Application Security News and Articles
A threat group that’s been around since last year and was first identified earlier this month is using three high-profile information stealers in a wide-ranging campaign to harvest credentials, financial information, and cryptocurrency wallets ...
A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, ...
via the inimitable Daniel Stori at Turnoff.US!
Permalink
The post Daniel Stori’s ‘New Job’ appeared first on Security Boulevard.
Cyberattacks are continuing to become more sophisticated even as defenders become more adept at thwarting existing threats.
The post DirectDefense Report Sees Shifts in Cyberattack Patterns appeared first on Security Boulevard.
In this new series, CJ May shares his expertise in implementing secure-by-design software processes. The second part of his DevSecOps program is all about implementing secure-by-design software pipelines.
The post Secure-by-Design Software in ...
Authors/Presenters: *Massimiliano Taverna and Kenneth G. Paterson*
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access.
Originating from the ...
AI is changing the game for B2B SaaS. Discover how it drives growth, boosts efficiency, and cuts costs. Get ahead of the curve!
The post How AI is Revolutionizing B2B SaaS: Driving Growth, Saving Time, and Boosting Your Bottom Line appeared ...
1Kosmos has expanded its offerings for the identity verification and passwordless market with the introduction of a new Credential Service Provider (CSP) managed service based on the privacy-by-design 1Kosmos platform. The 1Kosmos CSP offering ...
Cyberint has unveiled a series of platform updates aimed at bolstering client protection against external threats. Cyberint’s recent platform innovations provide several new capabilities that support a range of strategic security ...
Our mission at Ontic is to keep people safe and make organizations stronger. We wake up every day thinking about new ways to help security teams be more efficient and effective in doing their important work. A little over two years ago, we ...
Zero Networks announced the addition of identity segmentation capabilities within the Zero Networks platform. As stolen credentials remain a top threat facing organizations, this new identity segmentation solution stops privileged account abuse ...
Russia and Ukraine topped a list of cybercrime-producing nations, followed by China and the United States, with African nation Nigeria rounding out the top five.
The post Nigeria, Romania, Russia, U.S. Among Top Cybercrime Nations appeared first ...
Company Controllers and Directors of Internal Audit are intimately familiar with the complexities and resource demands of SOX audits. While meticulous adherence to regulations is paramount, relying solely on manual processes for audit preparation ...
More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network monitoring/analysis and security solution, have been published. The critical ...
Law professor Dan Solove has a new article on privacy regulation. In his email to me, he writes: “I’ve been pondering privacy consent for more than a decade, and I think I finally made a breakthrough with this article.” His ...
While the use of zero-day exploits is on the rise, Mandiant’s M-Trends 2024 report reveals a significant improvement in global cybersecurity posture: the global median dwell time – the time attackers remain undetected within a target ...
Comcast Business has expanded its cybersecurity portfolio with the launch of its Comcast Business Managed Detection and Response (MDR) solution. The solution combines an advanced security analytics platform and Security Operations Center (SOC) to ...
New Relic announced New Relic AI monitoring with a suite of new features to meet the evolving needs of organizations developing AI applications. New features include in-depth AI response tracing insights with real-time user feedback and model ...
Secureworks announced the ability to integrate vulnerability risk context with threat detection to prevent attackers from exploiting known vulnerabilities and expedite response times, improving an organization’s security posture. The ...
In this Help Net Security video, we take you inside GISEC Global, which is taking place from April 23 to April 25, 2024, at the Dubai World Trade Centre. The video features the following vendors: Sophos, Waterfall Security Solutions, UAE Cyber ...
