Application Security News and Articles
Author/Presenter: Luke Weatherburn-Bird
Our thanks to Bsides Exeter, and the Presenters/Authors for publishing their timely Bsides Exeter Conference content. All brought to you via the organizations YouTube channel.
Permalink
The post BSides ...
Data exfiltration has traditionally been the end goal among threat actors whether it’s for financial gain, political gain or to simply wreak havoc.
The post Reading the Data Breach Tea Leaves: Preventing Data Exfiltration Before it Happens ...
Organizations can adopt FinOps, a cloud financial management practice promoting shared accountability among engineering, finance and operations teams to balance innovation, security and cost efficiency.
The post Savings and Security: The Dual ...
The FCC is launching a new agency council to push back on Chinese-backed cyberthreats like Salt Typhoon by pushing telecoms to harden their defense, reduce their reliance on trade with foreign adversaries, and ensure continued U.S. leadership is ...
Organizations need a seamless, application-focused security strategy that integrates network, identity and data protection into a unified approach.
The post Strengthening Security in the Cloud Era Requires Network Visibility and Understanding ...
The largest Java community conference, Devnexus 2025, tackled AI, security, and Java’s role in enterprise development. Read key takeaways for securing applications.
The post Devnexus: Bringing Java Into The Age Of AI appeared first on Security ...
The telecommunications sector is the backbone of many processes in life and business and must improve its cybersecurity posture.
The post Cybersecurity Challenges in the Telecom Sector: Protecting Data and Infrastructure appeared first on ...
Insight No. 1 — We are frogs, falling asleep in security-debt stew
Companies are drowning in high-risk software security debt, with critical vulnerabilities festering for an average of 252 days before they’re fixed — long enough to turn ...
Noteworthy stories that might have slipped under the radar: Switzerland requires disclosure of critical infrastructure attacks, ESP32 chips don’t contain a backdoor, MassJacker cryptojacking malware.
The post In Other News: Swiss Breach ...
The ClickFix technique has been employed by cybercrime and APT groups for information stealer and other malware deployment.
The post ClickFix Widely Adopted by Cybercriminals, APT Groups appeared first on SecurityWeek.
Russian-Israeli LockBit ransomware developer Rostislav Panev has been extradited from Israel to the United States.
The post LockBit Ransomware Developer Extradited to US appeared first on SecurityWeek.
Measure the different level of risk inherent to all gen-AI foundational models and use that to fine-tune the operation of in-house AI deployments.
The post New AI Security Tool Helps Organizations Set Trust Zones for Gen-AI Models appeared first ...
APIs serve as essential links in today’s digital infrastructure, enabling data sharing and application integration. However, their widespread use has made them prime targets for attackers. Hence, strict compliance with security regulations is ...
Your guide on how to get through the conference with your sanity, energy, and key performance indicators (KPIs) intact.
The post RSA Conference Playbook: Smart Strategies from Seasoned Attendees appeared first on SecurityWeek.
Two Microsoft researchers have devised a new jailbreak method that bypasses the safety mechanisms of most AI systems.
The post New CCA Jailbreak Method Works Against Most AI Models appeared first on SecurityWeek.
The newly discovered SuperBlack ransomware has been exploiting two vulnerabilities in Fortinet firewalls.
The post Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks appeared first on SecurityWeek.
Corero Network Security announced the strategic advancement of AI capabilities across its product portfolio and operations—building on a long-standing legacy of intelligent, adaptive security solutions. For years, Corero’s SmartWall ONE ...
Cyber threats in 2025 require a proactive, adaptive approach. To stay ahead, CISOs must balance technical defenses, regulatory expectations, and human factors. By prioritizing AI-driven security, ransomware resilience, supply chain risk ...
Cloud pentesting involves manually or automatically exploiting vulnerabilities detected by a security expert or vulnerability scanner, simulating real-world hacker tactics to uncover weaknesses. By identifying these vulnerabilities, cloud ...
A recent report from Nozomi Networks Labs, based on an analysis of over 500,000 wireless networks worldwide, reveals that only 6% are adequately protected against wireless deauthentication attacks. Most wireless networks, including those in ...
