Application Security News and Articles


Who’s Behind the Botnet-Based Service BHProxies?

A security firm has discovered that a five-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies, which offers paying customers the ability to route their web traffic anonymously through ...

Twitter Much Slower After Elon Musk Predicted It Would “Feel Faster”

Recently I wrote about Tesla being in potential hot soup with regulators because of the CEO making false statements that seem to violate SOX. Well, take a look at Twitter, which looks more and more like the Tesla dumpster fire every day. Musk ...

What We Know About the New Oracle WebLogic Vulnerabilities

We are currently seeing an Oracle WebLogic vulnerability getting some attention as exploit code was published by multiple sources. Oracle provided patches on January 17, 2023 with the latest Critical Patch Update, so with exploit code publicly ...

Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnarav – ‘#230 – Quality Accountability’

via the respected Software Engineering expertise of Mikkel Noe-Nygaard as well as the lauded Software Engineering and Enterprise Agile Coaching talent of Luxshan Ratnarav at Comic Agilé! Permalink The post Comic Agilé – Mikkel ...

Financial Services Firm Reduces Threat Protection Response Time From 3 Hours to 30 seconds

A large global investment firm operates globally with over $7 trillion dollars in assets. It offers a wide variety of financial products to over 30 million retail investors that rely on this firm to manage their investment and retirement ...

‘See No Evil’ — Mozilla SLAMS Google’s App Privacy Labels

Google doesn’t want you to know what your Android apps do with your data. That seems to be the conclusion from a Mozilla study into the Play Store. The post ‘See No Evil’ — Mozilla SLAMS Google’s App Privacy Labels appeared first on ...

Automated severity scoring comes to the GitGuardian secrets detection platform!

This new feature automates assigning severity levels to each incident, allowing security teams to quickly identify the most critical ones and prioritize their response accordingly. The post Automated severity scoring comes to the GitGuardian ...

USENIX Security ’22 – Sheng Yu, Yu Qu, Xunchao Hu, Heng Yin – ‘DeepDi: Learning A Relational Graph Convolutional Network Model On Instructions For Fast And Accurate Disassembly’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Sheng Yu, Yu Qu, Xunchao Hu, Heng Yin ...

Innovation at the Expense of Cybersecurity? No More!

Earlier this month, Jen Easterly and Eric Goldstein of the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security signaled a major shift in the federal government’s approach to cybersecurity risk and ...

Code42 Instructor™ Leverages Teams to Send Micro-Trainings

Employees put files at risk every day – whether intentionally or unintentionally. While some of this risky activity is accidental, some is deliberate. Many employees ignore their company’s security protocols out of convenience. Others think ...

Oncore and Radware Partnership: Revolutionizing the Digital Transformation Landscape

The new partnership with industry leaders Oncore and Radware will help businesses achieve their digital transformation goals. The post Oncore and Radware Partnership: Revolutionizing the Digital Transformation Landscape appeared first on Radware ...

A Year of Conflict: Cybersecurity Industry Assesses Impact of Russia-Ukraine War

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact. The post A Year of Conflict: Cybersecurity Industry Assesses Impact of Russia-Ukraine War ...

Debunking Three Common Threat Modeling Myths

The benefits of threat modeling are significant. Not only does it provide a systematic process for evaluating potential threats to an organization’s system, but it also creates a framework for informed decision-making, ensuring the best use of ...

The Core Principles of the Zero-Trust Protection Model

The rapid pace of technological innovation has led to the development of numerous new and emerging technologies that have the potential to transform the way we live and work. These technologies, however, present new and significant challenges for ...

Okta Report Surfaces Progress on Shift to Zero-Trust

A report published this week by Okta suggested that organizations have significantly shifted allocation of budgets to ensure higher levels of security. Based on an anonymized analysis of how Okta customers allocated their cybersecurity budgets, ...

How to Prevent SQL Injection Attacks?

SQL injection has been troubling websites from over 17 years. It’s about time that you find out what it’s all about and how can you prevent SQL injection. The post How to Prevent SQL Injection Attacks? appeared first on Indusface. The post ...

Microsoft announces automatic BEC, ransomware attack disruption capabilities

Last year, Microsoft announced automatic attack disruption capabilities in Microsoft 365 Defender, its enterprise defense suite. On Wednesday, it announced that these capabilities will now help organizations disrupt two common attack scenarios: ...

How an Automated Onboarding API Can Streamline Your Business Processes

What does Automated Onboarding exactly mean? Definition: Automated onboarding is a process designed and scripted before user onboarding. It is an entire user or customer onboarding process that doesn’t require real-time human interaction and is ...

Threat Researchers Newsletter #7

Welcome to the latest edition of our monthly Threat Researchers newsletter! It's been a short month, but there have been no shortages from the threat landscape. In this edition, we'll cover the latest trends again, highlight recent high-profile ...

Tile Trackers Accountability Mode

One of the problems with tracking devices is that they can be used for good or for evil. When used for good, they can help you locate a stolen purse, a stolen car or bicycle, or even help you figure out where you misplaced your wallet. When used ...