Application Security News and Articles
A recent emergence in the cybercrime landscape involves a ransomware strain known as RansomHub, which has surfaced as a successor to the notorious Knight ransomware attack. Initially identified as Cyclops 2.0, Knight ransomware gained infamy for ...
Cybercriminals are not about to give up – this is how they make their living. So it’s up to cybersecurity professionals to stay vigilant and learn as much as they can about the forces they face.
The post Are We Turning the Corner in the Fight ...
In March 2024, the European Parliament overwhelmingly approved the EU Cyber Resilience Act, or CRA, which will now be formally adopted with the goal of improving the cybersecurity of digital products. It sets out to do this by establishing ...
Runtime enforcement is the future of software security, if we can only make it accessible to the developers that understand their applications the best.
The post Runtime Enforcement: Software Security After the Supply Chain Ends appeared first on ...
As retailers compete in an increasingly competitive marketplace, they invest a great deal of resources in becoming household names. But brand recognition is a double-edged sword when it comes to cybersecurity. The bigger your name, the bigger the ...
Cybersecurity isn’t just about firewalls and antivirus. It’s about understanding how your defenses, people, and processes work together. Just like Google Maps revolutionized navigation, process mapping can revolutionize how you ...
In this Help Net Security interview, Alan DeKok, CEO at NetworkRADIUS, discusses the need for due diligence in selecting and maintaining open-source tools, and brings out the potential risks and benefits of collaborating with the open-source ...
The cyber threat landscape in 2023 and 2024 has been dominated by mass exploitation, according to WithSecure. Edge service KEV vulnerability trends 64% of all edge service and infrastructure Common Vulnerabilities and Exposures (CVEs) in the ...
Post-quantum cryptography (PQC) is a hot topic. A recent paper from Tsinghua University raised doubts about lattice-based cryptography for PQC, though an error was found. This has sparked questions about the strength of soon-to-be-standardized ...
While 75% of enterprises are implementing AI, 72% report significant data quality issues and an inability to scale data practices, according to F5. Data and the systems companies put in place to obtain, store, and secure it are critical to the ...
As enterprises shift from on-premises to cloud systems, hybrid cloud solutions have become essential for optimizing performance, scalability, and user ease. However, risks arise when poorly configured environments connect to the cloud. A ...
TechSpective Podcast Episode 133 Nick Edwards, Vice President of Product Management at Menlo Security joins me for this insightful episode of the TechSpective Podcast. Nick brings decades of cybersecurity experience to the table, offering a ...
Our engineering team has been hard at work, reworking our flagship platform to enhance the Chariot platform to remain the most comprehensive and powerful CTEM platform on the market. So what’s new? Here are several new features recently added ...
In June 2023, a critical vulnerability (CVE-2023-34362) in the MOVEit Transfer file transfer software was exploited by adversaries, resulting in a series of high-profile data breaches. Despite the availability of patches, and the vulnerability ...
In the intricate ecosystem of data center operations, managing and optimizing infrastructure is a complex, continuous task. Data Center Infrastructure Management (DCIM) software has emerged as a vital tool in this arena, providing real-time ...
Authors/Presenters:Leo Stone, Rishi Ranjan, Stefan Nagy, Matthew Hicks
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access.
Originating from ...
via the comic artistry and dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Broken Model’ appeared first on Security Boulevard.
Identifying and Mitigating Complex Malware Campaigns with ASNs
This week, I spent a good deal of time going down some rabbit holes - all of which were fascinating. However, this is an example where some of the work we do we would like to share ...
Traditional vulnerability scanning tools are enhanced with NodeZero's autonomous penetration testing, revolutionizing Vulnerability Management by providing comprehensive risk assessment, exploitability analysis, and cross-host vulnerability ...
With the right license, you can protect your open-source project and ensure proper usage. This article provides a clear overview of open-source licensing for developers and users.
The post Open Source Licensing 101: Everything You Need to Know ...
