Application Security News and Articles


Privacy Concerns with Digital Driver’s Licenses, The Rise of DeepSeek AI

In this episode, we explore the rollout of digital driver’s licenses in states like Illinois and the potential privacy issues that come with them. Can digital IDs truly enhance convenience without compromising your privacy? We also discuss the ...

BadDNS: Open-source tool checks for subdomain takeovers

BadDNS is an open-source Python DNS auditing tool designed to detect domain and subdomain takeovers of all types. BadDNS modules cname – Check for dangling CNAME records and interrogate them for subdomain takeover opportunities ns – ...

Only 3% of organizations have a dedicated budget for SaaS security

Mid-market organizations are grappling with managing the large volume of SaaS applications, both sanctioned and unsanctioned, with actual numbers often exceeding expectations, according to Cloud Security Alliance. Security teams are struggling ...

How to use iCloud Private Relay for enhanced privacy

iCloud Private Relay, included with an iCloud+ subscription, enhances your privacy while browsing the web in Safari. When this feature is enabled, the traffic leaving your iPhone is encrypted and routed through two separate internet relays. This ...

Industry Moves for the week of February 3, 2025 - SecurityWeek

Explore industry moves and significant changes in the industry for the week of February 3, 2025. Stay updated with the latest industry trends and shifts.

DEF CON 32 – Navigating the Turbulent Skies of Aviation Cyber Regulation

Authors/Presenters: M. Weigand, S. Wagner Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; ...

Hackers Hijack JFK File Release: Malware & Phishing Surge

Veriti Research has uncovered a potentially growing cyber threat campaign surrounding the release of the declassified JFK, RFK, and MLK files. Attackers are capitalizing on public interest in these historical documents to launch potential malware ...

Week in review: Apple 0-day used to target iPhones, DeepSeek’s popularity exploited by scammers

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) Apple has shipped a fix for a zero-day vulnerability ...

LDAP Injection: A SAST Vulnerability

What Is LDAP Injection attack? Code Examples and PreventionContinue reading on Medium »

Core Features in NSFOCUS RSAS R04F04 1-2

In the new NSFOCUS RSAS version R04F04, we optimized several core features and functions. In this post, we will focus on the optimization of the product interface function process during the vulnerability scanning process. Efficient Asset ...

Innovations in Identity and Access Management

Are IAM Innovations the Future of Cybersecurity? Identity and Access Management (IAM) has become instrumental in maintaining an effective cybersecurity strategy. As the digital sphere continues to expand, fostering innovations in IAM is crucial ...

Why Secrets Management Can Ease Your Security Woes

Is Your Organization Truly Safe from Cyber Threats? Businesses across sectors rely on cloud technologies to drive operational efficiency and competitive advantage. Yet, this digital transformation brings with it hidden dangers, particularly. As ...

Empowering Teams with Enhanced Privileged Access

Why is NHI Management Crucial to Cybersecurity? Often we overlook the role played by non-human identities (NHIs) in our interconnected digital ecosystem. Their immense significance in securing our data and systems exposes a pressing question: How ...

Mastering SEO for Cybersecurity Entrepreneurs: A Strategic Guide to Dominating Search Rankings

Master fundamentals of SEO to elevate your online presence in 2025. From keyword research and on-page optimization to local SEO tactics, this guide covers essential strategies for entrepreneurs. Learn how to track key metrics, stay updated on the ...

Critical ‘Backdoor’ Discovered in Widely Used Healthcare Patient Monitors 

On January 30, 2025, the U.S. Food and Drug Administration (FDA) issued a safety communication regarding cybersecurity vulnerabilities in Contec CMS8000 and Epsimed MN-120 patient monitors. The post Critical ‘Backdoor’ Discovered in ...

DEF CON 32 – Navigating the Turbulent Skies of Aviation Cyber Regulation

Authors/Presenters: M. Weigand, S. Wagner Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; ...

Texas Governor Orders Ban on DeepSeek, RedNote for Government Devices

“Texas will not allow the Chinese Communist Party to infiltrate our state’s critical infrastructure through data-harvesting AI and social media apps,” Abbott said. The post Texas Governor Orders Ban on DeepSeek, RedNote for Government ...

The Network Security Business System of Low-altitude Economy

Previous post on security risks of low-altitude Economy: https://nsfocusglobal.com/security-risks-of-low-altitude-economy How to construct a comprehensive network security business system in the field of low-altitude economy? The purpose of ...

5 Encrypted Attack Predictions for 2025

The cyberthreat landscape of 2024 was rife with increasingly sophisticated threats, and encryption played a pivotal role—a staggering 87.2% of threats were hidden in TLS/SSL traffic. The Zscaler cloud blocked 32.1 billion attempted encrypted ...

Integrating onboarding and security awareness training for employees

Onboarding new employees into an organization is an exciting time, but it also presents security challenges. Ensuring that new hires understand cybersecurity risks from day one The post Integrating onboarding and security awareness training for ...