Application Security News and Articles
In a significant development for cybersecurity, a new vulnerability has been detected in OpenSSH, the widely-used suite for secure network communications. This flaw poses a serious risk, potentially allowing malicious actors to remote code ...
It’s been less than 18 months since the public introduction of ChatGPT, which gained 100 million users in less than two months. Given the hype, you would expect enterprise adoption of generative AI to be significant, but it’s been slower than ...
In this Help Net Security interview, Seth Hodgson, SVP of Engineering at Udemy, discusses effective study techniques for cybersecurity certification exams. Hodgson discusses the role of study groups, online forums, and professional networks in ...
A smartphone’s unique Bluetooth fingerprint could be used to track the device’s user–until now. A team of researchers has developed a simple firmware update that can completely hide the Bluetooth fingerprint, eliminating the vulnerability. ...
This article provides an overview of the major data breaches we covered in 2024 so far, highlighting incidents involving Trello, AnyDesk, France Travail, Nissan, MITRE, Dropbox, BBC Pension Scheme, TeamViewer, Advance Auto Parts, and AT&T. ...
While previous Olympic games have faced cybersecurity threats, the Games of the XXXIII Olympiad, also known as Paris 2024, will see the largest number of threats, the most complex threat landscape, the largest ecosystem of threat actors, and the ...
In the rapidly evolving world of e-commerce, security remains a top priority. As part of our ongoing commitment to safeguarding our clients, we are bringing an important update to your attention regarding Adobe Commerce (Magento). This update ...
Authors/Presenters:Cyrill Krähenbühl, Marc Wyss, David Basin, Vincent Lenders, Adrian Perrig, Martin Strohmeier
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong ...
AttackIQ has released two new assessment templates in response to the CISA Advisory (AA24-193A) published on July 11, 2024, that disseminates Tactics, Techniques and Procedures (TTPs), mitigation and detection methods associated with SILENTSHIELD ...
Weekly Threat Intelligence Report
Date: July 15, 2024
Prepared by: David Brunsdon, Threat Intelligence - Security Engineer, HYAS
StealC seems like an appropriate name for stealer malware written in C. It’s been available for less than two years ...
Some scholars are inflating their reference counts by sneaking them into metadata:
Citations of scientific work abide by a standardized referencing system: Each reference explicitly mentions at least the title, authors’ names, publication ...
via the comic & dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Number Line Branch’ appeared first on Security Boulevard.
Found in Environments Protected By: Google, Outlook 365, Proofpoint By Sabi Kiss, Cofense Phishing Defense Center Phishing attacks are becoming increasingly sophisticated, and the latest attack strategy targeting employees highlights this ...
A brief overview of Mythic 3.3’s new features
Eventing Flows
Mythic 3.3 Updates
Mythic 3.3 has too many updates to mention them all here, so if you want a deeper dive into the change log, please check it out on GitHub. Instead, we’re going ...
I’m thrilled to share some exciting news with you that will not only take our ability to serve you to the next level but also bring significant benefits to you. As you may have heard, Nuspire has been acquired by PDI Technologies, a global ...
AI-powered scams are becoming increasingly sophisticated, making distinguishing between legitimate and fraudulent communications harder. Learn about the different types of AI scams, their risks, and how to protect yourself from falling ...
The absence of charset information seems to be a minor issue for a web application. This blog post explains why this is a false assumption and highlights the critical security implications.
The post Encoding Differentials: Why Charset Matters ...
Authors/Presenters:Ka Lok Wu, Man Hong Hue, Ngai Man Poon, Kin Man Leung, Wai Yin Po, Kin Ting Wong, Sze Ho Hui, Sze Yiu Chau
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the ...
AuditBoard launched of out-of-the-box (OOTB) self-assessment tools that enable internal auditors to easily assess and streamline conformance with the new Institute of Internal Auditors (IIA) Global Internal Audit Standards (“Standards”) that ...
Yubico and Straxis launched a new Secure Web browsing application called MilSecure Mobile. This application can be adopted by any Defense Department (DOD) organization to enable secure access to protected DOD websites and services by service ...
