Application Security News and Articles
A vulnerability affecting IBM’s Aspera Faspex file transfer solution, tracked as CVE-2022-47986, has been exploited in attacks.
The post Recently Patched IBM Aspera Faspex Vulnerability Exploited in the Wild appeared first on SecurityWeek.
A recent survey released by Lynx Software Technologies reveals widespread adoption of DevSecOps practices across the mission-critical aerospace and avionics industries, particularly those related to government and defense. This high rate of ...
Articles related to cyber risk quantification, cyber risk management, and cyber resilience.
The post January Cyber Roundup appeared first on Security Boulevard.
Siemens and Schneider Electric address nearly 100 vulnerabilities across several of their products with their February 2023 Patch Tuesday advisories.
The post ICS Patch Tuesday: 100 Vulnerabilities Addressed by Siemens, Schneider Electric ...
Many organizations still need to find the Log4j vulnerability in their environment and address the risk. The news about Log4Shell, the vulnerability impacting the Apache Log4j software library, first burst onto the scene and became a headache for ...
Israeli startup Oligo Security raises $28 million to build technology to detect and mitigate open source code vulnerabilities.
The post Oligo Security Exits Stealth with $28M for AppSec, Open Source Security appeared first on SecurityWeek.
The healthcare sector was ranked in the top 3 verticals targeted by cybercriminals last year. Why are healthcare organizations, big and small, such attractive targets for ransomware gangs?
The post Does Poor Cybersecurity Affect Healthcare? ...
Citrix released patches for multiple vulnerabilities in Virtual Apps and Desktops, and Workspace apps for Windows and Linux.
The post Citrix Patches High-Severity Vulnerabilities in Windows, Linux Apps appeared first on SecurityWeek.
SAP has released 21 notes on February 2023 Security Patch Day, including three notes addressing high-severity vulnerabilities in SAP Start Service and BusinessObjects.
The post SAP’s February 2023 Security Updates Patch High-Severity ...
I’m so excited to share that I have joined Salt Security to head up the amazing engineering team here.
Over the years, I’ve had the fun of doing lots of different things – creating software and managing people in many industries and ...
Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.
The post ICS Vulnerabilities Chained for Deep Lateral Movement and Physical Damage appeared first ...
Introducing the Driving License Verification API It is common in India to ask for a driving licence for proof of identification be it for renting a house or giving away a bride, it is the longest-standing ID for Indians after Voter’s ID. By ...
As the head of IT, your job to keep your organization’s networks up and running and secure is a challenge in any environment—and even more so when you’re doing work for the Department of Defense (DoD). The aim of this blog is to help guide ...
The United States will soon get some long-awaited cybersecurity updates.
Related: Spies use Tik Tok, balloons
That’s because the Biden administration will issue the National Cyber Strategy within days. Despite lacking an official published ...
Have you ever gotten a call from the IRS? If you have, then you might be one of the thousands of people losing millions of dollars every year to IRS scam calls. These fraudulent calls, which claim to be from the Internal Revenue Service (IRS), ...
Vladislav Klyushin was found guilty on all charges against him, including wire fraud and securities fraud, after a two-week trial in federal court in Boston.
The post Russian Businessman Guilty in Hacking, Insider Trade Scheme appeared first on ...
Another year of high-profile cyberattacks, another year of beating the cybersecurity drums. Clearly, we’re missing a few notes. Attack surface management (ASM) is a make or break for organizations, but before we get to the usual list of best ...
Adam Shostack, the author of “Threat Modeling: Designing for Security”, and the co-author of “The New School of Information Security”, recently launched his new book – “Threats: What Every Engineer Should Learn From Star Wars”. ...
Last week, the Identity Defined Security Alliance (IDSA), a nonprofit that provides vendor-neutral resources to help organizations reduce the risk of a breach by combining identity and security strategies, announced Jeff Reich as the ...
There is a definite trend of MSPs shifting into security. There are a number of very good reasons for this, including the fact that other services traditionally offered are becoming commoditized, as well as the increasing threat that SMEs and ...