Application Security News and Articles
Learn how to achieve compliance with PCI DSS 4.0 Requirements 6.4.3 and 11.6.1. Our comprehensive guide covers script management, change detection, and practical steps to meet the March 2025 deadline.
The post PCI DSS Requirements 6.4.3 and ...
SecurityWeek speaks with Kevin Winter, Global CISO at Deloitte, and Richard Marcus, CISO at AuditBoard.
The post CISO Conversations: Kevin Winter at Deloitte and Richard Marcus at AuditBoard appeared first on SecurityWeek.
With a global AI race underway, mobile app security is not optional - it’s a necessity. A recent security audit of the DeepSeek iOS application revealed significant vulnerabilities that put user data at risk. These weaknesses, including ...
Fortinet today expanded the scope of its platform for security operations center (SOC) teams to add generative artificial intelligence (GenAI) capabilities, along with additional integrations with third-party platforms and other Fortinet ...
Echoworx has unveiled its “Manage Your Own Keys” (MYOK) feature, powered by AWS Key Management Service (AWS KMS), an Amazon Web Services (AWS) service. This solution gives businesses greater control over sensitive data by allowing them to ...
Blockaid raises $50 million in Series B funding to scale operations to meet demand for its blockchain application security platform.
The post Blockaid Raises $50 Million to Secure Blockchain Applications appeared first on SecurityWeek.
The latest OpenSSH update patches two vulnerabilities, including one that enabled MitM attacks with no user interaction.
The post OpenSSH Patches Vulnerabilities Allowing MitM, DoS Attacks appeared first on SecurityWeek.
Venture capital firm Insight Partners has been targeted in a cyberattack that involved unauthorized access to its information systems.
The post VC Company Insight Partners Hacked appeared first on SecurityWeek.
Google and Mozilla resolve high-severity memory safety vulnerabilities with the latest Chrome and Firefox security updates.
The post Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
A recently identified macOS infostealer named FrigidStealer has been distributed through a compromised website, as a fake browser update.
The post New FrigidStealer macOS Malware Distributed as Fake Browser Update appeared first on SecurityWeek.
Admeritia has launched Cyber Decision Diagrams, a free tool designed to help organizations manage complex decisions related to ICS/OT cybersecurity.
The post Free Diagram Tool Aids Management of Complex ICS/OT Cybersecurity Decisions appeared ...
Lee Enterprises has shared more details on the recent cyberattack, saying the attackers encrypted and stole files.
The post Lee Enterprises Newspaper Disruptions Caused by Ransomware appeared first on SecurityWeek.
Mandiant warns that multiple Russian APTs are abusing a nifty Signal Messenger feature to surreptitiously spy on encrypted conversations.
The post How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying ...
Edge Delta announced its Security Data Pipelines. This solution empowers security teams to process, analyze, and act on security data faster and more efficiently than ever before. By enabling real-time data processing and enrichment, Edge ...
Pangea announced AI Guard and Prompt Guard to secure AI, defending against threats like prompt injection and sensitive information disclosure. Alongside the company’s existing AI Access Control and AI Visibility products, Pangea now offers ...
Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks’ firewalls, are ramping up. “GreyNoise now sees 25 malicious IPs ...
Veeam Software announced it’s bringing recovery orchestrator to Microsoft Hyper-V customers as part of the Veeam Data Platform. Veeam Recovery Orchestrator simplifies and automates the disaster recovery planning, testing, and execution process. ...
Kunai is an open-source tool that provides deep and precise event monitoring for Linux environments. “What sets Kunai apart is its ability to go beyond simple event generation. While most security monitoring tools rely on syscalls or kernel ...
The cybersecurity startup landscape is at a crossroads. As venture-backed companies strive for successful exits, the bar has risen dramatically, requiring more funding, higher revenue, and faster growth than ever before. In this Help Net Security ...
Cybersecurity advice is everywhere. We’re constantly reminded to update our passwords, enable two-factor authentication, and avoid clicking suspicious links. Yet, beneath these practical steps lie deeper cyber hygiene habits that, despite their ...
