Application Security News and Articles


Thousands of unpatched VMware ESXi servers hit by ransomware via old bug (CVE-2021-21974)

Late last week, unknown attackers launched a widespread ransomware attack hitting VMware ESXi hypervisors via CVE-2021-21974, an easily exploitable vulnerability that allows them to run exploit code remotely, without prior authentication. Patches ...

Cyber Insights 2023 | Zero Trust and Identity and Access Management

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and everything, everywhere and anytime. The post Cyber Insights 2023 | Zero Trust and Identity and Access ...

Cyber Insights 2023 | The Coming of Web3

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more. The post Cyber Insights 2023 | The Coming of Web3 appeared first on SecurityWeek.

What Cybersecurity Metrics Should I Report to My Board?

Articles related to cyber risk quantification, cyber risk management, and cyber resilience. The post What Cybersecurity Metrics Should I Report to My Board? appeared first on Security Boulevard.

European Police Arrest 42 After Cracking Covert App

European police arrested 42 suspects and seized guns, drugs and millions in cash, after cracking another encrypted online messaging service used by criminals. The post European Police Arrest 42 After Cracking Covert App appeared first on ...

Florida Hospital Cancels Procedures, Diverts Patients Following Cyberattack

Tallahassee Memorial HealthCare was forced to cancel procedures and divert patients after taking systems offline following a Thursday night cyberattack. The post Florida Hospital Cancels Procedures, Diverts Patients Following Cyberattack appeared ...

Fortra zero day, Tallahassee hospital cyberattack, sneaky fraudulent apps

Fortra zero day, Tallahassee hospital cyberattack, sneaky fraudulent apps Hackers exploit zero-day in Fortra's MFT, cyberattack hits Tallahassee hospital, CryptoRom apps slip through Apple, Google Store

VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021. The post VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability appeared first on ...

SaaS in the Real World: Who's Responsible to Secure this Data?

SaaS in the Real World: Who's Responsible to Secure this Data? Learn about the risks of SaaS data security and how to protect it with expert advice and tips.

Yet More ImageMagick Vulnerabilities

ImageMagick is a popular open-source image manipulation library used by many websites and software applications to process and display images. A couple of vulnerabilities have recently been discovered in ImageMagick by MetabaseQ. Two ...

Union Budget 2023: How simplified KYC helps with Digital Customer Onboarding

How did Union Budget 2023 address Financial Services in India? Finance Minister Nirmala Sitharaman advocated for the simplification of Know Your Customer (KYC) processes for financial services in a Budget speech that placed a broad emphasis on ...

What does PCI DSS 4.0 mean for API

What does PCI DSS 4.0 mean for API What does PCI DSS 4.0 mean for API. Professional Security magazine online - an essential read for everyone in the security industry.

Why is Aadhaar Masking important?

The masked Aadhaar is a variant form of Aadhaar that the Unique Identification Authority of India (UIDAI) developed after taking into account the issue of data privacy for individuals. Read through to know more about what it is. What is a Masked ...

While governments pass privacy laws, companies struggle to change

Government agencies keep making new privacy rules while end users fall victim to malpractice and scams. Bill Tolson, VP of Compliance and eDiscovery at Archive360, has spent many years consulting with regulators and advising businesses on ...

Trends that impact on organizations’ 2023 security priorities

Although ransomware campaigns declined quarter over quarter in 2022, primarily due to the collapse of more experienced cybercriminal groups, IT leaders still consider them to be the most worrying cyber threats. “Aside from ransomware and the ...

Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass

The attacks on password managers and their users continue as Bitwarden and 1Password users have reported seeing paid ads for phishing sites in Google search results for the official login page of the password management vendors. Not only that, a ...

What a perfect day in data privacy looks like

Everyone wants extraordinary online experiences without sacrificing the security of their personal information. Yet according to Ping Identity’s 2022 Consumer Survey, 77% of people feel they will never be in full control of their privacy online ...

Nevada Ransomware has released upgraded locker

Resecurity has identified a new version of Nevada Ransomware which recently emerged on the Dark Web right before the start of 2023. The actors behind this new project have an affiliate platform first introduced on the RAMP underground community, ...

Splashtop Antivirus powered by Bitdefender helps businesses protect their endpoints

Splashtop launched Splashtop Antivirus powered by Bitdefender, enabling MSPs and IT teams to protect their endpoints against threats with the benefit of a centralized management experience. The latest offering elevates Splashtop’s ...

Let’s Talk About the Upside of Quantum Computing

The promise of quantum computing is tantalizing. Once quantum machines become sufficiently powerful, tasks that would have taken hundreds or thousands of years using traditional binary computers might instead be completed in days or even ...