Application Security News and Articles
Originally published by Rick Howard, Sep 29, 2025
The post The Next Evolution for the Intrusion Kill Chain Prevention Strategy appeared first on Security Boulevard.
Google has rolled out AI-powered ransomware detection and file restoration features in Drive for desktop, Google’s official file syncing and access app for Windows and macOS. Currently in open beta, this new layer of defense is not meant to ...
NETGEAR announced a tailored security solution for small and medium-sized enterprises (SMEs). Building on an acquisition made earlier this year, NETGEAR is delivering Exium, an all-in-one Secure Access Service Edge (SASE) and hybrid firewall ...
Focused on espionage, the threat actor shares infrastructure with Chinese APTs, but uses different TTPs in attacks.
The post Chinese APT ‘Phantom Taurus’ Targeting Organizations With Net-Star Malware appeared first on SecurityWeek.
As September 2025 wraps up, we’re back with the latest roundup of newly released AWS privileged permissions, and once again the cloud attack surface keeps evolving. This month’s updates span critical services including AWS IoT, Glue, ...
The company says names, contact details, and ID documents provided in connection with reservations and travel were stolen from its systems.
The post Canadian Airline WestJet Says Hackers Stole Customer Data appeared first on SecurityWeek.
TELUS Digital has released its continuous automated red-teaming application, Fuel iX Fortify. The solution helps enterprises test GenAI systems at scale and identify vulnerabilities by simulating real-world attack scenarios using advanced ...
NIST Special Publication 1334 focuses on reducing cybersecurity risks associated with the use of removable media devices in OT environments.
The post NIST Publishes Guide for Protecting ICS Against USB-Borne Threats appeared first on SecurityWeek.
The identity and access management provider will invest in agentic identity R&D, expand to new regions, and hire new talent.
The post Descope Raises $35 Million in Seed Round Extension appeared first on SecurityWeek.
This year’s theme focuses on government entities and small and medium-sized businesses that are vital to protecting the systems and services that keep our communities running.
The post Cybersecurity Awareness Month 2025:Prioritizing Identity ...
September 2025 saw major data breaches affecting Volvo, Gucci, European airports, Wealthsimple, and Harrods. From HR data to critical infrastructure, attackers exploited vendor ecosystems and third-party systems. These incidents underscore the ...
Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) for months, there are still around 48,000 ...
Impacting VMware Aria Operations and VMware Tools, the flaw can be exploited to elevate privileges on the VM.
The post Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability appeared first on SecurityWeek.
Intel and AMD say the research is not in scope of their threat model because the attack requires physical access to a device.
The post Battering RAM Attack Breaks Intel and AMD Security Tech With $50 Device appeared first on SecurityWeek.
Siemens launched SINEC Secure Connect, the zero trust security platform designed for operational technology (OT) networks. The software solution virtualizes network structures using overlay networks. It enables Machine-to-Machine, ...
Learn about Identity and Access Management (IAM), its core components, benefits, and implementation strategies. Understand how IAM enhances security and streamlines user access in modern IT environments.
The post What is Identity and Access ...
CVEs & Vulnerabilities of September 2025 reveal a wave of high-impact flaws that security teams cannot afford to ignore. From unauthenticated exploits in FreePBX to privilege escalation in Android and root-level risks in Cisco firewalls, ...
Explore the depths of retina scan authentication, from its technology and security to ethical considerations and implementation. A guide for developers and security pros.
The post An Inclusive Guide to Retina Scan Authentication appeared first on ...
360 Privacy launched 360 Strata, an advanced privacy platform designed to transform how organizations understand, manage, and reduce digital exposures. The platform empowers executives, security teams, and family offices with actionable ...
Akuity has launched new AI capabilities that enable users to detect degraded states across applications, triage incidents, and automate fixes on the Akuity platform within minutes. The platform also provides enterprise-ready continuous delivery ...
