Application Security News and Articles
China-linked cyberespionage toolkits are popping up in ransomware attacks, forcing defenders to rethink how they combat state-backed hackers.
The post Chinese APT Tools Found in Ransomware Schemes, Blurring Attribution Lines appeared first on ...
NioCorp Developments has informed the SEC that it lost $0.5 million after its systems were compromised.
The post Mining Company NioCorp Loses $500,000 in BEC Hack appeared first on SecurityWeek.
Compliance & Privacy Specialist McKesson | Remote – View job details As a Compliance & Privacy Specialist, you will identify potential gaps, establish and maintain policies and procedures to guide the business in complying ...
Authors/Presenters: Mark Foudy
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the ...
Runa launched Runa Assure, a security suite specifically built to fortify payout processes against threats of fraud, cyberattacks, and compliance risks. Runa Assure was purpose-built for instant payout methods, including gift cards, prepaid, and ...
Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a scanner for pull requests), and a malicious code detection ruleset for ...
During red team operations, stealth is a critical component. We spend a great deal of time ensuring our payloads will evade any endpoint detection and response (EDR) solution, our traffic is obfuscated and hard to trace, and our commands will ...
Cyber insurance used to be an optional safety net. Now? It’s a must-have. With ransomware, data breaches, and cyberattacks on the rise, companies need protection against financial losses. But here’s...
The post How CTEM Impacts Cyber Security ...
AI systems can sometimes struggle with complex or nuanced situations, so human intervention can help identify and address potential issues that algorithms might not.
The post AI Can Supercharge Productivity, But we Still Need a Human-in-the-Loop ...
Cybersecurity professionals continue to command high salaries, but there are rising concerns over career growth, workplace flexibility and retention in the industry, according to a report from IANS Research and Artico Search.
The post ...
CrowdStrike launched Charlotte AI Detection Triage, a platform based on agentic AI, which automates detection triage — the aim is to reduce workloads for security operations centers (SOCs).
The post CrowdStrike Charlotte AI Detection Triage ...
Atlassian has released patches for 12 critical- and high-severity vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd, and Jira.
The post Atlassian Patches Critical Vulnerabilities in Confluence, Crowd appeared first on SecurityWeek.
CISA and the FBI warn organizations of attacks employing the Ghost (Cring) ransomware, operated by Chinese hackers.
The post CISA, FBI Warn of China-Linked Ghost Ransomware Attacks appeared first on SecurityWeek.
Dilemma of Traditional Automated Penetration Testing Penetration testing has always been the core means of offensive and defensive confrontation for cybersecurity. However, traditional automatic penetration tools face three major bottlenecks: ...
Versa Networks today announced the general availability of Versa Sovereign SASE (secure access service edge) deployment model.
The post Versa Networks’ Sovereign SASE Targets Nation-State Threats With On-Prem Architecture appeared first on ...
Scytale earns its spot on G2's Best GRC Software Products 2025 list, solidifying our position as a top compliance and security leader.
The post Scytale Named a 2025 G2 Best GRC Software Winner appeared first on Scytale.
The post Scytale Named a ...
Proof-of-concept (PoC) code and technical details on four critical-severity Ivanti EPM vulnerabilities are now available.
The post PoC Exploit Published for Critical Ivanti EPM Vulnerabilities appeared first on SecurityWeek.
A new, improved version of Darcula, a cat-themed phishing-as-a-service (PhaaS) platform aimed at serving Chinese-speaking criminals, will be released this month and will allow malicious users to create customized phishing kits to target a wider ...
US military health benefits program administrator HNFS to pay $11 million in settlement over its false claims of cybersecurity compliance.
The post US Military Health Provider HNFS Pays $11M in Settlement Over Cybersecurity Failures appeared ...
The team at CyberSaint is thrilled to announce the latest additions and updates to the CyberStrong solution. To start, we’re expanding Phase 1 of Asset Management with custom types and attributes. Additionally, we’ve added status updates, ...
