Application Security News and Articles


Germany Appoints Central Bank IT Chief to Head Cybersecurity

Germany appointed Claudia Plattner to lead its cybersecurity agency, months after her predecessor was removed following reports of possible problematic ties to Russia. The post Germany Appoints Central Bank IT Chief to Head Cybersecurity appeared ...

A Primer on Firewall Policy Management

Managing your firewall policy remains a critical cybersecurity task, but the challenges are more complex than ever. With users accessing a slew of cloud-hosted SaaS apps and other cloud services, facilitating user productivity while managing ...

Insider Risk – Where do Enterprises Stand and Where are They Going?

“Identity is about establishing trust, while insider risk is what happens when the trust chain is broken. That trust chain might be someone to whom you have willingly given credentials or a trusted employee who has shared credentials or, worse, ...

USENIX Security ’22 – Savino Dambra, Iskander Sanchez-Rola, Leyla Bilge, Davide Balzarotti – ‘When Sally Met Trackers: Web Tracking From the Users’ Perspective’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Savino Dambra, Iskander Sanchez-Rola, ...

Splunk: Cybercriminals Use These Types of TTPs

A report published by Splunk that analyzed three years of data showed a marked increase in the number of cyberattacks that employ four specific types of techniques. Based on analysis of data collected from 2020 to 2022, the report found a steady ...

SafeBreach Helps Tidal Cyber Users Implement Threat-Informed Defense

Learn how the Tidal Product Registry™ maps SafeBreach’s breach and attack simulation platform coverage to the MITRE ATT&CK knowledge base. The post SafeBreach Helps Tidal Cyber Users Implement Threat-Informed Defense appeared first on ...

C-SCRM: We’re from the government — and we’re here to help with software supply chain security

The post C-SCRM: We’re from the government — and we’re here to help with software supply chain security appeared first on Security Boulevard.

The Importance of Reverse Engineering in Network Analysis

Comprehensive research is required to create the best detection rule for a new vulnerability or threat. But what does ‘best’ mean? Well, the interpretation of ‘best’ depends on what we know about the vulnerability, but sometimes key ...

OpenSSL Ships Patch for High-Severity Flaws

The most serious of the vulnerabilities may allow an attacker to read memory contents or launch denial-of-service exploits. The post OpenSSL Ships Patch for High-Severity Flaws appeared first on SecurityWeek.

Netography Detection Model Release – February 7, 2023

The Netography Threat Research Team has released its latest detections. Netography Detection Models (NDMs) detect botnets, malware, P2P, data exfiltration, ransomware, phishing, SPAM, DDoS activity, and more. The post Netography Detection Model ...

Robert M. Lee’s & Jeff Haas’ Little Bobby Comic – ‘WEEK 418’

via the respected security expertise of Robert M. Lee and the superlative illustration talents of Jeff Haas at Little Bobby Comic Permalink The post Robert M. Lee’s & Jeff Haas’ Little Bobby Comic – ‘WEEK 418’ ...

How to start a career in cyber security (or anything else)

Photo by Andrea De Santis on Unsplash I was asked again today by someone just starting out, how to start a career in cyber security. What did I do, and should they do the same? The answer: Don’t follow my path. My path has so far taken me ...

How information technology modernization can ‘future proof’ NATO

How information technology modernization can ‘future proof’ NATO Baking security into applications undergirding the infrastructure of NATO’s IT will help ensure superior logistics, communications and force projection.

Beating the Demon of Self-doubt: Embracing Imposter Syndrome as a Hacker

Learn how as a hacker to beat down the demon of self-doubt and embrace imposter syndrome as a healthy signal for motivation and drive. The post Beating the Demon of Self-doubt: Embracing Imposter Syndrome as a Hacker appeared first on Dana Epp's ...

Want a True Assessment Of Your Software Risk? Start With Our Guide

As valuable as software is for business, it’s also a source of continuous risk for organizations. A software risk assessment is essential to address these issues, which can leave an organization vulnerable to cybersecurity attacks, license ...

USENIX Security ’22 – Andrew Chu, Arjun Arunasalam, Muslum Ozgur Ozmen, Z. Berkay Celik – ‘Behind The Tube: Exploitative Monetization Of Content On YouTube’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Andrew Chu, Arjun Arunasalam, Muslum ...

Attackers are searching for online store backups in public folders. Can they find yours?

Too many online store administrators are storing private backups in public folders and exposing database passwords, secret API keys, administrator URLs and customer data to attackers who know where to look. “Exposed secrets have been used ...

Compliance with CCOP Identity Protection Requirements Made Easy with Silverfort

The Cybersecurity Code of Practice for Critical Information Infrastructure 2.0 is an enhancement of the first version that was released in 2018 This Code is intended to specify the minimum cybersecurity requirements that organizations that ...

The Rise of Script Kiddies: Where Inexperience Meets Opportunity

For the generation of children growing up today, advanced technology has been integrated into their lives since they were born. With 2020 YouGov statistics showing that 85% of six-year-olds have access to a tablet at home and, by age 17, only 4% ...

5 Places Ransomware and Malware Can Hide That You May Never Check

While many cybercriminals execute data breaches and attacks in a matter of hours or less, others prefer a long-haul approach to harvesting sensitive and protected information over time. The recent surge in social engineering and advanced ...