Application Security News and Articles
Insight No. 1 — Know which vulnerabilities are active in production
Consider this: your pre-production scans might flag hundreds of vulnerabilities, but which ones are actually being exploited in your live environment? The uncomfortable truth ...
The US government says defense contractor Raytheon and Nightwing agreed to pay $8.4 million to settle False Claims Act allegations.
The post Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures appeared first on ...
Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police.
The post In Other News: NullPoint ...
Microsoft is making new Microsoft accounts passwordless by default, the company has announced on Thursday, which marked this year’s World Password Day. “As part of [a recently simplified sign-in user experience], we’re changing the ...
The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided ...
Major UK retailers Co-op, Harrods, and M&S are scrambling to restore services that were affected by cyberattacks.
The post UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks appeared first on SecurityWeek.
Nova Scotia Power’s investigation has shown that the recent cyberattack resulted in the theft of some customer information.
The post Nova Scotia Power Says Hackers Stole Customer Information appeared first on SecurityWeek.
We’re proud to announce our new partnership with Sherweb, a leading cloud solutions provider trusted by over 7,000 MSPs and 85,000 businesses across North America. This collaboration brings IRONSCALES self-learning, AI-driven email security ...
Hundreds of companies showcased their products and services this week at the 2025 edition of the RSA Conference in San Francisco.
The post RSA Conference 2025 Announcement Summary (Day 3) appeared first on SecurityWeek.
Microsoft is prioritizing passwordless sign-in and sign-up methods, and is making new accounts passwordless by default.
The post Microsoft Accounts Go Passwordless by Default appeared first on SecurityWeek.
Surviving in the digital world is not about stopping the next attack. It’s about preventing any new attack from surfacing. It’s about cyberdefense – predictively and not just reactively. Like the time when GPS revolutionized navigation by ...
Sophisticated phishing attacks bypass Microsoft ADFS MFA. Learn protective measures to safeguard your organization against these threats!
The post Preventing Sophisticated Phishing and MFA Bypass in Entra ID appeared first on Security Boulevard.
Microsoft is eliminating passwords for enhanced security through passkeys and what it means for users. Embrace passwordless authentication today!
The post Microsoft Urges 1 Billion Users: Ditch Passwords for Security appeared first on Security ...
Ukrainian national Artem Stryzhak was extradited to the US and charged with using Nefilim ransomware in attacks on large businesses.
The post Ukrainian Nefilim Ransomware Affiliate Extradited to US appeared first on SecurityWeek.
Opsera announced new Advanced Security Dashboard capabilities that, available as an extension of Opsera’s Unified Insights for GitHub Copilot, help enterprises maximize the benefits of GitHub Advanced Security (GHAS). Opsera now connects ...
Anviz launched W2 Face, its latest hybrid biometric access control and attendance terminal. Designed to meet the needs of modern enterprises, the W2 Face combines facial recognition, fingerprint authentication, and RFID capabilities in a compact, ...
Threat actors are increasingly harnessing automation, commoditized tools, and AI to systematically erode the traditional advantages held by defenders, according to Fortinet.
The post AI and automation shift the cybersecurity balance toward ...
Phone theft is a rising issue worldwide, and it’s more than just a property crime. It’s a serious cybersecurity threat. In the UK alone, the Metropolitan Police recovers 1,000 phones each week. Stolen phones don’t just go to local black ...
35% of Gen Z said they never or rarely update passwords after a data breach affecting one of their accounts, according to Bitwarden. Only 10% reported always updating compromised passwords. 38% of Gen Z and 31% of Millennials only change a single ...
Third-party risk management (TPRM) is compromised in many organizations because those holding the relationship with the third-party (relationship owners) don’t escalate red flags to compliance teams reliably, according to Gartner.
The post Half ...
