Application Security News and Articles


Frost & Sullivan Report: Independent Security Efficacy Testing of Cato SASE Platform Using SafeBreach

See how independent analyst firm Frost & Sullivan used the SafeBreach exposure validation platform to test the efficacy of the Cato SASE Cloud Platform. The post Frost & Sullivan Report: Independent Security Efficacy Testing of Cato SASE ...

DEF CON 32 – Recon Village – Recursion is a Harsh Mistress: How (Not) To Build a Recursive Internet Scanner

Speaker: TheTechromancer Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite []DEF CON 32]2 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the ...

Report: More Attacks Aimed at Android Devices Configured with Root Access

A report published today by Zimperium, a provider of a platform for securing mobile devices and applications, today finds devices running the Android operating system that have enabled root-level privileges are 3.5 times more likely to be ...

Optimize Your Security Budget and Improve Security with Threat-Informed Defense

I’ve been on the road lately asking security leaders how their teams reply to the question: Can we defend our most valuable information assets against techniques known to be used by this threat actor, and, if not, what can we do about ...

Microsoft Won’t Fix This Bad Zero Day (Despite Wide Abuse)

Satya says NO: Redmond blames Windows users, rather than solve 30-year-old bug—exploited since 2017. The post Microsoft Won’t Fix This Bad Zero Day (Despite Wide Abuse) appeared first on Security Boulevard.

Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing

Analysis reveals a 140% increase in browser phishing, including a 130% increase in zero-hour phishing attacks. The post Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing appeared first on SecurityWeek.

Why rooting and jailbreaking make you a target

As cybercriminals have moved to a mobile-first attack strategy, rooting and jailbreaking mobile devices remain a powerful attack vector. Such mobile devices bypass critical security protocols, leaving organizations vulnerable to mobile malware, ...

12 Hours or Else: Hong Kong’s Cybersecurity Explained

Hong Kong has officially enacted a new cybersecurity law aimed at securing critical infrastructure, a move that brings its regulatory framework closer to mainland China’s. The Protection of Critical Infrastructures (Computer Systems) Bill, ...

Dataminr Raises $85 Million for AI-Powered Information Platform

Real-time event and risk detection firm Dataminr has raised $85 million from NightDragon and HSBC to accelerate AI development. The post Dataminr Raises $85 Million for AI-Powered Information Platform appeared first on SecurityWeek.

Cybersecurity jobs available right now in the USA: March 20, 2025

AI Security Architect Verizon | USA | Hybrid – View job details As an AI Security Architect, you will ensure security architecture reviews are integrated into Verizon’s AI development lifecycle. This includes embedding robust ...

Choosing the Right Cloud Security Provider: Five Non-Negotiables for Protecting Your Cloud

Protecting your cloud environment for the long term involves choosing a security partner whose priorities align with your needs. Here's what you need to know. As organizations embrace multi-cloud and hybrid environments, the complexity of ...

CISA Warns of Exploited Nakivo Vulnerability

CISA has added an absolute path traversal bug in Nakivo Backup and Replication to its Known Exploited Vulnerabilities list. The post CISA Warns of Exploited Nakivo Vulnerability appeared first on SecurityWeek.

Through the Lens of Music: What Cybersecurity Can Learn From Joni Mitchell

A Joni Mitchell song from the 1960s can teach us a lot about securing hybrid and multi-cloud environments. The post Through the Lens of Music: What Cybersecurity Can Learn From Joni Mitchell appeared first on SecurityWeek.

Prompt Injection Attacks in LLMs: Mitigating Risks with Microsegmentation

Prompt injection attacks have emerged as a critical concern in the realm of Large Language Model (LLM) application security. These attacks exploit the way LLMs process and respond to user inputs, posing unique challenges for developers and ...

SlashNext’s URL analysis tool identifies malicious behavior

SlashNext launched a new advanced URL analysis feature that performs live, in-depth scanning of unknown URLs, tracking requests and following redirection to track the original link to its final destination. Developed specifically for complex ...

CISO survey: 6 lessons to boost third-party cyber-risk management

Third-party cybersecurity incidents are on the rise, but organizations face challenges in mitigating risks arising for the software supply chain, a survey of 200 chief information security officers (CISOs) has found. The post CISO survey: ...

Catch Me If You Can: Rooting Tools vs The Mobile Security Industry

Our zLabs team dives into why rooting and jailbreaking is a significant threat for enterprises and much more. The post Catch Me If You Can: Rooting Tools vs The Mobile Security Industry appeared first on Zimperium. The post Catch Me If You Can: ...

Effective Bot Management and E-Commerce Security: Protecting Retailers from Online Fraud

E-commerce thrives on real customer engagement, yet malicious bots regularly threaten to disrupt this digital ecosystem. To combat these ever-evolving attacks, retail businesses must implement modern bot management. Bot management refers to the ...

6 ITAM/SAM Steps for Oracle Java Pricing

With limited asset management capabilities, companies can make expensive mistakes. Here are six steps for Oracle Java pricing changes. The post 6 ITAM/SAM Steps for Oracle Java Pricing appeared first on Azul | Better Java Performance, ...

Application Detection and Response Analysis: Why ADR? How ADR Works, and ADR Benefits

Two highly respected technology analysts from different cybersecurity disciplines are coming together to recommend that companies consider Application Detection and Response. Organizations face a constant barrage of cyber threats, including ...