Application Security News and Articles
The life of a Security Operations Center (SOC) analyst is often compared to navigating a vast and dangerous ocean. While tools like Intrusion Detection Systems (IDS), Cloud-Native Application Protection Platforms (CNAPP), and Endpoint Detection ...
Authors/Presenters: Ken Munro
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the ...
Dive into the world of AI agent authentication, where cutting-edge security meets autonomous systems. Discover how delegation tokens, real-time verification, and multi-layer security protocols work together to ensure safe and private AI ...
CyberArk acquires early stage Boston startup Zilla Security for $165M, expanding its identity security and IGA capabilities.
The post CyberArk Expands Identity Security Play with $165M Acquisition of Zilla Security appeared first on SecurityWeek.
When threat actors get their hands on legitimate corporate credentials, it makes blocking unauthorized intrusions far more challenging. Yet that’s exactly what’s happening across the globe, thanks to the growing popularity of infostealer ...
Millions of uninformed users have flocked to DeepSeek and share personal information without considering security or privacy risks.
The post DeepSeek Exposes Major Cybersecurity Blind Spot appeared first on SecurityWeek.
Palo Alto Networks today updated its Cortex Cloud platform to integrate the company’s cloud-native application protection platform (CNAPP) known as Prisma Cloud into a platform that provides a wider range of cloud security capabilities.
The ...
Palo Alto Networks introduced Cortex Cloud, the next version of Prisma Cloud, that natively brings together new releases of its cloud detection and response (CDR) and cloud native application protection platform (CNAPP) capabilities on the ...
TVM Ventures has selected Trail of Bits as its preferred security partner to strengthen the TON developer ecosystem. Through this partnership, we’ll lead the development of DeFi protocol standards and provide comprehensive security services to ...
A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is interested in. “In 2022, its primary focus was Ukraine, ...
A toolset associated with China-linked espionage intrusions was employed in a ransomware attack, likely by a single individual.
The post Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job appeared first on SecurityWeek.
Microsoft Azure provides administrators with controls to limit the actions a principal can take within the cloud environment. These actions can broadly be split into two categories: those that impact the Entra ID tenant and those that affect the ...
An analysis conducted by SecurityWeek shows that 405 cybersecurity-related mergers and acquisitions were announced in 2024.
The post SecurityWeek Analysis: Over 400 Cybersecurity M&A Deals Announced in 2024 appeared first on SecurityWeek.
Jscrambler has received a $5.2 million investment from Iberis Capital to accelerate innovation and research.
The post Jscrambler Raises $5.2 Million for Code, Webpage Protection Solution appeared first on SecurityWeek.
Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability.
The post Palo Alto Networks Patches Potentially Serious Firewall Vulnerability appeared first on ...
Threat actors are increasingly exploiting two old vulnerabilities in ThinkPHP and OwnCloud in their attacks.
The post Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges appeared first on SecurityWeek.
Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks ...
Google has released a Chrome 133 update to address four high-severity vulnerabilities reported by external researchers.
The post Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability appeared first on SecurityWeek.
Tackling the Digital Mess The other day, a technician came over to help me with an unresponsive computer. After bringing it back to life, he started rifling through my installed programs. “What’s this one for?” he asked. “And this one?” ...
Salvador Tech introduced a Edge-Recovery Platform, a leap forward in comprehensive cyber resilience in the Operational Technology (OT) and Industrial Control Systems (ICS) landscape. This new platform will deliver a solution that enables instant ...
