Application Security News and Articles


Compensating Controls, Customized Approach and Tokenization in PCI DSS 4.0

The Payment Card Industry Data Security Standard (PCI DSS) has always been considered one of the most prescriptive industry mandates around. And well might it be, given what’s at stake. As breach volumes surge and threat actors find it ever ...

Simplifying SaaS Security with the Power of GenAI

Learn how AI is transforming SaaS security and why AI-driven security is not just an advantage to your SaaS ecosystems, but a necessity that will help redefine how critical data is protected. The post Simplifying SaaS Security with the Power of ...

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Check out best practices for shoring up data security and reducing cyber risk. Plus, get tips on how to improve job satisfaction among tech staff. Meanwhile, find out why Congress wants federal contractors to adopt vulnerability disclosure ...

FBI: Fake Ransomware Attack Claims Sent to US Executives via Snail Mail 

An extortion group has been sending physical mail to corporate executives, threatening to leak their data unless a ransom is paid. The post FBI: Fake Ransomware Attack Claims Sent to US Executives via Snail Mail  appeared first on SecurityWeek.

Microsoft Says One Million Devices Impacted by Infostealer Campaign 

Microsoft has uncovered a malvertising campaign that redirected users to information stealers hosted on GitHub. The post Microsoft Says One Million Devices Impacted by Infostealer Campaign  appeared first on SecurityWeek.

Cyberattack Disrupts National Presto Industries Operations

National Presto Industries says a cyberattack has resulted in a system outage and operational disruptions. The post Cyberattack Disrupts National Presto Industries Operations appeared first on SecurityWeek.

18,000 Organizations Impacted by NTT Com Data Breach

NTT Communications Corporation has disclosed a data breach impacting the information of nearly 18,000 customer organizations. The post 18,000 Organizations Impacted by NTT Com Data Breach appeared first on SecurityWeek.

Many Schools Report Data Breach After Retirement Services Firm Hit by Ransomware

Dozens of schools and thousands of individuals are impacted by a data breach resulting from a ransomware attack on Carruth Compliance Consulting. The post Many Schools Report Data Breach After Retirement Services Firm Hit by Ransomware appeared ...

New AI Protection from Google Cloud Tackles AI Risks, Threats, and Compliance

Google Cloud’s AI Protection helps discover AI inventory, secure AI assets, and manage threats with detect, investigate, and respond capabilities. The post New AI Protection from Google Cloud Tackles AI Risks, Threats, and Compliance appeared ...

How to Build a Robust Cloud Security Strategy: Key Solutions and Tips

As businesses continue to shift their operations to the cloud, ensuring robust cloud security has never been more critical. While the cloud offers flexibility, scalability, and cost-effectiveness, it also introduces a host of new security ...

Medusa Ransomware Attacks Increase

The number of Medusa ransomware attacks observed in the first two months of 2025 doubled compared to the same period last year. The post Medusa Ransomware Attacks Increase appeared first on SecurityWeek.

Armis acquires OTORIO to strenghten OT and IoT security

Armis has acquired OTORIO, a provider of OT/ ICS cyber security solutions. This accelerates Armis’ roll out of an on premise version of its Cyber Exposure Management platform, Armis Centrix and cements its leadership in cyber physical systems ...

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets

Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution. The post Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets appeared first on SecurityWeek.

What is DNS Hijacking: Detection, Prevention, and Mitigation

Discover how DNS hijacking works, explore real-world examples and discover effective ways to detect, prevent, and fix DNS hijacking with actionable strategies. The post What is DNS Hijacking: Detection, Prevention, and Mitigation appeared first ...

Best Vulnerability Scanning Tool in 2025: AutoSecT

In the constantly evolving world of cybersecurity, hackers continuously seek out vulnerabilities, exploit misconfigurations, and attempt to breach IT infrastructures. To counter these threats, vulnerability scanning tools serve as a crucial ...

Can AI-powered gamified simulations help cybersecurity teams keep up?

Traditional training often lacks the hands-on experience cybersecurity teams need to counter advanced threats. AI-powered gamified simulations combine artificial intelligence with interactive learning to enhance their skills. Conventional ...

AI threats and workforce shortages put pressure on security leaders

In this Help Net Security video, John Grancarich, Fortra’s Chief Strategy Officer, discusses the 2025 Fortra State of Cybersecurity Survey and highlights escalating concerns among security professionals about AI-driven threats and a ...

Indictments of Chinese Cyber Spies Reveal Hacker-For-Hire Operation

The U.S. DOJ indicted a dozen Chinese nationals for their role in a years-long hacker-for-hire campaign that included the Chinese government using private companies and freelance hackers to steal data from U.S. and other governments while ...

New infosec products of the week: March 7, 2025

Here’s a look at the most interesting products from the past week, featuring releases from Outpost24, Palo Alto Networks, Red Canary, and Sonatype. Outpost24 introduces CyberFlex to streamline attack surface management and pen testing Outpost24 ...

Armis Acquires Otorio to Expand OT and CPS Security Suite

The transaction is valued in the range of $120 million and gives Armis an on-premises CPS solution The post Armis Acquires Otorio to Expand OT and CPS Security Suite appeared first on SecurityWeek.