Application Security News and Articles
Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to be insufficient information and poor communication, fixes for only ...
Duality Technologies has joined the Amazon Web Services (AWS) Partner Network (APN) and launched its secure data collaboration platform in AWS Marketplace. Duality Technologies underwent the comprehensive AWS Foundational Technical Review (FTR) ...
It's time to ensure boards' interest in cybersecurity goes beyond just conversation and into real action.
The post Boards are Finally Taking Cybersecurity Seriously appeared first on Security Boulevard.
Despite increased vigilance, most organizations suffered an API security incident in the last 12 months.
The post Survey Sees More Cyberattacks Targeting APIs appeared first on Security Boulevard.
SymphonyAI announced the Sensa Investigation Hub, a generative AI-enabled investigation and case management platform that propels financial institutions into the future of financial crime management. The Sensa Investigation Hub uses predictive ...
With the ever widening talent gap in cybersecurity and the expanding complexity of the cloud, organizations need an intuitive Security Information and Event Management platform (SIEM) that ensures seamless threat detection, investigation, and ...
At LogRhythm, we’re constantly looking for ways to make the life of a security analyst easier and that is why we are always listening to our customers to prioritize the features that matter. With this LogRhythm NDR release, we enhanced…
The ...
Governance, risk, and compliance (GRC) form the pillars upon which organizations build their operations to ensure security, resilience, and adherence to regulations. However, as IT infrastructure becomes more complex and regulations grow ...
Today it seems like more organizations are asking security teams to do more with less. Less staff and tools mean you need to have effective and well-tuned tools that return results with minimal effort. At LogRhythm, our goal is to…
The post ...
DHS is reportedly investigating the impact of the recent Johnson Controls ransomware attack on its systems and facilities.
The post Johnson Controls Ransomware Attack Could Impact DHS appeared first on SecurityWeek.
Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities (CVE-2023-40044, CVE-2023-42657) in WS_FTP Server, another popular secure file transfer solution. Proof-of-concept ...
Patches are being developed for serious Exim vulnerabilities that could expose many mail servers to attacks.
The post Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks appeared first on SecurityWeek.
McAfee announced new AI protections and enhanced privacy and identity features as part of its latest product lineup. As McAfee continues to move beyond protecting individual devices to protecting people, McAfee’s newest portfolio of products ...
The National Institute of Standards and Technology's new proposed guidelines for integrating software supply chain security into CI/CD pipelines have arrived at an opportune time for security teams, with attacks on the software supply chain ...
Fundamental obligations of the Asia-Pacific Personal Data Protection Act (PDPA) for cybersecurity teams In the information age, the significance of data cannot be overstated, and cybersecurity legislation and standards govern its usage around the ...
CISA has announced the Secure Our World cybersecurity awareness program, targeting both businesses and end users.
The post CISA Kicks Off Cybersecurity Awareness Month With New Program appeared first on SecurityWeek.
In-the-wild exploitation of a critical vulnerability in the TeamCity CI/CD server started shortly after a patch was released by developers.
The post Recently Patched TeamCity Vulnerability Exploited to Hack Servers appeared first on SecurityWeek.
Since July 2023, the Federal Bureau of Investigation (FBI) has noticed a new trend: dual ransomware attacks on the same victim, occurring in close proximity of one another. Dual ransomware attacks Dual ransomware attacks are when against the same ...
Silverfort has released the source code for its lateral movement detection tool LATMA, to help identify and analyze intrusions.
The post Silverfort Open Sources Lateral Movement Detection Tool appeared first on SecurityWeek.
Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by masquerading as a recruiter for Meta — the company behind Facebook, ...
