Application Security News and Articles
Noteworthy stories that might have slipped under the radar: Snowden file analysis, Yubico starts trading, election hacking event.
The post In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking appeared first on ...
What does data sovereignty mean for organizations and what’s the best practice for ensuring compliance?
The post Don’t Ignore Data Sovereignty appeared first on Security Boulevard.
Overview On August 29th, 2023, Qlik issued a patch for two vulnerabilities we identified in Qlik Sense Enterprise, CVE-2023-41265 and CVE-2023-41266. These vulnerabilities allowed for unauthenticated remote code execution via path traversal and ...
In the age of generative AI, identity is being exploited by attackers as a weakness in the security perimeter. Here's what to do.
The post The Battle of the Bots: Safeguarding Identity in the Age of AI appeared first on Security Boulevard.
Chinese state-sponsored threat groups have targeted telecoms, financial and government organizations in Africa as part of soft power efforts.
The post China’s Offensive Cyber Operations in Africa Support Soft Power Efforts appeared first on ...
To help protect consumers from browser-based security, privacy and identity threats, Norton, a consumer Cyber Safety brand of Gen, has released Norton Secure Browser. Just as a passport is essential for travel, web browsers are essential for ...
Canada’s largest airline says the personal information of some employees was accessed in a recent cyberattack.
The post Air Canada Says Employee Information Accessed in Cyberattack appeared first on SecurityWeek.
Keysight Technologies and Synopsys are partnering to provide internet of things (IoT) device makers with a comprehensive cybersecurity assessment solution to ensure consumers are protected when devices are shipped to market. Under the ...
Mitek announced a strategic partnership with Equifax, a global data, analytics and technology company. The agreement will add Mitek’s biometric-based identity verification and liveness detection technology to Equifax’s digital identity ...
The latest BIND security updates include patches for two high-severity DoS vulnerabilities that can be exploited remotely.
The post BIND Updates Patch Two High-Severity DoS Vulnerabilities appeared first on SecurityWeek.
DAT Freight & Analytics introduced an AI-powered identity fraud detection and prevention platform through a partnership with Verosint, to help prevent the unauthorized use of customer login credentials and combat the growing threat of ...
CISA says Known Exploited Vulnerabilities Catalog has helped federal agencies significantly accelerate their vulnerability remediation pace.
The post Faster Patching Pace Validates CISA’s KEV Catalog Initiative appeared first on SecurityWeek.
Contrast Security, the code security platform built for developers and trusted by security, today announced its integration with Amazon Web Services (AWS) Security Hub to offer full-spectrum security visibility, from infrastructure to ...
GitLab has fixed a critical vulnerability (CVE-2023-5009) in the Enterprise Edition (EE) and Community Edition (CE) of its widely used DevOps platform. The flaw may allow a threat actor to abuse scan execution policies to run pipelines as another ...
Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities (CVE-2023-41992, CVE-2023-41991, CVE-2023-41993) exploited “against versions of iOS before iOS 16.7.” Bill Marczak of The ...
Anviz introduced an all-in-one intelligent security solution for the education industry – Anviz One – bolstering the security infrastructure of public and private educational institutions from K-12 to university with lower upfront investment, ...
ICS/OT security budgets have decreased in 2023 compared to last year, according to a survey conducted by SANS.
The post SANS Survey Shows Drop in 2023 ICS/OT Security Budgets appeared first on SecurityWeek.
Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones.
The post Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones appeared first on SecurityWeek.
Long-term success in a time when digital agility essentially requires a strong and well-managed cloud ecosystem. To redefine the potential of your cloud infrastructure, we at PeoplActive have put together a team of cloud consulting ...
Are you in search of VAPT Services for your Company? Here’s What You Need to “Be Aware Of”. VAPT Companies will play a vital role in the business era, as technology has become so prevalent. Each component of how people use technology makes ...
