Application Security News and Articles
Monitoring, testing, auditing, and complying with increasingly complex frameworks and regulations is getting more difficult as compliance requirements grow for organizations of all sizes. To address these issues, Hyperproof is excited to unveil a ...
MD5 MITM Muddle: Ancient, widely used protocol has CVSS 9.0 vulnerability.
The post ‘Blast-RADIUS’ Critical Bug Blows Up IT Vacation Plans appeared first on Security Boulevard.
IntroductionThis is Part 1 of our two-part technical deep dive into APT41’s new tooling, which includes DodgeBox and MoonWalk. In April 2024, Zscaler ThreatLabz uncovered a previously unknown loader called DodgeBox. Upon further analysis, ...
In today’s dynamic world, where the boundaries of geography and time zones blur, fostering a cohesive company culture and unity becomes paramount. At Praetorian, we take immense pride in being a remote-first startup that spans across 11 ...
The US Justice Department (DoJ) has seized two US-based domains used by Russian threat actors to create fake profiles on X (formerly Twitter) that would spread disinformation in the United States and abroad. This bot farm was created and operated ...
Security Compass announced its SD Elements 2024.2 product release. This release expands on the platform’s AI/ML security content designed to help organizations seamlessly integrate GenAI into their applications while ensuring they are secure ...
Authors/Presenters:Gelei Deng, Zhiyi Zhang,Yuekang Li, Yi Liu, Tianwei Zhang, Yang Liu, Guo Yu, Dongjin Wang
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong ...
Quantum Xchange announced the latest release of CipherInsights, the company’s network monitoring, crypto-discovery and risk assessment tool. Version 11.0 includes several new features to pinpoint any weaknesses in enterprise cryptography and ...
IT-Harvest announced the integration of Black Kite‘s cyber third-party risk intelligence into the IT-Harvest Dashboard. This collaboration provides users with a detailed view into cyber third-party risk for more than 3,900 cybersecurity ...
Cofense recently identified and named a new malware called Poco RAT, which is a simple Remote Access Trojan that targets Spanish language victims. It was first observed in early 2024, primarily focusing on companies in the Mining sector and ...
Pentera announced a major update to its RansomwareReady product, enabling customers to proactively test the security of their Linux environments. With this addition, Pentera empowers organizations to adopt proactive measures against the ...
Multi-cloud Identity Orchestration leader appoints 20-year industry veteran and co-founder of Good Dog Labs to lead solution architecture BOULDER, Colo., July 9, 2024 – Strata Identity, the Identity Orchestration company, today announced that ...
CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li has revealed. “Check ...
Social engineering attacks are a cybersecurity threat. These attacks, which involve manipulating individuals into divulging confidential information, have been on the rise and pose a substantial risk to businesses, particularly for financial ...
We are excited to introduce our latest feature: automated schema generation for all your discovered APIs.
The post Product updates: Automated schema generation appeared first on Security Boulevard.
How Horizon3.ai’s Rapid Response Identified and Mitigated a Critical Mirth Connect Vulnerability A key consideration in cybersecurity is determining whether a known software vulnerability is actually exploitable. This often depends on how and ...
RockYou2024 password list boasts over 9.9 billion raw lines. This dictionary demonstrates the continued relevance of stolen user credentials.
The post RockYou2024 appeared first on Security Boulevard.
Three crucial ways to achieve zero-trust through your PAM strategy, ensuring that every privileged user session within your IT environment is safe by design.
The post 3 Ways to Achieve Zero-Trust With Your PAM Strategy appeared first on Security ...
Microservices and containers are changing the way businesses build, deploy, and manage their applications. Within a short span, these technologies have become the de facto standard for software development and distribution. Kubernetes, the ...
Google has removed a potential obstacle for high-risk users who want to enroll in the company’s Advanced Protection Program (APP): they can now do it just by setting a passkey. Users already enrolled in APP have been provided the option to ...
