Application Security News and Articles
About 10 years ago, security was relatively simple because everything occurred on premises. Change releases were tightly controlled by a change ticket and review process. In contrast, current networks consist of auto-scaling containers that run ...
If a sophisticated hacker targeted your organization tomorrow, how prepared are you to prevent, detect, or recover from that breach?
Without a solid understanding of your current cybersecurity systems, weaknesses, and maturity level, you will ...

Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond. This week: CISA’s newest office is ...
Google has released the first Android 14 developer preview and has announced some of the security improvements the platform update will include.
The post Google Describes Privacy, Security Improvements in Android 14 appeared first on SecurityWeek.
DataDome's new real-time threat dashboard displays global attacks on your endpoints as they're happening, helping you understand how bad bot traffic affects your business.
The post Introducing the DataDome Real-Time Threat Dashboard appeared ...
Gamification is a powerful thing. Applying elements of gaming—like rules, score-keeping and friendly competition—to other activities is a solid strategy for boosting engagement and motivation. Take Pokemon Go, for example, which inadvertently ...
Multiple XSS vulnerabilities in popular document management system (DMS) products could allow attackers to access sensitive documents.
The post Vulnerabilities in Popular DMS Products Can Expose Sensitive Documents appeared first on SecurityWeek.
The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.
The post Android’s February 2023 Updates Patch 40 Vulnerabilities appeared first on SecurityWeek.
The Avast Threat Labs Q4 2022 Threat Report observed a rise in social engineering attacks during the final quarter of 2022, including invoice and refund fraud, tech support scams, and others aimed at stealing money. Cybercriminals continued to ...
Russia-linked financially motivated threat actor TA866 targeting companies with custom malware, including a screenlogger, a bot, and an information stealer
The post Cybercrime Gang Uses Screenlogger to Identify High-Value Targets in US, Germany ...
The Super Bowl–where football legends rise, and brands test their grit. A showcase of the fiercest competition and advertising muscle. We tune in for the NFL’s top talent and brands’ blockbuster ads, but what goes on behind the scenes? ...
Last December, the team looked at various topics related to the field of cyber and information security. One thing is for certain: cybersecurity is not monolithic—there are so many facets of cybersecurity, each with its own challenges and ...
A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.
The post Vulnerability Allows Hackers to Remotely Tamper With Dahua Security Cameras appeared first on SecurityWeek.
ASCON is the name of the group of lightweight authenticated encryption and hashing algorithms that the U.S. National Institute of Standards and Technology (NIST) has chosen to secure the data generated by Internet of Things (IoT) devices: ...
Here are a few of the key benefits of ISO 27001 certification.
The post <strong>5 Key Benefits of ISO 27001 Certification</strong> appeared first on Scytale.
The post 5 Key Benefits of ISO 27001 Certification appeared first on ...
There have been some new developments in the case of the ESXiArgs ransomware attacks, including related to the encryption method used by the malware, victims, and the vulnerability exploited by the hackers. After the US Cybersecurity and ...
The big question is why Enron, “the most innovative company in America“, ever got caught and held accountable for the thing Elon Musk does constantly: lie and defraud people. …Times story carried a quote from the closing arguments of the ...
As a new year commences, it’s not unusual for people to take the opportunity to adopt better practices and principles and embrace new ways of thinking in both their personal and professional lives. Software development teams always strive to ...
TikTok and Lensa AI have sparked worldwide conversations on the future of social media and consumer data privacy. In this Help Net Security video, Rick McElroy, Principal Security Strategist at VMware, offers a perspective on these trends, ...
Are you leaving your APIs vulnerable to attacks? OWASP revealed that Broken Object Level Authorization is among the top 10 most critical API security risks list
The post OWASP API1: 2019 – Broken Object Level Authorization appeared first on ...