Application Security News and Articles
Author/Presenter: Julia Dewitz-Würzelberger
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; ...
A large-scale phishing campaign is using PDF files and hidden malicious links, as well as posing at the U.S. Postal Service, in phishing campaign targeting mobile device users in hope that victims will divulge credentials and personal ...
As the February 2nd deadline approaches, CISOs and CCOs face the pressing task of aligning their organizations with the EU AI Act’s stringent requirements. Chapter 1, Article 4 mandates AI literacy for all staff involved in AI operations, while ...
AI agents like OpenAI Operator complicate fraud detection, demanding fraud prevention solutions that leverage behavioral analysis and client-side signals to properly assess user intent.
The post Why The Rise of AI Agents Demands a New Approach to ...
via the comic humor & dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘T. Rex Evolution’ appeared first on Security Boulevard.
Cary, NC, Jan. 26, 2025, CyberNewswire — INE Security, a leading global provider of cybersecurity training and certifications, today announced a new initiative designed to accelerate compliance with the Department of Defense’s (DoD) newly ...
UK telecoms firm TalkTalk has confirmed falling victim to a data breach after a threat actor boasted about hacking it.
The post TalkTalk Confirms Data Breach, Downplays Impact appeared first on SecurityWeek.
by Source Defense Ensuring compliance with PCI DSS 4.0, specifically requirements 6.4.3 and 11.6.1, is not just about meeting regulations—it’s about securing your customers’ trust and protecting your brand from emerging threats like ...
Vulnerabilities in LTE/5G core infrastructure, some remotely exploitable, could lead to persistent denial-of-service to entire cities.
The post LTE, 5G Vulnerabilities Could Cut Entire Cities From Cellular Connectivity appeared first on SecurityWeek.
Author/Presenter: Lacey Harbour
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the ...
Cybersecurity regulations are facing a tipping point. There are too many and they are too complex to manage – and it’s getting worse.
The post Cyber Insights 2025: Cybersecurity Regulatory Mayhem appeared first on SecurityWeek.
Opengrep is a new consortium-backed fork of Semgrep, intended to be and remain a true genuine OSS SAST tool.
The post Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST appeared first on SecurityWeek.
5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”. The warning came last week from Bishop ...
This is a news item roundup of privacy or privacy-related news items for 19 JAN 2025 - 25 JAN 2025. Information and summaries provided here are as-is for warranty purposes.
Note: You may see some traditional "security" content mixed-in here due ...
The AI world is no stranger to groundbreaking innovations, but DeepSeek, a Chinese AI research lab founded in 2023 by Liang Wenfeng, is making waves...Read More
The post What is DeepSeek & Why Is It Disrupting the AI Landscape? appeared first ...
Industrial automation protocols continue to be the most targeted in OT attacks, but building automation systems have been increasingly targeted.
The post Building Automation Protocols Increasingly Targeted in OT Attacks: Report appeared first ...
As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team has been actively tracking a phishing campaign impersonating the United States Postal Service (USPS) which is exclusively targeting mobile devices.
The ...
Exabeam has extended the reach of its generative artificial intelligence (GenAI) capabilities to its LogRhythm security information event management platform which is designed to be deployed by internal IT teams.
The post Exabeam Extends ...
Silobreaker launched Tickets, a workflow management feature designed to elevate the efficiency, collaboration and impact of intelligence teams. Tickets is built with native support for Threat Intelligence teams, offering robust capabilities to ...
Vulnerabilities in Git’s credential retrieval protocol could have allowed attackers to compromise user credentials.
The post Git Vulnerabilities Led to Credentials Exposure appeared first on SecurityWeek.
