Application Security News and Articles


Randall Munroe’s XKCD ‘March Madness’

via the comic artistry and dry wit of Randall Munroe, resident at XKCD! Permalink The post Randall Munroe’s XKCD ‘March Madness’ appeared first on Security Boulevard.

5 Ways Executive Threat Protection Supports Corporate Cybersecurity

With an estimated $188.36 billion invested in information security and risk-management cybersecurity in 2023, corporations understand the essential nature of cybersecurity in protecting their human, capital, and data assets. However, even with ...

GNOME 44 features improved settings panels for Device Security

GNOME 44, code-named Kuala Lumpur, is now available. The GNOME Circle now includes many new apps, and both the Software and Files apps have undergone enhancements. The new version features a grid view in the file chooser, improved settings panels ...

Backslash Snags $8M Seed Financing for AppSec Tech

Backslash Security banks seed-stage capital to build new technology to identify and mitigate “toxic code flows” in cloud-native applications. The post Backslash Snags $8M Seed Financing for AppSec Tech appeared first on SecurityWeek.

‘Badsecrets’ Open Source Tool Detects Secrets in Many Web Frameworks

Black Lantern Security introduces Badsecrets, an open source tool for identifying known or weak cryptographic secrets across multiple platforms. The post ‘Badsecrets’ Open Source Tool Detects Secrets in Many Web Frameworks appeared ...

USENIX Security ’22 – Harshad Sathaye, Martin Strohmeier, Vincent Lenders, Aanjhan Ranganathan – ‘An Experimental Study Of GPS Spoofing And Takeover Attacks On UAVs’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Harshad Sathaye, Martin Strohmeier, ...

High-Severity Vulnerabilities Found in WellinTech Industrial Data Historian

Cisco Talos researchers found two high-severity vulnerabilities in WellinTech’s KingHistorian industrial data historian software. The post High-Severity Vulnerabilities Found in WellinTech Industrial Data Historian appeared first on SecurityWeek.

How to Handle AWS Secrets

In this blog post, we'll cover some best practices for managing AWS secrets when using the AWS SDK in Python. The post How to Handle AWS Secrets appeared first on Security Boulevard.

Chrome 111 Update Patches High-Severity Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers. The post Chrome 111 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek.

Navigating Cloud Security: Why Segregating Environments from Dev to Production is so Important

Segregation in cloud environments is important for security - this post explores why and offers best practice tips for acting on it. The post Navigating Cloud Security: Why Segregating Environments from Dev to Production is so Important appeared ...

7 Data Protection Measures to Track Cloud Services Data

Data tracking in cloud services and data warehouses is vital to data protection. Update your cloud security strategy with 7 key data protection measures. The post 7 Data Protection Measures to Track Cloud Services Data appeared first on Security ...

BreachForums Shut Down Over Law Enforcement Takeover Concerns

The popular cybercrime forum BreachForums is being shut down following the arrest of Conor Brian Fitzpatrick, who is accused of running the website. The post BreachForums Shut Down Over Law Enforcement Takeover Concerns appeared first on ...

CISA Adds Experts to Cybersecurity Committee, Updates Baseline Security Goals

CISA announces adding more experts to its Cybersecurity Advisory Committee and updating the Cybersecurity Performance Goals. The post CISA Adds Experts to Cybersecurity Committee, Updates Baseline Security Goals appeared first on SecurityWeek.

Elevate Cybersecurity Resilience With PCI-DSS 4.0

Earlier this year, the PCI Security Standards Council revealed version 4.0 of their payment card industry data security standard (PCI-DSS). While organizations won’t need to be fully compliant with 4.0 until March 2025, this update is their ...

Malware Trends: What’s Old is Still New

Many of the most successful cybercriminals are shrewd; they want good ROI, but they don’t want to have to reinvent the wheel to get it. The post Malware Trends: What’s Old is Still New appeared first on SecurityWeek.

Introducing the Executive Dashboard

The Executive Dashboard is CyberSaint’s latest addition to the CyberStrong platform. Chief Information Security Officers (CISO) and security leaders can use this new dashboard to take control of cyber risk communication and drive informed ...

Lessons from a Scam Artist

What does a government scam, an IT support scam and a romance scam have in common? They all use psychology […] The post Lessons from a Scam Artist appeared first on Security Boulevard.

Weak Passwords Offer Easy Access to Enterprise Networks

Poor password practices continue to put businesses at risk, with nearly 90% of passwords used in successful attacks consisting of 12 characters or less, indicating additional security measures are required to protect access to sensitive data. ...

Burnout in Cybersecurity – Can it be Prevented?

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress. The post Burnout in Cybersecurity – Can it be Prevented? appeared first ...

Spain Needs More Transparency Over Pegasus: EU Lawmakers

Spain needs more transparency over the Pegasus spyware hacking scandal, a European Parliament committee said. The post Spain Needs More Transparency Over Pegasus: EU Lawmakers appeared first on SecurityWeek.