Application Security News and Articles
A proof-of-concept (PoC) exploit for four critical Ivanti Endpoint Manager vulnerabilities has been released by Horizon3.ai researchers. The vulnerabilities – CVE-2024-10811, CVE-2024-13161, CVE-2024-13160 and CVE-2024-13159 – may be ...
A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts. Security researchers at SecurityScorecard are examining possible connections to ...
Australian government entities have been banned from using products and services of Russian cybersecurity company Kaspersky.
The post Kaspersky Banned on Australian Government Systems appeared first on SecurityWeek.
Account takeover (ATO) is one of the most prevalent attack types; Proofpoint says that in 2024, 99% of the customer tenants the company monitors were hit with at least one account takeover attempt, and 62% of the customers experienced at least ...
A Michigan man has been charged for buying compromised credentials on Genesis Market and using and selling them.
The post US Charges Genesis Market User appeared first on SecurityWeek.
Cyberattacks against supply chains have risen recently, but many risks go unnoticed and unaddressed. As cybercrime grows, supply chain professionals must embrace regular security audits.
The post Conducting Security Audits in Supply Chain ...
Explore industry moves and significant changes in the industry for the week of February 24, 2025. Stay updated with the latest industry trends and shifts.
Companies and experts have found evidence linking the $1.5 billion Bybit cryptocurrency heist to North Korean Lazarus hackers.
The post $1.5 Billion Bybit Heist Linked to North Korean Hackers appeared first on SecurityWeek.
In today’s fast-paced and interconnected world, compliance and regulatory frameworks are evolving faster than ever. The risk of falling behind on these changes can be severe. Enter horizon scanning—a concept that’s rapidly gaining traction ...
In this Help Net Security interview, Aaron Roberts, Director at Perspective Intelligence, discusses how automation is reshaping threat intelligence. He explains that while AI tools can process massive data sets, the nuanced judgment of ...
Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale detection and misconfiguration assessments, leveraging customizable templates ...
In this Help Net Security video, Lee Waskevich, VP of Security at ePlus, discusses how AI deployment demands enhanced governance and stricter controls, particularly in managing data. The recent ePlus AI Readiness survey revealed that the top data ...
Welcome to this week's edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond.
Home Office Contractor's Data Collection Sparks Privacy Concerns
The Home Office faces scrutiny after ...
Leverage Bandit to identify security flaws in Python code as part of your DevSecOps pipeline.Continue reading on Medium »
Author/Presenter: Gunnar Andrews
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the ...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) The suspected Chinese state-sponsored hackers who breached ...
The post Securing Payment Pages: A Complete Guide to PCI DSS 4.0.1 Compliance for SAQ A-EP Merchants appeared first on Feroot Security.
The post Securing Payment Pages: A Complete Guide to PCI DSS 4.0.1 Compliance for SAQ A-EP Merchants appeared ...
North Korea's notorious Lazarus Group reportedly stole $1.5 billion in cryptocurrency from the Bybit exchange in what is being called the largest hack in the controversial market's history. It came the same day Coinbase executives said the SEC ...
Authors/Presenters: Adel Karimi
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the ...
Over 400,000 ETH and stETH worth more than $1.5 billion were stolen from the Bybit cryptocurrency exchange.
The post Bybit Hack Drains $1.5 Billion From Cryptocurrency Exchange appeared first on SecurityWeek.
