Application Security News and Articles
Former RNC official Sean Cairncross has been nominated for the post of National Cyber Director to streamline the US cybersecurity strategy.
The post Sean Cairncross is Trump Nominee for National Cyber Director appeared first on SecurityWeek.
Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) accounts. “While Device Code Authentication attacks are not new, ...
Ransomware continues to be a formidable threat in the cybersecurity landscape, evolving in complexity and sophistication. It is a type of malicious software that encrypts a victim’s files or restricts access to their system, demanding payment ...
Malware, a contraction of “malicious software,” encompasses any intrusive program developed by cybercriminals to compromise data integrity, damage systems, or gain unauthorized access. This broad category includes viruses, ransomware, ...
In December Azul announced that the integrated risk management practices for its OpenJDK solutions fully support the requirements of the European Union’s Digital Operational Resilience Act (DORA) provisions. The stability, resilience and ...
With 2025 in full swing, it's clear this year will be transformational as the open source landscape continues to evolve faster than ever. Helping developers navigate this environment is why Sonatype exists, and we view the relationships we have ...
Check out best practices for preventing buffer overflow attacks. Plus, Europol offers best practices for banks to adopt quantum-resistant cryptography. Meanwhile, an informal Tenable poll looks at cloud security challenges. And get the latest on ...
In the latest edition of “Rising Tides” we talk with Lesley Carhart, Technical Director of Incident Response at Dragos.
The post Rising Tides: Lesley Carhart on Bridging Enterprise Security and OT—and Improving the Human Condition appeared ...
Meta received close to 10,000 vulnerability reports and paid out over $2.3 million in bug bounty rewards in 2024.
The post Meta Paid Out Over $2.3 Million in Bug Bounties in 2024 appeared first on SecurityWeek.
Speed is everything in the modern business world. Our attention spans are shorter than ever, consumers demand short and seamless interactions, and the slightest delay in service delivery can see organizations fall far behind their competitors. ...
Donald Trump and Elon Musk’s chaotic approach to reform is upending government operations. Critical functions have been halted, tens of thousands of federal staffers are being encouraged to resign, and congressional mandates are being ...
Noteworthy stories that might have slipped under the radar: Google pays $10,000 bug bounty for YouTube vulnerability, Cybereason CEO sues two investors, Otorio launches new OT security tool.
The post In Other News: $10,000 YouTube Flaw, ...
Choosing the right DMARC tool is essential for protecting your domain from email spoofing and phishing attacks. Explore the top DMARC tools and their features.
The post Top 6 DMARC Tools in 2025 appeared first on Security Boulevard.
The exploitation of a recent SonicWall vulnerability has started shortly after proof-of-concept (PoC) code was published.
The post SonicWall Firewall Vulnerability Exploited After PoC Publication appeared first on SecurityWeek.
China-linked APT Salt Typhoon has been exploiting known vulnerabilities in Cisco devices in attacks on telecom providers in the US and abroad.
The post Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks appeared first on ...
ClearSky Cyber Security says it has seen a new Windows zero-day being exploited by a Chinese APT named Mustang Panda.
The post New Windows Zero-Day Exploited by Chinese APT: Security Firm appeared first on SecurityWeek.
Identity management provider SGNL has raised $30 million in a Series A funding round led by Brightmind Partners.
The post SGNL Raises $30 Million for Identity Management Solution appeared first on SecurityWeek.
Attempts to exploit CVE-2024-0108, an authentication bypass vulnerability in Palo Alto firewalls, started one day after disclosure.
The post Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure appeared first on SecurityWeek.
Grip Security has unveiled its SaaS Security Posture Management (SSPM) solution, which proactively identifies misconfigurations, enforces best practices and strengthens SaaS security posture against emerging risks. Unlike traditional SSPM ...
2024 is set to be a record year for scammers who received at least US$9.9 billion in crypto revenues from their illicit activities, according to Chainalysis. This figure is projected to rise to an all-time high of $12.4 billion as ongoing ...
