Application Security News and Articles
Fortinet has added a data loss prevention (DLP) platform to its portfolio that is based on the technology it gained with the acquisition of Next DLP earlier this year.
The post Fortinet Adds Data Loss Prevention Capability Following Acquistion of ...
As the 2024 U.S. presidential election takes place, cybersecurity analysts are on high alert, warning of voter database leaks. They are warning of an increasingly complex landscape that could jeopardize voter data security and election integrity ...
In today’s digital landscape, protecting your identity from real-time threats is more critical than ever. As a cybersecurity expert, I’ve seen an evolving spectrum of threats that go far beyond traditional identity theft. From classic dark ...
Google researchers behind the vendor's Big Sleep project used the LLM-based AI agent to detect a security flaw in SQLite, illustrating the value the emerging technology can have in discovering vulnerabilities that techniques like fuzzing ...
Authors/Presenters: Daniel Bohannon, Sabajete Elezaj
Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention ...
Private PKI (Public Key Infrastructure) is critical for trusted authentication and secure communication among internal applications, devices, workloads, machines, and services. While most organizations understand its importance, managing it ...
HTML sanitization has long been touted as a solution to prevent malicious content injection. However, this approach faces numerous challenges. In this blog post, we'll explore the limitations of server-side HTML sanitization and discuss why ...
The U.S. Securities and Exchange Commission (SEC) recently announced fines amounting to nearly $7 million for violations of financial disclosure rules in the wake of the SunBurst attack on SolarWinds.
The post SEC action raises the bar on ...
Lumifi announces the acquisition of Critical Insight, marking its third acquisition in 13 months. This strategic move expands Lumifi’s service offerings and strengthens its presence in the healthcare and critical infrastructure ...
Unknown attackers are trying to trick Windows users into spinning up a custom Linux virtual machine (VM) with a pre-configured backdoor, Securonix researchers have discovered. The campaign The attack began with a phishing email, they believe, but ...
Building cyber resilience so that you can persistently prevent, withstand, and recover from disruptions to your network infrastructure is becoming increasingly important.
The post Strengthen Cyber Resilience: A Checklist for ITOps and SecOps ...
Contributors to this post: Mickey Shkatov, Alex Bazhaniuk So What Happened? Last week, Sophos released a bombshell report on what they’re calling “Pacific Rim”—and no, we’re not talking about giant robots fighting sea monsters. Sophos ...
I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in ...
The reality is, that despite our best efforts, breaches happen. And there’s a lot less information on how to respond versus how to prevent.
The post Recovering From a Breach: 4 Steps Every Organization Should Take appeared first on ...
Security and development teams often face a tough challenge: delivering a secure, quality product quickly without bogging down the pipeline. Security testing is traditionally squeezed in late, sometimes even right...
The post How PTaaS Supports ...
Google has delivered fixes for two vulnerabilities endangering Android users that “may be under limited, targeted exploitation”: CVE-2024-43047, a flaw affecting Qualcomm chipsets, and CVE-2024-43093, a vulnerability in the Google ...
In this study, GitGuardian and CyberArk reveal the stark reality of secrets management across 1,000 organizations. With 79% experiencing secrets leaks and an average remediation time of 27 days, the findings expose critical gaps between security ...
As security teams level up to support the cloud-native transition, three major issues keep impeding detection and response in the cloud.
The post Three ‘Must Solve” Challenges Hindering Cloud-Native Detection and Response appeared first on ...
BigID launched Data Security Posture Management (DSPM) Starter App, built natively in Snowflake and using the Snowflake Native App Framework. BigID’s DSPM Starter App will be available via Snowflake Marketplace and provide rapid data ...
Has your organization tested its OT security incident response plan in the last 6 months? Do you remember when you last checked your institutional OT security awareness levels? Are your OT security programs running in compliance with IEC 62443? ...
