Application Security News and Articles
Despite having been discovered and reported in 2014, the vulnerability that allows pixie dust attacks still impacts consumer and SOHO networking equipment around the world, Netrise researchers have confirmed. WPS and the pixie dust attack Wi-Fi ...
Creators, Authors and Presenters: Helvetigoth interviews Andra Lezza
Our sincere appreciation to DEF CON, and the Creators/Presenters/Authors for publishing their timely DEF CON 33 outstanding content. Originating from the conference's events ...
In the emergency room at 2 AM, a cardiac patient arrives in distress. The attending physician rushes to the nearest workstation—one that three other doctors have used in the past hour—and needs immediate access to prescribe life-saving ...
SecurityWeek's Attack Surface Management Virtual Summit is now LIVE and runs today from 11AM – 4PM ET.
The post Virtual Event Today: Attack Surface Management Summit appeared first on SecurityWeek.
Passkeys Are Progress, But They’re Not Protection Against Everything The cybersecurity community is embracing passkeys as a long-overdue replacement for passwords. These cryptographic credentials, bound to a user’s device, eliminate phishing ...
Irregular is testing the cybersecurity capabilities of AI models, including Anthropic’s Claude and OpenAI’s ChatGPT.
The post Irregular Raises $80 Million for AI Security Testing Lab appeared first on SecurityWeek.
Learn how organizational factors influence Attack Surface Management (ASM) tooling through key insights from security engineers.
The post Why context is king in Attack Surface Management (ASM): Key insights from my conversations with security ...
Nagomi Security announced the next step in its platform evolution with Nagomi Control, a new release that enhances Continuous Threat Exposure Management (CTEM) by enabling security teams to shift from identifying exposures to fixing them. While ...
Smarter navigation, faster insights, and better visibility from Legit
The post A Fresh Look & an AI AppSec Teammate appeared first on Security Boulevard.
RegScale has raised a total of more than $50 million, with the latest investment being used to enhance its platform and expand.
The post RegScale Raises $30 Million for GRC Platform appeared first on SecurityWeek.
Articles related to cyber risk quantification, cyber risk management, and cyber resilience.
The post Build Cyber Resilience With a Control Assessment | Kovrr appeared first on Security Boulevard.
The campaign targeted US government, think tank, and academic entities involved in US-China relations, international trade, and economic policy.
The post Details Emerge on Chinese Hacking Operation Impersonating US Lawmaker appeared first on ...
Why Identity Breach Monitoring Needs an Upgrade If you’ve ever received a “dark web alert,” you probably know the uneasy feeling. An email pops into your inbox with a subject line like: “Your personal information has been found on the ...
Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. “Using a court order granted by the Southern District of New York, [we] seized 338 ...
Conor Fitzpatrick, who pleaded guilty in July 2023, was sentenced last year to time served and supervised release.
The post BreachForums Owner Sent to Prison in Resentencing appeared first on SecurityWeek.
The startup provides an authentication stack that secures both incoming authentication and outgoing agent actions.
The post Scalekit Raises $5.5 Million to Secure AI Agent Authentication appeared first on SecurityWeek.
BeyondTrust released new AI security controls in Identity Security Insights. These capabilities provide visibility into AI agents, secure orchestration of their actions, and an on-board intelligence layer to help teams make faster, smarter ...
Siren announced the launch of K9, an AI companion designed to transform the way investigators uncover threats and connections. K9 is fast, dependable and mission-focused, built to guard, protect, and serve those on the front lines of keeping ...
NetRise has identified 20 device models from six vendors that are still vulnerable to Pixie Dust attacks.
The post Decade-Old Pixie Dust Wi-Fi Hack Still Impacts Many Devices appeared first on SecurityWeek.
The packages were injected with malicious code to harvest secrets, dump them to a public repository, and make private repositories public.
The post Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit appeared first ...
