Application Security News and Articles
As companies dive deeper into the digital age, beefing up cybersecurity is key — it's not just an IT thing; it's a must-have for everyone on board.
The post Cybersecurity in IT Infrastructure: Protecting Digital Assets appeared first on ...
A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate cryptowallets’ seed recovery phrases, Kaspersky researchers have found. ...
CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog.
The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek.
Dynatrace announced the expansion of its security portfolio with a new Cloud Security Posture Management (CSPM) solution. For enterprises managing complex hybrid and multi-cloud environments, Dynatrace CSPM can significantly enhance security, ...
Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.
The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek.
Cybersecurity risk management company Tenable announced plans to acquire Vulcan Cyber for approximately $147 million in cash and $3 million in restricted stock units.
The post Tenable Acquires Vulcan Cyber, Building on AI-Powered Risk ...
Veriti launched Veriti Cloud, an expansion of its Exposure Assessment and Remediation platform that brings proactive cloud native remediation to the forefront. With Veriti Cloud, organizations gain advanced capabilities to automate remediation ...
Atrinet launched Atrinet URL Scanner, a solution designed to combat real-time SMS fraud. The solution combines Google Web Risk’s technology scanning capabilities with Atrinet’s telecom security expertise, enabling Communication ...
OpenNHP is the open-source implementation of NHP (Network-resource Hiding Protocol), a cryptography-based zero trust protocol for safeguarding servers and data. OpenNHP offers the following benefits: Reduces attack surface by hiding ...
In this Help Net Security video, Ivan Novikov, CEO of Wallarm, discusses the 2025 API ThreatStats Report, highlighting how APIs have become the primary attack surface over the past year, mainly driven by the rise of AI-related risks. Researchers ...
Financial institutions will continue to be the ultimate targets for criminals and threat actors, as a successful attack offers a significant payoff, according to Contrast Security. Contrast Security has surveyed 35 of the world’s leading ...
The Age of AI Is Upon Us The current pace of technological change beggars’ belief. Generative Artificial Intelligence (GenAI), released to the world a mere two years ago, promises to eliminate much of the tedium of the digital world. Software ...
Sophos has completed its $859 million all-cash acquisition of SecureWorks.
The post Sophos Completes Acquisition of Secureworks appeared first on SecurityWeek.
The relationship between the two software security initiatives promoted by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) can be misunderstood. Sometimes Secure by Design and Secure by Default are even pitted against each other. ...
Author/Presenter: Harriet Farlow
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the ...
Explore how the Cyberhaven attack exposes the dangers of 'consent phishing', a tactic that bypasses even robust security measures like MFA.
The post Cyberhaven: A Wake-Up Call for Consent Phishing Risks | Grip appeared first on Security Boulevard.
via the comic humor & dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Stromatolites’ appeared first on Security Boulevard.
A survey of 150 security decision makers in the U.S., published today, finds that close to two thirds of cybersecurity incidents (62%) involved issues that were previously known to be a potential threat. Conducted by ZEST Security, the survey ...
Mitre Att&ck as Context
Introduction:
A common theme of science fiction authors, and these days policymakers and think tanks, is how will the humans work with the machines, as the machines begin to surpass us across many dimensions.
In ...
The number of vulnerabilities first reported as exploited surged last year amid a decrease in zero-day reports.
The post Exploitation of Over 700 Vulnerabilities Came to Light in 2024 appeared first on SecurityWeek.
