Application Security News and Articles


A look at the future of supply chain and national security: Updates from CISA and NIST

Explore CISA & NIST's recent cybersecurity publications. Get key insights into securing vital infrastructure in an ever-evolving threat landscape and how GitGuardian can help. The post A look at the future of supply chain and national ...

Why more security doesn’t mean more effective compliance

Financial institutions have always been a valuable target for cyberattacks. That’s partly why banking and financial institutions are heavily regulated and have more compliance requirements than those in most other industries. A slew of new ...

Why Your DIY Security Data Lake Might Just Sink?

Drowning in Data, Yet Thirsty for Insight: A CISO’s Conundrum Sarah, the battle-hardened CISO, oversees a formidable array of cybersecurity tools. Her organization has invested in next-gen IDS/IPS, state-of-the-art firewalls, and MFA protocols. ...

New infosec products of the week: September 22, 2023

Here’s a look at the most interesting products from the past week, featuring releases from 1Password, Dig Security, Laiyer.ai, Viavi Solutions, and Wing Security. 1Password introduces mobile support for passkeys 1Password customers can now ...

Ransomware cyber insurance claims up by 27%

Overall cyber insurance claims frequency increased by 12% in the first half of 2023, according to Coalition. Increase in ransomware claims frequency Coalition found that both claims frequency and severity rose for businesses in early 2023 across ...

Code alterations more prevalent in Android apps than iOS

57% of all monitored apps are under attack, with gaming (63%) and FinServ (62%) apps facing the highest risk, according to Digital.ai. The study found no correlation between an app’s popularity and likelihood of being attacked but found Android ...

IT pros told to accept burnout as normal part of their job

The vast majority of IT security professionals admit stress has led them and peers to make errors that have caused data breaches, according to Devo Technology. Recent estimates put the shortage of cybersecurity professionals at 3.5 million. The ...

SMEs overestimate their cybersecurity preparedness

57% of SMEs have fallen victim to at least one cybersecurity breach, among whom 31% reported that their business experienced a breach within the past 12 months alone, according to Guardz. The increasing number of evolving cyber threats poses a ...

Unlocking the Future of Cybersecurity: Meet Us at GovWare 2023

Today’s ever-evolving digital landscape presents unparalleled opportunities alongside formidable cybersecurity challenges, making the security of organizations’ networks and applications more crucial. As a global network and cyber security ...

What Is Identity Assurance and Why Is It Needed

In today's perpetually changing digital landscape, the importance of identity within the enterprise has taken center stage.  As both workforce and consumer demands grow, there's a critical need for robust solutions that can manage the entire ...

MGM Breach Takeaway: On-Prem Has Become Attackers’ Gateway to the Cloud

Last week, the BlackCat ransomware group (also known as ALPHV) attacked the operations of MGM Resorts and forced them to shut down their IT systems. What sets this attack apart from more traditional ransomware attacks is that at a certain point ...

Email Intelligence Dashboard

In January of 2023, Arkose Labs launched Arkose Email Intelligence to protect our customers from bots and humans manipulating email addresses for fake sign-ups. This solution combines bot mitigation with email risk detection to deliver outsize ...

Detection Engineering and SOC Scalability Challenges (Part 2)

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. This post is our second installment in the “Threats into Detections — The DNA of Detection ...

Helpdesk Telephone Attack: How to Close Process and Technology Gaps

Introduction As we have witnessed in recent weeks with the MGM and Caesars Entertainment breaches, helpdesks are prime attack surfaces that are seeing a surge in exploitation. Although much of the press surrounding these most recent events ...

New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware

New and mysterious APT Sandman spotted targeting telcos in Europe and Asia as part of a cyberespionage campaign. The post New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware appeared first on SecurityWeek.

Cyber Week 2023 & The Israel National Cyber Directorate Presents – Watch Live: Cyber Week 2023 — Main Plenary, Day 1

Many thanks to Israel’s Tel Aviv University for publishing their presenter’s tremendous Cyber Week 2023 security content on the Tel Aviv University’s TAUVOD YouTube channel. Permalink The post Cyber Week 2023 & The Israel National ...

Cyber Week 2023 & The Israel National Cyber Directorate Presents – FraudCON (Virtual)

Many thanks to Israel’s Tel Aviv University for publishing their presenter’s tremendous Cyber Week 2023 security content on the Tel Aviv University’s TAUVOD YouTube channel. Permalink The post Cyber Week 2023 & The Israel National ...

Building a Kubernetes Platform: How to Handle Cost Management & Reporting

Platforms, sometimes called internal developer platforms, are a unified infrastructure that allows all the development teams you have in your company, whether it be two or 20 or 100, to deliver applications rapidly and consistently. Some may ...

OWASP Top 10 IoT Vulnerabilities: How to Avoid Them!

Introduction In today’s interconnected world, understanding the OWASP Top 10 IoT vulnerabilities is crucial, especially for small businesses striving to maintain a secure environment. The Internet of Things (IoT) is revolutionizing how small ...