Application Security News and Articles
Following up on last year’s LOLDriver plugin, Tenable Research is releasing detection plugins for the top Remote Monitoring and Management (RMM) tools that attackers have been more frequently leveraging in victim environments.
Background
In ...
Authors/Presenters: Krity Kharbanda, Harini Ramprasad
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany ...
Articles related to cyber risk quantification, cyber risk management, and cyber resilience.
The post Understanding the Total Cost of Ownership of CRQ | Kovrr appeared first on Security Boulevard.
Andy Frain was targeted by the Black Basta ransomware group in 2024 and the hackers have stolen a wide range of information.
The post Security Firm Andy Frain Says 100,000 People Impacted by Ransomware Attack appeared first on SecurityWeek.
In early May 2025, Cisco released software fixes to address a flaw in its IOS XE Software for Wireless LAN Controllers (WLCs). The vulnerability, tracked as CVE-2025-20188, has a CVSS score of 10.0 and could enable an unauthenticated, remote ...
Accredited, industry-recognized certifications giving engineers the authority to stop projects that don’t adhere to safety standards have long been required in chemical, architectural, electrical, and other safety-critical industries. So why ...
Privacy is becoming more closely connected to cybersecurity. It makes sense: you can’t govern how data is used if you can’t secure it first. This connection has become impossible to ignore, and more and more regulations like GDPR, CCPA, and ...
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, the second of two parts, we look closely at six ways exposure ...
A second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. “[The] attacks [are] staged by follow-on, opportunistic threat actors who are leveraging previously established webshells ...
Google has agreed to a $1.375 billion settlement with Texas in lawsuits over location and private browsing tracking, and biometric data collection.
The post Google Agrees to $1.3 Billion Settlement in Texas Privacy Lawsuits appeared first on ...
Hunted Labs announced Entercept, an AI-powered source code security platform that gives enterprises instant visibility into suspicious behavior from the people and code in their software supply chain. Open source code and the people who write it ...
Ascension Health has notified the HHS that more than 437,000 people were affected by a recently disclosed data breach.
The post 437,000 Impacted by Ascension Health Data Breach appeared first on SecurityWeek.
CrowdStrike introduced several enhancements to its Falcon cybersecurity platform and Falcon Next-Gen SIEM at the RSA Conference 2025, highlighting artificial intelligence, managed threat hunting and operational efficiencies aimed at transforming ...
A newly discovered 0-click NTLM authentication bypass vulnerability has resurfaced within Microsoft Telnet Server implementations, exposing a dangerous flaw in outdated yet still-operational systems. Veriti research reveals that this ...
Two vulnerabilities in ASUS’s pre-installed software DriverHub can be exploited for remote code execution.
The post Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks appeared first on SecurityWeek.
Global Crossing Airlines is investigating a cybersecurity incident after Anonymous hackers targeted its systems.
The post US Deportation Airline GlobalX Confirms Hack appeared first on SecurityWeek.
Long lists of firewall rules can lead to misaligned and inconsistent policies, creating gaps in your security perimeter for threat actors to exploit.
The post Firewall Rule Bloat: The Problem and How AI can Solve it appeared first on Security ...
Security teams can analyze live network traffic, an approach also known as network detection and response, and be more proactive in detecting the warning signs of an impending breach.
The post Cybersecurity’s Early Warning System: How Live ...
This critical shift of social media apps becoming “mission-critical” everything apps requires a different approach when it comes to resiliency.
The post Ensuring High Availability and Resilience in the ‘Everything App’ Era ...
Resecurity launched Resecurity One, the next-generation cybersecurity platform designed to improve how organizations approach cybersecurity. Resecurity One combines Digital Risk Management, Cyber Threat Intelligence, Endpoint Protection, Identity ...
