Application Security News and Articles
Executive Summary
On December 4, a malicious version 8.3.41 of the popular AI library ultralytics — which has almost 60 million downloads — was published to the Python Package Index (PyPI) package repository. The package contained downloader ...
Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. ...
Discover the essentials of FIDO2 authentication implementation in this developer-focused guide. We'll walk you through the process step-by-step, covering key concepts, best practices, and code examples to help you integrate secure, passwordless ...
Don’t miss the Linux Foundation’s deep dive into open source software security. Plus, cyber agencies warn about China-backed cyber espionage campaign targeting telecom data. Meanwhile, a study shows the weight of security considerations in ...
Insight #1: The NIST CVE backlog is hogtying CISOs
The NIST CVE backlog is a digital plague crippling a critical control layer in an organization's cybersecurity architecture. CISOs and security leaders are left scrambling, their defenses ...
Secure your internal applications with Escape’s Private Locations. Scan behind firewalls or VPNs using Repeater—no exposure, no compromises.
The post Introducing Private Locations: Securely Scan Your Internal Applications appeared first on ...
Resecurity, a global leader in cybersecurity solutions, unveiled its advanced Government Security Operations Center (GSOC) during NATO Edge 2024, the NATO Communications and Information Agency’s flagship conference. This year’s event, held ...
Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of AI and some social engineering, you can end up with information and ...
Echoworx announced the addition of 2-Step Verification (2SV) when using OAuth and Passkeys for authentication for encrypted messages. This latest enhancement offers organizations an additional layer of security, addressing the growing demand for ...
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, compiled to assist organizations in making informed decisions when ...
Red teaming is like staging a realistic rehearsal for a potential cyber attack to check an organization’s security resilience before they become actual problems. The exercise has three key phases: getting inside the system, maintaining their ...
It seems like 2024 just started, but the final Patch Tuesday of the year is almost here! In retrospect, it has been a busy year with continued Windows 11 releases, the new Server 2025 release, and all the patches we’ve needed to deal with on ...
The holiday season is a time of joy and relaxation, but it often brings an influx of corporate emails ranging from leave approvals to scheduling paid time off. The Cofense Phishing Defense Center (PDC) has recently intercepted a malicious ...
The holiday season is a time of joy and relaxation, but it often brings an influx of corporate emails ranging from leave approvals to scheduling paid time off. The Cofense Phishing Defense Center (PDC) has recently intercepted a malicious ...
Global data breaches show no signs of slowing down as this year has already exceeded 2023 in the number of data breaches and consumers impacted, according to Experian. Younger cybercriminals on the rise Today, the world of cyber hacking is not ...
PowerDMARC is recognized as a G2 Leader in DMARC Software for the fourth time in 2024, reflecting our commitment to innovation and customer satisfaction in email security.
The post PowerDMARC Named G2 Leader in DMARC Software for the 4th Time in ...
In this Help Net Security interview, Gareth Lindahl-Wise, CISO at Ontinue, discusses how business leaders can align innovation with cybersecurity, tackle the risks posed by legacy systems, and build defenses for startups. Lindahl-Wise also ...
GenAI is a powerful tool that can be used by security teams to protect organizations, however, it can also be used by malicious actors, making phishing-related attacks a growing and concerning threat vector, according to Ivanti. Ivanti’s ...
Here’s a look at the most interesting products from the past week, featuring releases from Datadog, Fortinet, Radiant Logic, Sweet Security, Tenable, and Veza. FortiAppSec Cloud simplifies web application security management With FortiAppSec ...
The video above demonstrates an automated penetration test in a simple container escape scenario. In this video, in addition to using NSFOCUS’s open-source cloud-native cyber range software Metarget (for quickly and automatically building ...
