Application Security News and Articles
As organizations recognize the immense value and criticality of your data and systems, cybersecurity has become intrinsically linked to business strategy. Chief Information Security Officers (CISOs) are increasingly expected to play a central ...
Author/Presenter: Nick Frichette
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the ...
The holiday season brings out the best in people, with many feeling inspired to support worthy causes. Unfortunately, it also attracts scammers who prey on this generosity. Here’s how to ensure your donations reach legitimate charities while ...
Privilege escalation is a critical cybersecurity threat in which a user—usually a malicious actor—gains access to data beyond what their account permissions allow. Attackers can gain this access through human error, stolen credentials, or ...
As software development accelerates, the need to identify threats and respond in real time is greater than ever. Detection as Code (DaC) allows you to write, maintain, and automate your threat detection logic as if it were software code, making ...
Kubernetes, also known as K8s, is a powerful platform for orchestrating containers in complex, distributed environments. Among its many features, Kubernetes has Secrets, which safeguard sensitive information like API keys, passwords, and tokens ...
via the comic humor & dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Linear Sort’ appeared first on Security Boulevard.
An Apache Tomcat web server vulnerability has been published, exposing the platform to remote code execution through a race condition failure.
The post CVE-2024-50379: A Critical Race Condition in Apache Tomcat appeared first on Security Boulevard.
Recent research has uncovered a concerning vulnerability in modern Trusted Execution Environments (TEEs) that challenges fundamental assumptions about memory security. The BadRAM attack, detailed in a paper by De Meulemeester et al., demonstrates ...
Here at ColorTokens, we’ve recently been engaged with a leading cancer center to improve its cybersecurity posture. After phase one of the deployment, they shared with us that the benefit they derived is gaining the peace of mind that their ...
It is the holiday season. Think twinkling lights, the scent of pine, and cyber threats lurking in the shadows, waiting to pounce quicker than Bruce Willis can say, “Yippee ki yay.”In the festive spirit of “Die Hard,” let’s see how we ...
As 2024 comes to a close, IT security and business leaders will be braced for another challenging year ahead. In the long-term, economic uncertainty and geopolitical instability seem set to continue, creating the conditions in which threat actors ...
Have you found yourself scrolling through Shein’s endless feed of trendy clothes and asking yourself, “Is it safe to buy from here?” You’re not alone.
The post Is Shein safe? Cybersecurity tips for fashion lovers appeared first on ...
The cybersecurity landscape is accelerating in complexity and scale. While cybersecurity spending has grown at a Compound Annual Growth Rate (CAGR) of approximately 10% over the past decade, the CAGR for breaches has surged to an alarming 34%, ...
$2.2 billion worth of cryptocurrency was stolen from various platforms in 2024, Chainalysis’ 2025 Crypto Crime Report has revealed. Of that sum, $1.34 billion was stolen by North Korea-affiliated hackers, across 47 hacking incidents (out of ...
As 2025 approaches, emerging regulations and laws will affect how CISOs strategize and protect their organizations. With the increasing complexity of global compliance frameworks, understanding these changes is crucial for maintaining security ...
Last week’s Gartner IAM Summit in Grapevine, Texas, was a whirlwind of insights, particularly around machine identity management (MIM). The event underscored the transformative trends and challenges shaping the domain, providing both thought ...
Netflix has been hit with a €4.75 million fine by the Dutch Data Protection Authority (DPA). The fine stems from the company’s failure to clearly explain its data practices to users between 2018 and 2020—highlighting a key issue that has ...
Ah, it’s that time of year again. As the clock ticks closer to 2025, companies everywhere are dusting off their crystal balls to forecast what the new year might bring. Yes, we know — another set of predictions in a sea of predictions. But ...
NETSCOUT updates its Arbor Edge Defense (AED) and Arbor Enterprise Manager (AEM) products as part of its Adaptive DDoS Protection Solution to combat AI-enabled DDoS threats and protect critical IT infrastructure. DDoS threats and protect critical ...
