent Them

Educational institutions are attractive to malicious actors for ... The post <strong>Top 3 Security Incidents in Education Institutions and How To Prevent Them</strong> appeared first on EasyDMARC. The post Top 3 Security ...

8 of the Biggest Ransomware Attacks in Recent History: A Look Back

Ransomware incidents have increased in frequency over the past several years, to the point where this method has become the weapon of choice for many bad actors, who can now launch attacks through ransomware service providers that resemble ...

Hacker’s Playbook Threat Coverage Roundup: Mar. 02, 2023

Check out our latest roundup highlighting newly added and updated coverage for several ransomware and malware variants, including ESXiArgs ransomware. The post Hacker’s Playbook Threat Coverage Roundup: Mar. 02, 2023 appeared first on ...

Uncovering the most pressing cybersecurity concerns for SMBs

In this Help Net Security video interview, James Edgar, CISO at Fleetcor, discusses what consequences SMBs are most concerned about when it comes to cyberattacks, what technology SMBs are most interested in, and much more. The post Uncovering the ...

7 Key Considerations When Implementing DevSecOps in Your Organization

Application Security has never been more important. If your organization is looking to improve security, then implementing DevSecOps in your organization should be a priority The post 7 Key Considerations When Implementing DevSecOps in Your ...

Moving target defense must keep cyber attackers guessing

A cybersecurity technique that shuffles network addresses like a blackjack dealer shuffles playing cards could effectively befuddle hackers gambling for control of a military jet, commercial airliner, or spacecraft, according to Sandia National ...

Don’t be fooled by a pretty icon, malicious apps hide in plain sight

Apps, whether for communication, productivity or gaming, are one of the biggest threats to mobile security, according to McAfee. The end of 2022 saw the release of some game-changing applications such as OpenAI’s ChatGPT chatbot and DALL-E 2 ...

Cyber resilience in focus: EU act to set strict standards

With the EU Cyber Resilience Act (CRA), the industry is dealing with one of the strictest regulatory requirements. Manufacturers, importers and even distributors of products with digital elements – in other words, anything with a microchip – ...

Internet Access, Privacy ‘Essential for Freedom’: Proton Chief

Proton, perhaps best known for its encrypted email service, sees its mission of ensuring privacy and online access as a vital tool in shoring up democracy in the digital age. The post Internet Access, Privacy ‘Essential for Freedom’: ...

Appdome ThreatScope Mobile XDR tracks Android and iOS attacks in real time

Appdome has released its next generation ThreatScope product, delivering Extended Detection and Response (XDR) for consumer mobile apps and brands globally. Mobile brands gain the power and agility of XDR to address any cyber, fraud and other ...