Application Security News and Articles
Vanta announced a series of new features and capabilities to help security and GRC teams seamlessly collaborate across their organization and extended network. These releases—including team-based collaboration and granular user access, an ...
State-sponsored threat actors and cybercrime groups from North Korea, Iran, Russia, and China have been exploiting a zero-day Windows vulnerability with no fix in sight for the last eight years, researchers with Trend Micro’s Zero Day ...
1Kosmos announced 1Kosmos 1Key for shared account login environments. With FIDO-compliant biometric authentication, 1Kosmos 1Key addresses the pressing need for security, accountability, and auditability in settings where multiple users access ...
Elastic announced an expanded partnership with an integrated offering that includes Tines Workflow Automation and the Elastic Search AI Platform to simplify security and observability workflow automation. The partnership equips security teams ...
Chinese hacking group MirrorFace has targeted a Central European diplomatic institute with the Anel backdoor and AsyncRAT.
The post Chinese Hacking Group MirrorFace Targeting Europe appeared first on SecurityWeek.
Austin, TX, United States, 19th March 2025, CyberNewsWire
The post SpyCloud’s 2025 Identity Exposure Report Reveals the Scale and Hidden Risks of Digital Identity Threats appeared first on Security Boulevard.
A long-running campaign phishing for credentials through scareware recently switched to targeting macOS users.
The post Scareware Combined With Phishing in Attacks Targeting macOS Users appeared first on SecurityWeek.
Today’s enterprises face an unprecedented cybersecurity challenge. The digital transformation that drives business innovation also exponentially expands the attack surface. Sophisticated threat actors deploy advanced techniques including ...
I had the honour of being invited as the first guest on a new podcast hosted by the wonderful Lisa Forte, and Sarah Armstrong Smith where we got to sit down and talk about insider threats. Well, more specifically, around the story where a fake ...
Microsoft has shared details on StilachiRAT, an evasive and persistent piece of malware that facilitates sensitive data theft.
The post Microsoft Warns of New StilachiRAT Malware appeared first on SecurityWeek.
Cloudflare launched the Cloudforce One threat events platform to provide real-time intelligence on cyberattacks occurring across the Internet. Based on telemetry from Cloudflare’s massive global network, Cloudforce One’s threat events ...
Cytex launched AICenturion, a LLM Firewall with Data Loss Prevention (DLP) capabilities. GenAI’s risks intensify as LLMs prevent enterprises from directly controlling their processes and data handling. AICenturion provides the trust, risk ...
Most organizations are using AI in some way today, whether they know it or not. Some are merely beginning to experiment with it, using tools like chatbots. Others, however, have integrated agentic AI directly into their business procedures and ...
TXOne Networks announced Version 3.2 of its Stellar solution, further enhancing its capabilities from endpoint protection to more comprehensive detection and response in operational technology (OT) environments. Stellar simplifies the journey ...
Keysight Technologies announces the expansion of its Keysight Vision Network Packet Brokers (NPBs), with the introduction of AI Insight Brokers. These enhanced NPBs are designed to improve the performance of AI-driven cybersecurity operations ...
Outseer announced its platform-native Behavioral Biometrics capability. The addition of platformized Behavioral Biometrics introduces another layer of defense that continuously analyzes user interactions to detect anomalies in real time. Building ...
Orion Security announced a $6 million Seed funding round led by Pico Partners and FXP with participation from Underscore VC and cybersecurity leaders including the founders of Perimeter 81 and the CISO of Elastic. Founded by CEO Nitay Milner, ...
Overview Recently, NSFOCUS CERT detected that Microsoft released a security announcement and fixed the spoofing vulnerability of Windows File Explorer (CVE-2025-24071), with a CVSS score of 7.5. Due to the implicit trust and automatic file ...
In this Help Net Security interview, William Booth, director, ATT&CK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk management, prioritize spending based on threat-informed assessments, and ...
Dependency-Check is an open-source Software Composition Analysis (SCA) tool to identify publicly disclosed vulnerabilities within a project’s dependencies. The tool analyzes dependencies for Common Platform Enumeration (CPE) identifiers. ...
