Application Security News and Articles
Cybercriminals are delivering stealthy cryptojacking malware to Macs using pirated apps and they could use the same method for other malware.
The post Stealthy Mac Malware Delivered via Pirated Apps appeared first on SecurityWeek.
Over 1,000 cybersecurity funding announcements were made in 2022, and startups raised $79 billion across more than 4,200 deals since 2018.
The post Cybersecurity VC Funding Topped $18 Billion in 2022: Report appeared first on SecurityWeek.
The European Union’s executive branch has banned TikTok from phones used by employees as a cybersecurity measure, reflecting widening worries over the Chinese-owned video app.
The post TikTok Banned From EU Commission Phones Over Cybersecurity ...
Is there a better option than VPN? Virtual Private Networks (VPN) have been widely used as a solution for secure remote access for decades. However, as organizations have come to rely more fully on remote access as a strategic part of their ...
As cyberattacks rise, software organizations must proactively reduce vulnerabilities and ‘shift left’ to harden their entire software delivery life cycle (SDLC). However, most organizations cannot afford to have their security measures ...
Executive Summary Menlo Labs has uncovered an unknown threat actor that’s leveraging an evasive threat campaign distributed via Discord that features the PureCrypter downloader and targets government entities. The PureCrypter campaign uses the ...
Does this sound familiar? You’ve gotten your Report on Compliance (RoC), but you’re dreading the next assessment because you know […]
The post Can’t Stay PCI Compliant? Consider a PCI Charter appeared first on Security Boulevard.
In this blog, we will discuss what GDPR compliance entails and provide tips on how to create an effective GDPR data protection policy.
The post How to Create a GDPR Data Protection Policy appeared first on Scytale.
The post How to Create a GDPR ...
Organizations often either have weak credential policies or don’t enforce them, making it easy for attackers to use legitimate credentials to log in—or live off the land—rather than using topflight tools to hack their way into systems. ...
By Vasco Franco In part one of this two-part series, we escaped Webviews in real-world misconfigured VSCode extensions. But can we still escape extensions if they are well-configured? In this post, we’ll demonstrate how I bypassed a Webview’s ...
As cybersecurity continues to become a more significant focus for organizations, other C-suite leaders must get up to speed on cyber risks and their impact on the organization's success. Traditionally, the Chief Information Officer, or CIO, is ...
A Russian malware developer behind the NLBrute brute-forcing tool has been extradited to the United States from Georgia.
The post Russian Accused of Developing NLBrute Malware Extradited to US appeared first on SecurityWeek.
A new Acunetix Premium update has been released for Windows and Linux: 15.4 This Acunetix release improves the default roles. Acunetix offers role-based access control (RBAC) to efficiently manage user access. Thanks to RBAC, you can limit or ...
The Aspen Institute has published a good analysis of the successes, failures, and absences of cyberattacks as part of the current war in Ukraine: “The Cyber Defense Assistance Imperative Lessons from Ukraine.”
Its conclusion:
Cyber ...
The economic downturn predicted for 2023 will lead to layoffs but cybersecurity workers will be least affected, says the latest (ISC)² report. Also, as soon as things get better, they will likely be the first ones to get (re)hired. Execs have ...
Listen now (51 min) | Season Two, Episode Three: Approachable
The post Adopting Zero Trust with Author George Finney appeared first on Security Boulevard.
Join this webinar to gain clear advice on the people, process and technology considerations that must be made at every stage of an OT security program’s lifecycle.
The post Webinar Today: Building Sustainable OT Cybersecurity Programs appeared ...
As hard as it is to admit, cybercrime is a serious worldwide problem. In fact, the global volume of cyber attacks reached an all-time high in Q4 2022 with nearly 1,200 weekly attacks per organization. Overall, 2022 witnessed a 38% jump in cyber ...
Rezilion uncovered the presence of hundreds of Docker container images containing vulnerabilities that are not detected by most standard vulnerability scanners and SCA tools. The research revealed numerous high-severity/critical vulnerabilities ...
We’re excited to release an important piece of research today about dangerous vulnerabilities hiding in container images that are commonly used and found in organizations around the world. The report, titled “Hiding in Plain Sight: Hidden ...