Application Security News and Articles
via the comic humor & dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Linear Sort’ appeared first on Security Boulevard.
An Apache Tomcat web server vulnerability has been published, exposing the platform to remote code execution through a race condition failure.
The post CVE-2024-50379: A Critical Race Condition in Apache Tomcat appeared first on Security Boulevard.
Recent research has uncovered a concerning vulnerability in modern Trusted Execution Environments (TEEs) that challenges fundamental assumptions about memory security. The BadRAM attack, detailed in a paper by De Meulemeester et al., demonstrates ...
Here at ColorTokens, we’ve recently been engaged with a leading cancer center to improve its cybersecurity posture. After phase one of the deployment, they shared with us that the benefit they derived is gaining the peace of mind that their ...
It is the holiday season. Think twinkling lights, the scent of pine, and cyber threats lurking in the shadows, waiting to pounce quicker than Bruce Willis can say, “Yippee ki yay.”In the festive spirit of “Die Hard,” let’s see how we ...
As 2024 comes to a close, IT security and business leaders will be braced for another challenging year ahead. In the long-term, economic uncertainty and geopolitical instability seem set to continue, creating the conditions in which threat actors ...
Have you found yourself scrolling through Shein’s endless feed of trendy clothes and asking yourself, “Is it safe to buy from here?” You’re not alone.
The post Is Shein safe? Cybersecurity tips for fashion lovers appeared first on ...
The cybersecurity landscape is accelerating in complexity and scale. While cybersecurity spending has grown at a Compound Annual Growth Rate (CAGR) of approximately 10% over the past decade, the CAGR for breaches has surged to an alarming 34%, ...
$2.2 billion worth of cryptocurrency was stolen from various platforms in 2024, Chainalysis’ 2025 Crypto Crime Report has revealed. Of that sum, $1.34 billion was stolen by North Korea-affiliated hackers, across 47 hacking incidents (out of ...
As 2025 approaches, emerging regulations and laws will affect how CISOs strategize and protect their organizations. With the increasing complexity of global compliance frameworks, understanding these changes is crucial for maintaining security ...
Last week’s Gartner IAM Summit in Grapevine, Texas, was a whirlwind of insights, particularly around machine identity management (MIM). The event underscored the transformative trends and challenges shaping the domain, providing both thought ...
Netflix has been hit with a €4.75 million fine by the Dutch Data Protection Authority (DPA). The fine stems from the company’s failure to clearly explain its data practices to users between 2018 and 2020—highlighting a key issue that has ...
Ah, it’s that time of year again. As the clock ticks closer to 2025, companies everywhere are dusting off their crystal balls to forecast what the new year might bring. Yes, we know — another set of predictions in a sea of predictions. But ...
NETSCOUT updates its Arbor Edge Defense (AED) and Arbor Enterprise Manager (AEM) products as part of its Adaptive DDoS Protection Solution to combat AI-enabled DDoS threats and protect critical IT infrastructure. DDoS threats and protect critical ...
Operation Cronos, a Europol-led coalition of law enforcement agencies from 10 countries, announced in February that it had disrupted LockBit — one of the most prolific ransomware gangs in the world — at “every level” of its operations. ...
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD 25-01) requiring federal civilian agencies to secure their (Microsoft) cloud environments. About the CISA BOD 25-01 directive The ...
CISA is requiring all federal agencies to adopt stronger measures to improve their SaaS configurations and protect their complex cloud environments against growing threats from hackers, who are increasingly targeting third parties like cloud ...
The global Secure Access Service Edge (SASE) market reached $2.4 billion in the third quarter of 2024, with six leading vendors — Zscaler, Cisco, Palo Alto Networks, Broadcom, Fortinet and Netskope — capturing a combined 72% market ...
Season 3, Episode 16: Being technical gets you a job in cyber, but investing in soft skills opens doors to make it a career.
The post The key to growing a cybersecurity career are soft skills appeared first on Security Boulevard.
Legit Security announced enhancements to its secrets scanning product. Available as either a stand-alone product or as part of a broader ASPM platform, Legit released a new secrets dashboard for an integrated view of all findings and recovery ...
