Application Security News and Articles
Your mission, should you choose to accept it, is to protect your organization’s sensitive data from cyber threats and attain an ISO 27001 certification. This guide provides a comprehensive overview for ensuring a smooth ISO 27001 audit of your ...
The majority of cybersecurity pros are experiencing some level of burnout, with more than half reporting they are likely to switch jobs next year.
The post Survey Surfaces High Levels of Burnout Among Cybersecurity Professionals appeared first on ...
Static Application Security Testing (SAST) is a type of security testing that analyzes the source code or compiled form of an application…Continue reading on Medium »
A number of government-backed APTs are exploiting CVE-2023-38831, a file extension spoofing vulnerability in WinRAR, a widely used file archiver utility for Windows. CVE-2023-38831 has been patched in August 2023, along with another high-severity ...
Guardz introduced its AI-powered cyber risk assessment prospecting tool for Managed Service Providers (MSPs). By generating comprehensive reports that delve into the cybersecurity posture of MSPs’ existing or prospective clients, this tool ...
Learn how firmware security fits into this widely used framework that tracks and maps adversary actions. Find out which tactics and techniques are leveraging firmware vulnerabilities and known exploits.
The post Firmware and Frameworks: MITRE ...
A recently patched Citrix NetScaler ADC/Gateway information disclosure vulnerability (CVE-2023-4966) has been exploited by attackers in the wild since late August 2023, Mandiant researchers have revealed. About CVE-2023-4966 Citrix’s ...
Since launching in 2021, Darwinium has raised $26 million to build a bot and fraud prevention platform running on the perimeter edge.
The post Darwinium Raises $18 Million for Edge-based Fraud Prevention Tech appeared first on SecurityWeek.
Former Navy IT manager Marquis Hooper was sentenced to prison for stealing PII and selling it on the dark web.
The post Former Navy IT Manager Sentenced to Prison for Hacking, Selling PII appeared first on SecurityWeek.
Companies will typically spend anywhere from tens of thousands of dollars to several million in the aftermath of a Magecart attack.
The post The Cost of Magecart: More Than Just a Single Fine appeared first on Security Boulevard.
Juniper Networks announced the expansion of its Connected Security portfolio with new products and capabilities that empower organizations to seamlessly extend security services and zero trust policies across distributed data center environments. ...
The rise of containerization and Kubernetes has catalyzed a widespread adoption of microservices architecture for packaging and deploying cloud-native applications. According to a recent report, 85% of surveyed companies said they are modernizing ...
Overview In an effort to safeguard our customers, we perform proactive vulnerability research with the goal of identifying zero-day vulnerabilities that are likely to impact the security of leading organizations. Our ultimate goal when performing ...
Discover the history, types, and threats of QR codes, including quishing and QRLJacking. Learn why QR phishing is effective and how it exploits user trust, convenience, and bypasses security filters. Understanding QR Codes: A Brief History QR ...
Maverics Identity Orchestration Platform delivered an ROI of 407% by eliminating app rewriting, retiring legacy IAM systems, and reducing IT resource requirements BOULDER, Colo., Oct. 18, 2023 – Strata Identity, the Identity Orchestration ...
Arcitecta announced Mediaflux Pocket, a multifactor authentication and authorization (MFA&A) application that helps businesses meet data security compliance standards, while significantly reducing the risk of unauthorized access to sensitive ...
By combining different digital identity technologies, organizations can withstand the deceptive tactics of cybercriminals.
The post Digital Identification: The Cornerstone for Confidence Online appeared first on Security Boulevard.
Hacker claims to have breached D-Link’s network in Taiwan and is offering to sell stolen data, but the company says the claims are exaggerated.
The post D-Link Says Hacker Exaggerated Data Breach Claims appeared first on SecurityWeek.
A DigiCert survey found most organizations unprepared to address the security implications of post-quantum computing (PQC).
The post DigiCert Survey Reveals Post-Quantum Cybersecurity Challenges appeared first on Security Boulevard.
Thales announced the SafeNet IDPrime FIDO Bio Smart Card, a security key that enables strong MFA for the enterprise. This new contactless smart card allows users to quickly and securely access enterprise devices, applications, and cloud services ...
