Application Security News and Articles
Security researchers and Nuspire’s Threat Intelligence Team have recently identified an increase in threat actors’ use of Microsoft OneNote to deliver info-stealing remote access trojans (RATs). Here’s what you need to know. What’s going ...
When we hear about bad actors on a compromised system for 200+ days, we wonder how they survived for so long. Often they hide in common misconfigurations. Paula Januszkiewicz, CEO of Cqure returns to The Hacker Mind to explain.
The post The ...
Blog post originally posted on MSSP Alert
Traditionally, compliance and security teams have worked independently, often in silos with separate budgets and disparate data and tools, making collaboration and effective decision-making difficult, ...
Credential theft is when hackers use the logins and passwords of active users to gain access to sensitive & private data. Learn about credential theft with Grip
The post Credential Theft: Protecting the SaaS Service Layer appeared first on ...
Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel.
Permalink
The post USENIX Security ’22 – Yi He, Zhenhua Zou, Kun Sun, Zhuotao ...
| Eureka Security
The post Google Fi Data Breach: A Lesson in Cloud Visibility | Eureka Security appeared first on Security Boulevard.
via the comic artistry and dry wit of Randall Munroe, resident at XKCD!
Permalink
The post Randall Munroe’s XKCD ‘Electron Color’ appeared first on Security Boulevard.
SpecterOps has released Ghostwriter v3.2 with some significant enhancements we think you’ll like. We overhauled how you interact with operation logs and added support for tagging clients, projects, reports, findings, evidence files, domains, ...

Confused about exactly what “automation” means in the world of application scanning tools? You’re not alone. From executing automatic security checks to scheduling when scans are launched, here’s a breakdown of the many ways automation ...
Late-stage California startup Skybox Security turns the reins over to former Digital Guardian chief executive Mordecai Rosen.
The post Skybox Security Raises $50M, Hires New CEO appeared first on SecurityWeek.
Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel.
Permalink
The post USENIX Security ’22 – George Kappos, Haaroon Yousaf, Rainer ...
An alleged Chinese surveillance balloon over the United States last week sparked a diplomatic furore and renewed fears over how Beijing gathers intelligence on its largest strategic rival.
The post Spies, Hackers, Informants: How China Snoops on ...

Ron Vider shares Oxeye Security's AppSec 2023 predictions, including the convergence of AppSec and CloudSec, a greater C-Suite demand for visibility into risk contributions of apps and the teams that build them, a demand for clearer ...
What differentiates a CIEM solution from other cloud security platforms, and how should a CIEM be used in an organization? Read on to find out.
The post How to Implement CIEM – A Checklist appeared first on Ermetic.
The post How to Implement ...
Australian authorities sentence Sydney man for using leaked data stolen from wireless carrier Optus to conduct SMS scams.
The post Australian Man Sentenced for Scam Related to Optus Hack appeared first on SecurityWeek.
The first stable release of Chrome 110 brings 15 security fixes, including 10 for externally reported vulnerabilities.
The post Chrome 110 Patches 15 Vulnerabilities appeared first on SecurityWeek.
While there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in a self-service manner are becoming increasingly popular.
The post Application ...
Using 2FA to secure your WordPress website is by far one of the best security measures you can take. It adds an additional layer of security while being very easy to set up. Furthermore, it has a proven track record of stopping the vast majority ...
The average attack surface is growing rapidly, putting businesses at risk. Here are a few attack surface management tools to mitigate risk in 2023.
The post The Top 3 Attack Surface Management Tools for 2023 appeared first on Security Boulevard.
APOLLO Insurance, Canada's leading online insurance company for small businesses and individuals, trusts DataDome to stop bots from price scraping and filling out forms.
The post APOLLO Insurance Ends Competitive Price Scraping With DataDome ...