Application Security News and Articles
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) SonicWall has patched a critical vulnerability (CVE-2024-40766) in its ...
Permalink
The post Happy United States Labor Day Weekend 2024 / Feliz Fin de Semana del Día del Trabajo de Estados Unidos 2024 / Joyeux Fin de Semaine de la Fête du Travail aux États-Unis 2024 appeared first on Security Boulevard.
Why GRC strategies are often not as effective as they could be, and specific practices businesses can adopt to improve GRC operations.
The post 4 Tips for Optimizing Your GRC Strategy appeared first on Security Boulevard.
The widespread adoption of IoT devices has created new cybersecurity challenges, including those related to external attack surface management.
The post Modern Strategies for IoT Device Fingerprinting appeared first on Security Boulevard.
An estimated 2.7 billion personal records were stolen from National Public Data (NPD), a Florida-based data broker company that collects and sells personal data for background checks.
The post Missing Guardrails, a Troubling Trend in Data ...
Last week, Axions Daniel Brown, Mike Woodward and I attended SiRAcon at the Boston Federal Reserve building. We left feeling inspired and eager to apply some of what we learned
Read More
The post Key Takeaways from SiRAcon ’24: An Axio ...
Gartner's 2024 Hype Cycle for Application Security: ASPM moves from peak to trough.
The post ASPM and Modern Application Security appeared first on Security Boulevard.
Authors/Presenters:Andrew Kwong, Walter Wang, Jason Kim, Jonathan Berger, Daniel Genkin, Eyal Ronen, Hovav Shacham, Riad Wahby, Yuval Yarom
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, ...
RansomHub is a ransomware-as-a-service variant—formerly known as Cyclops and Knight—that has established itself as an efficient and successful service model.
The post US CERT Alert AA24-242A (RansomHub Ransomware) appeared first on ...
via the comic & dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Stranded’ appeared first on Security Boulevard.
The Early Days: Basic Asset Management While it was not called ASM, the concept of managing attack surface management began with basic asset management practices in the late 1990s and early 2000s. Organizations focused on keeping an inventory of ...
Authors/Presenters:Peter Snyder, Soroush Karami, Arthur Edelstein, Benjamin Livshits, Hamed Haddadi
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to ...
AttackIQ has released a new attack graph that emulates the behaviors exhibited by Mallox ransomware since the beginning of its activities in June 2021. Mallox primarily gains access to victim networks through dictionary brute-force attacks ...
Worried about GitHub Copilot’s security and privacy concerns? Learn about potential risks and best practices to protect yourself and your organization while leveraging AI.
The post GitHub Copilot Security and Privacy Concerns: Understanding the ...
Ticket bots challenge fair access to events, impacting the ticketing industry. This article explores their operation, effects, and strategies to combat them.
The post How to Restore Fairness In Online Ticketing by Fighting Ticket Bots appeared ...
Insight #1: North Korean IT spies
The threat of state-sponsored cyber espionage is real and evolving. Recent reports reveal North Korean IT professionals are using stolen identities and advanced tactics to infiltrate private companies. These ...
In our groundbreaking 2023 Annual Review, Horizon3.ai delves into the transformative approach of autonomous pentesting with NodeZero. This pivotal document is your gateway to mastering proactive cybersecurity defense mechanisms.
The post ...
A report by Radware finds that DDoS attacks are increasing not only in number and volume, some lasting as long as 100 hours over six days.
The post Radware Report Surfaces Increasing Waves of DDoS Attacks appeared first on Security Boulevard.
RansomHub, a ransomware-as-a-service (RaaS) outfit that “popped up” earlier this year, has already amassed at least 210 victims (that we know of). Its affiliates have hit government services, IT and communication companies, healthcare ...
A newly released report, Forrester’s The State of Cyber, 2024 finds about 83% of organizations currently maintain cybersecurity insurance, and such policyholders tend to possess improved ability to detect and respond to attacks.
The post ...
