Application Security News and Articles


The Lessons From Cyberwar, Cyber-in-War and Ukraine

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question the nature of modern warfare and the role of cyber in its operation. The post The Lessons From ...

5 Key Compliance Regulations Every Business Should Be Aware Of

Data privacy laws and compliance regulations are critical safeguards for protecting consumer and employee data from unnecessary exposure. By complying with these legal requirements, businesses can reduce the risk of legal action and financial ...

Shifting security left: Advice from Amazon Prime CISO Brian Lozada

It was wonderful getting the cloud security community together in New York City last Thursday. We were so thankful to have Brian Lozada, CISO Prime Video & Studios at Amazon join us for a brief Q&A with Lightspin CEO and Cofounder, Vladi ...

Understanding PCI DSS Compliance

According to the PCI Security Standards Council Prioritized Approach document, the Prioritized Approach provides a roadmap of compliance activities based on the risk associated with storing, processing, and transmitting cardholder data. Approved ...

3.3 Million Impacted by Ransomware Attack at California Healthcare Provider

The personal and health information of more than 3.3 million individuals was stolen in a ransomware attack at Regal Medical Group. The post 3.3 Million Impacted by Ransomware Attack at California Healthcare Provider appeared first on SecurityWeek.

Vulnerabilities open Korenix JetWave industrial networking devices to attack

Three vulnerabilities found in a variety of Korenix JetWave industrial access points and LTE cellular gateways may allow attackers to either disrupt their operation or to use them as a foothold for further attacks, CyberDanube researchers have ...

City of Oakland Hit by Ransomware Attack

The City of Oakland has disclosed a ransomware attack that impacted several non-emergency systems. The post City of Oakland Hit by Ransomware Attack appeared first on SecurityWeek.

The State of Threat Detection and Response

Security teams shoulder the enormous responsibility of protecting their organization from attacks that could compromise data, ruin brand trust and result in costly damages. In my more than ten years as a security analyst, engineer and now founder ...

SynSaber Report Brings More Context to ICS Security

An analysis of three years of vulnerabilities found in industrial control systems (ICS) published by SynSaber, a provider of an ICS monitoring platform, found that while there may be no patches available, many affected systems are no longer being ...

When Will the First ChatGPT-Based Cyberattacks Launch?

It’s evident that many cybersecurity and IT professionals have mixed feelings about AI in general and ChatGPT in particular. According to a recent study from BlackBerry, while eight in ten decision makers said they plan to invest in AI-driven ...

How To Demonstrate Backup Compliance. A Practical Guide

Compliance to industry standards and regulatory mandates can absorb a huge amount of time. Organizations need to verify they comply with the different requirements of security frameworks and regulations such as CIS, NIST, PCI DSS, ISO, and ...

Cybersecurity Firm Group-IB Repeatedly Targeted by Chinese APT

Cybersecurity company Group-IB claims it was repeatedly targeted by a Chinese APT called Tonto Team, CactusPete, and Karma Panda. The post Cybersecurity Firm Group-IB Repeatedly Targeted by Chinese APT appeared first on SecurityWeek.

OWASP Top 10: Cryptographic failures

Listed as #2 on the OWASP Top 10 list, cryptographic failures expose sensitive data due to a lack of or weak encryption. The post OWASP Top 10: Cryptographic failures appeared first on Security Boulevard.

Play Ransomware Group Claims Attack on A10 Networks

The Play ransomware group has claimed responsibility for a cyberattack on application delivery controller maker A10 Networks The post Play Ransomware Group Claims Attack on A10 Networks appeared first on SecurityWeek.

Cybersecurity M&A Roundup: 40 Deals Announced in January 2023

Forty cybersecurity-related M&A deals were announced in January 2023. The post Cybersecurity M&A Roundup: 40 Deals Announced in January 2023 appeared first on SecurityWeek.

DHL, MetaMask phishing emails target Namecheap customers

A surge of phishing emails impersonating DHL and MetaMask have started hitting inboxes of Namecheap customers last week, attempting to trick recipients into sharing personal information or sharing their crypto wallet’s secret recovery ...

SecurityWeek Cyber Insights 2023 Series

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present new and expanded risk for cybersecurity teams in 2023 and beyond. The post SecurityWeek ...

GUEST ESSAY: Wise precautions companies can take to prevent data loss in the wake of layoffs

When a company announces layoffs, one of the last things most employees or even company owners worry about is data loss. Related: The importance of preserving trust in 2023 Valuable or sensitive information on a computer is exposed to theft … ...

What is MDR? A Guide to Managed Detection and Response Services

What is MDR and are these solutions the right answer for your cyber security needs? Find out what they involve and how they work. The post What is MDR? A Guide to Managed Detection and Response Services appeared first on Security Boulevard.

Cloud vs. DevOps Engineer: How They Affect Your Business’s Growth

Quick Summary:As you venture deeper into the tech industry, the job titles get more cryptic. In addition, different organizations have very different functions that are linked with the same title. You would get twenty different responses if you ...