Application Security News and Articles
It’s been a while since I’ve been away from CTF challenges now it’s a good time to go again!Continue reading on Medium »
Author/Presenter: Ariana Mirian
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and ...
As enterprises brace for a new wave of stealthy intrusions — so-called Typhoon attacks — security leaders are doubling down on network intelligence that goes beyond surface-level alerts.
Related: What is NDR?
In this RSAC 2025 Fireside Chat, ...
AttackIQ has released a new attack graph emulating the behaviors exhibited by Helldown ransomware since its emergence in August 2024. Helldown is operated by the eponymous and still largely undocumented adversary, which employs double extortion ...
Gone are the days of mass phishing campaigns. Today’s attackers are leveraging generative AI (GenAI) to deliver hyper-targeted scams, transforming every email, text, or call into a calculated act of manipulation. With flawless lures and tactics ...
by Source Defense A recent incident at Blue Shield of California highlights the critical importance of client-side security controls when implementing third-party scripts on healthcare websites. The nonprofit health plan has disclosed a ...
via the comic artistry and dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Tennis Balls’ appeared first on Security Boulevard.
One year in, Account Protect now offers smarter fraud detection, deeper SDK support, and easier list management—helping businesses fight fraud with less friction.
The post A Year of Evolution: How Account Protect Has Grown Since Launch appeared ...
Hundreds of companies are showcasing their products and services at the 2025 edition of the RSA Conference in San Francisco.
The post RSA Conference 2025 – Pre-Event Announcements Summary (Part 1) appeared first on SecurityWeek.
Researchers from security firm ARMO developed a POC rootkit called Curing that showed how the io_uring interface in Linux could be exploited by bad actors to bypass system calls, creating what they calle a "massive security loophole" in the ...
It’s that time of year again: Verizon Business has released the 2025 edition of the Data Breach Investigations Report (DBIR), its 18th-annual report on cybercrime. The DBIR is famous for how well it captures the current state of things, ...
Jericho Security has raised $15 million in Series A funding for its AI-powered employee cybersecurity training platform.
The post Jericho Security Gets $15 Million for AI-Powered Awareness Training appeared first on SecurityWeek.
Harness today unfurled a cloud web application and application programming interface (API) protection (WAAP) platform that makes it simpler for security operation (SecOps) teams to defend application environments.
The post Harness Adds Traceable ...
Authors/Presenters: Arun Vishwanath, Fred Heiding, Simon Lermen
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the ...
Learn how SonarQube detected a Cross-Site Scripting (XSS) vulnerability in Grafana, a popular open-source data observability platform.
The post Data in Danger: Detecting Cross-Site Scripting in Grafana appeared first on Security Boulevard.
As RSAC 2025 convenes next week in San Francisco, digital trust is poised to take center stage.
Related: PKI and the IoT cloud
One quiet but consequential development now taking root in the financial sector could prove pivotal: the emergence … ...
The latest Verizon DBIR landed this week with a startling statistic about the security posture of VPNs and network edge devices.
The post Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances appeared first on SecurityWeek.
HYCU introduces R-Shield to provide comprehensive cyber resilience across SaaS, cloud, and on-premises environments as organizations face growing supply chain attacks.
The post HYCU Tackles SaaS Data Protection With New R-Shield Solution appeared ...
Organizations must avoid relying solely on traditional backups because ransomware attacks are occurring more often and becoming more expensive and complex.
The post Beyond Backups: Building a Ransomware Response Playbook That Works appeared first ...
Most corporate leaders now agree that cybersecurity is a vital business function. But dig deeper and their reasons for saying so may differ. Cyber is often still viewed primarily through a lens of minimizing business risk, rather than enabling ...
