Application Security News and Articles


GUEST ESSAY: Too many SMBs continue to pay ransomware crooks — exacerbating the problem

Well-placed malware can cause crippling losses – especially for small and mid-sized businesses. Related: Threat detection for SMBs improves Not only do cyberattacks cost SMBs money, but the damage to a brand’s reputation can also hurt growth ...

ChatGPT Vulnerability Scanner Is Pretty Good

Chris Koch demonstrated that ChatGPT found more vulnerabilities than Snyk.Continue reading on System Weakness »

ChatGPT Vulnerability Scanner Is Pretty Good

Chris Koch demonstrated that ChatGPT found more vulnerabilities than Snyk.Continue reading on Medium »

Google Protected Computing: Ensuring privacy and safety of data regardless of location

In this Help Net Security interview, Royal Hansen, VP of Engineering for Privacy, Safety, and Security at Google, talks about Protected Computing, the impact of data protection regulations, and privacy in general. Data protection regulations are ...

ChatGPT is bringing advancements and challenges for cybersecurity

Understanding why ChatGPT is garnering so much attention takes a bit of background. Up until recently, AI models have been quite “dumb”: they could only respond to specific tasks when trained on a large dataset providing context on what to ...

How advancing cyber education can help fill workforce gaps

The ongoing cybersecurity skills shortage is a critical issue plaguing organizations and causing serious problems. The lack of trained and qualified professionals in the field has resulted in numerous security breaches, leading to the loss of ...

When it comes to insider risk, the difference is human

We have a saying here at DTEX: the difference is human. We know that enterprise security is only achievable when the cyber strategy is underpinned by the human element – the only true perimeter of all. Our customers will attest to this, too. ...

Complexity, volume of cyber attacks lead to burnout in security teams

The rapid evolution of cybercrime is weighing on security teams substantially more than it did last year, leading to widespread burnout and potential regulatory risk, according to Magnet Forensics. “Digital forensics and incident response teams ...

ChatGPT for Offensive Security: Five Attacks

ChatGPT is an AI chatbot that uses Natural Language Processing (NLP) combined with the GPT-3 framework to provide human-like responses. NLP allows the model to… The post ChatGPT for Offensive Security: Five Attacks appeared first on Security ...

Understanding Software Bill of Materials (SBOM) and It’s Role in Software Supply Chain

In May 2021, the US government signed an Executive Order mandating that software suppliers selling to the government must include a Software Bill of Material… The post Understanding Software Bill of Materials (SBOM) and It’s Role in Software ...

Cybersecurity Mesh Architecture checklist for CISOs

CSMA improves a company's security posture without adding specialized products that operate in silos. Unify your products so they work as a security ecosystem. The post Cybersecurity Mesh Architecture checklist for CISOs appeared first on ...

USENIX Security ’22 – Jiarong Xing, Kuo-Feng Hsu, Yiming Qiu, Ziyang Yang, Hongyi Liu, Ang Chen – ‘Bedrock: Programmable Network Support for Secure RDMA Systems’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Jiarong Xing, Kuo-Feng Hsu, Yiming ...

GoDaddy Hosting Hacked — for FOURTH Time in 4 Years

GoDaddy’s web hosting service breached yet again. This time, the perps were redirecting legit websites to malware. The post GoDaddy Hosting Hacked — for FOURTH Time in 4 Years appeared first on Security Boulevard.

Kubernetes: The Cost of Doing It Wrong

I bike a lot. I bike long distances for exercise, I bike over mountains for meditative calm, I bike with friends to share an activity and a laugh (especially when that friend falls in an injury-free-and-hilarious way). I also bike to the store, ...

Randall Munroe’s XKCD ‘Data Quality’

via the comic artistry and dry wit of Randall Munroe, resident at XKCD! Permalink The post Randall Munroe’s XKCD ‘Data Quality’ appeared first on Security Boulevard.

Twitter Shuts Off Text-Based 2FA for Non-Subscribers

Twitter started a security ruckus over the weekend with the sudden decision to turn off text message/SMS method of two-factor authentication (2FA) for non-subscribers. The post Twitter Shuts Off Text-Based 2FA for Non-Subscribers appeared first ...

How Business Intelligence Tools Can Help GRC Teams Reach Beyond Compliance

A data analyst and a GRC professional walk into a bar…. Sounds like the start of a good joke? It doesn’t have to be. Compliance leaders know that the secret sauce to Compliance is data. Lots of it. But more importantly, Compliance leaders ...

USENIX Security ’22 – ‘FlowMatrix: GPU-Assisted Information-Flow Analysis through Matrix-Based Representation’

Complete Title: 'USENIX Security '22 - Kaihang Ji, Jun Zeng, Yuancheng Jiang, Zhenkai Liang, Zheng Leong Chua, Prateek Saxena, Abhik Roychoudhury -‘FlowMatrix: GPU-Assisted Information-Flow Analysis through Matrix-Based Representation’ Our ...

New Feature: NIST CSF Mitigation Recommendations

Articles related to cyber risk quantification, cyber risk management, and cyber resilience. The post New Feature: NIST CSF Mitigation Recommendations appeared first on Security Boulevard.

Coinbase Attack Linked to Group Behind Last Year’s Twilio, Cloudflare Hacks

Coinbase was recently targeted in a sophisticated phishing attack and the cryptocurrency exchange linked the hack to the 0ktapus group. The post Coinbase Attack Linked to Group Behind Last Year’s Twilio, Cloudflare Hacks appeared first on ...