Application Security News and Articles
Peter Shor revolutionized public-key infrastructure (PKI) using concepts that trace back to 4,000-year-old Babylonian mathematics and culminated in futuristic quantum computing. Here, we explore the math with a simple, illustrative tool to break ...
A hack of health care services provider ConnectOnCall exposed the sensitive data of more than 914,000 users, the latest proof point of the growing interest threat actors have in targeting hospitals and other health care organizations.
The post ...
National Public Data, a background check company that collects sensitive personal information, is facing a class-action legal complaint for allowing the data from 2.9 billion people to be stolen in a breach and later sold on the dark web for ...
Chinese crooks are running a global network of more than 75,000 fake online shops to steal credit card data and process fraudulent payments.
The post Best of 2024: Massive Online Shopping Scam Racks Up 850,000 Victims appeared first on Security ...
As we near the end of 2024, one fact is clear: It’s been another bang up year with an unprecedented amount of security incidents. All the usual suspects and some new ones have thrown things around. Resiliency is the name of the game it seems. ...
Security baselines are the foundational guidelines that help organizations maintain a minimum protection standard. They provide a starting point—a basic level of security that must be in place to protect against the most common threats. ...
A six-count indictment was unsealed on Friday in Los Angeles charging two California men with defrauding investors of more than $22 million in cryptocurrency through a series of digital asset project “rug pulls,” a type of fraud ...
What is JA4+ and Why Does It Matter? Introduction Threat analysts and researchers are continually seeking tools and methodologies to gain...
The post A Primer on JA4+: Empowering Threat Analysts with Better Traffic Analysis appeared first on ...
The Changing Landscape of CISO Reporting
The Chief Information Security Officer (CISO) role has evolved dramatically in recent years. Traditionally reporting to the Chief Information Officer (CIO), CISOs now often report directly to the CEO, ...
The modern world relies on Application Programming Interfaces (APIs). They allow applications to communicate with each other, servers, and consumers to facilitate data sharing and simplify application development. Without them, the internet would ...
Cryptography is fundamental to modern cybersecurity, forming the foundation for secure communication and data protection in a world increasingly reliant on digital technologies. Its importance cannot be overstated, as it safeguards sensitive ...
In 2024, we certainly witnessed some interesting trends and disruptions in machine and non-human management, certificate lifecycle management (CLM), and PKI. In research from the Enterprise Strategy Group, non-human (machine) identities are ...
Discover the key differences between the EU's NIS2 and DORA frameworks and what they mean for your business.
The post NIS2 vs. DORA: Key Differences and Implications for Cybersecurity and Operational Resilience appeared first on Scytale.
The post ...
Evilginx is an open-source man-in-the-middle attack framework designed to phish login credentials and session cookies, enabling attackers to bypass 2FA safeguards. “Back in 2017, I was experimenting with extracting cookies from one browser ...
In this Help Net Security interview, Jason Passwaters, CEO of Intel 471, discusses how integrating cybercrime intelligence into an organization’s security strategy enables proactive threat management and how measuring intelligence efforts can ...
As these threat actors become increasingly strategic and harder to detect, organizations must take all measures to protect their data, including cybersecurity training. In this Help Net Security video, Rodman Ramezanian, Global Cloud Threat Lead ...
With outdated and inadequately maintained components, along with insecure dependencies, the open-source ecosystem presents numerous risks that could expose organizations to threats. In this article, you will find excerpts from 2024 open-source ...
Why Advanced Threat Detection Matters? Ever wondered why organizations across various sectors -financial services, healthcare, travel, and DevOps, are placing great emphasis on advanced threat detection? Well, the reason lies in our increasingly ...
Have You Ever Wondered about the Management of Cloud-Based Secret Sprawl? With the rapid digital transformation and the upsurge in cloud computing, enterprises are continually looking for innovative strategies to manage the ever-increasing ...
Is Your Organization Taking a Rigorous Approach to Secrets Rotation? In today’s advanced technological landscape, ensuring compliance and maintaining a capable security posture is no longer optional. Particularly, the management of Non-Human ...
