Application Security News and Articles
VPN technologies have long been a backbone of remote access — but according to new ThreatLabz research, the security risks and performance challenges of VPNs may be rapidly changing the status quo for enterprises. The Zscaler ThreatLabz 2025 ...
On March 25, 2025, NIST released the initial public draft of NIST SP 800-228, "Guidelines for API Protection for Cloud-Native Systems." The document provides a comprehensive framework for securing APIs in cloud-enabled environments. However, ...
Law enforcement agencies in multiple countries have announced the arrests of users of the malicious Smokeloader botnet.
The post Europol Targets Customers of Smokeloader Pay-Per-Install Botnet appeared first on SecurityWeek.
Exhibiting at the RSAC conference at the Moscone Center in San Francisco is always exciting; we get to speak with our customers and prospective customers, analysts, and partners. Our team is ready, our engineers are set up to show demos of our ...
Author/Presenter: Dave Bailey
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and ...
Trump orders a termination of any active security clearances held by Krebs and a suspension of clearances held by individuals at SentinelOne.
The post Trump Revokes Security Clearance for Ex-CISA Director Chris Krebs appeared first on SecurityWeek.
The Payment Card Industry Security Standards Council (PCI SSC) continues to evolve its flagship data security standard. The latest version encourages complying organizations to move away from traditional, periodic audits to a process of ...
Juniper Networks has patched two dozen vulnerabilities in Junos OS and Junos OS Evolved, and dozens of flaws in Junos Space third-party dependencies.
The post Juniper Networks Patches Dozens of Junos Vulnerabilities appeared first on SecurityWeek.
CyberArk announced the CyberArk Secure AI Agents Solution, which will allow organizations to implement identity-first security for agentic AI using the CyberArk Identity Security Platform. The solution will help organizations mitigate new and ...
The post What is DSPM? Understanding Data Security Posture Management appeared first on Votiro.
The post What is DSPM? Understanding Data Security Posture Management appeared first on Security Boulevard.
Learn how BluOcean overcame its client’s challenges with SaaS misconfigurations and how AppOmni’s SaaS security platform helped build a scalable, proactive SaaS security program.
The post How BluOcean Cyber Revolutionized SaaS Security and ...
US President Donald Trump has signed an Executive Order on Wednesday to revoke security clearance held by Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA), and his colleagues at SentinelOne. ...
If your organization handles sensitive financial information, you must implement security measures that fulfill the Payment Card Industry Data Security Standard (PCI DSS) requirements. The most commonly used methods for securing cardholder data ...
Routers are the riskiest devices in enterprise networks as they contain the most critical vulnerabilities, a new Forescout report shows.
The post Study Identifies 20 Most Vulnerable Connected Devices of 2025 appeared first on SecurityWeek.
New domains are up 7.39%, with 2.9 million malicious domains detected. Chinese gambling sites dominate the Top 20 TLDs, while .top remains a hotspot for abuse - this time with a spike in toll road scams. Read the full report here.
The post Domain ...
Compromised passwords remain one of the most common—and preventable—ways attackers gain access to systems. Despite advancements in security tools, weak and reused credentials still leave organizations wide open to phishing, credential ...
GitHub security campaigns make it easier for developers and security teams to collaborate on fixing vulnerabilities in their applications.
The post GitHub Announces General Availability of Security Campaigns appeared first on SecurityWeek.
Researchers find vulnerabilities that can be exploited to remotely take control of a Nissan Leaf’s functions, including physical controls.
The post Nissan Leaf Hacked for Remote Spying, Physical Takeover appeared first on SecurityWeek.
Sensata has informed the SEC that shipping, manufacturing and other operations have been impacted by a ransomware attack.
The post Operations of Sensor Giant Sensata Disrupted by Ransomware Attack appeared first on SecurityWeek.
Fortinet has released patches for flaws affecting many of its products, among them a critical vulnerability (CVE-2024-48887) in its FortiSwitch appliances that could allow unauthenticated attackers to gain access to and administrative privileges ...
