Application Security News and Articles
In this Help Net Security interview, Raffaele Mautone, CEO of Judy Security, talks about the cybersecurity problems that small businesses face and the need for prioritization to save businesses from potential fines and damage to their brand ...
September is National Insider Threat Awareness Month. We are doing our part to drive awareness for a sector of the security stack that is underrepresented in attention and budgets. Here’s a quick roundup of the key insider risk activities DTEX ...
In 2023, a wave of new attacks targeting Kubernetes has been reported, from Dero and Monero crypto mining to Scarleteel and RBAC-Buster. In this Help Net Security video, Jimmy Mesta, CTO at KSOC, explores what it would take to protect against ...
Many organizations are unprepared for sweeping industry changes that call for mandated certificate automation, according to GMO GlobalSign. There could be significant changes within the Public Key Infrastructure (PKI) marketplace, the most ...
One in every six ransomware attacks targeting US government offices was traced back to the LockBit ransomware group, according to Trend Micro. Overall ransomware attack victim numbers increased by 47% from H2 2022. “We’ve observed a ...
It was great to chat last week on the topic of the new SEC Rules with my good friend Ed Amoroso (President of TAG Cyber, Professor at NYU and the former CSO of AT&T). A link to the recording of our discussion is here: And if listening to ...
Open-source threat intelligence (OSINT) is a valuable asset to pull from during incident investigations. However, doing this for every alert is monotonous and can be prone to human errors. When using SOAR security tools, you can build IoC ...
The automotive industry is one of the largest in the world, with sales estimated at $2.95 trillion for 2022. It’s also an industry undergoing profound change thanks to global supply chains and digital transformation — which means that the ...
A European-based organization in the transportation industry needed a way to protect its data with a solution that could mitigate sophisticated threats and move beyond basic threat detection capabilities. It required a holistic solution that ...
Overview Recently, NSFOCUS CERT found that Google officially fixed a heap buffer overflow vulnerability (CVE-2023-4863). Due to a flaw in the WebP module, an attacker triggered the vulnerability by inducing users to visit a malicious website, ...
Many thanks to Israel’s Tel Aviv University for publishing their presenter’s tremendous Cyber Week 2023 security content on the Tel Aviv University’s TAUVOD YouTube channel.
Permalink
The post Cyber Week 2023 & The Israel National ...
Hackers are using a bogus download page for Bitwarden’s password manager solution to target Windows users with a new remote access trojan (RAT) that’s designed to steal credentials and a range of information about the compromised system. ...
Meet the Ona: Stefan Popa
ltabo
Wed, 09/27/2023 - 18:12
Today, we announced a series of strategic expansion efforts, including a new product research and development center in Romania, as well as the introduction of Stefan Popa, Ph.D, MBA, ...
In a vast world of online threats, certain terms can stand out for their mysterious nature and vague implications. They sound technical, jargony, and are often dismissed as too hard for us to get into. Today we’re offering a guide, a sort of ...
The sixth edition of Cybertech Europe will be held on October 3 and 4, 2023, at La Nuvola Convention Center. It will feature a grand exhibition hall, conferences and lectures, and sector-specific special events with the most influential and ...
Introduction In today’s digital age, the significance of robust cybersecurity for small and medium-sized businesses (SMBs) is more crucial than ever. The surge in cyber threats and attacks is relentless. These threats target businesses of all ...
via the comic artistry and dry wit of Randall Munroe, maker of XKCD!
Permalink
The post Randall Munroe’s XKCD ‘Lying’ appeared first on Security Boulevard.
The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech has been caught hacking into network edge devices and using firmware implants to silently hop around the corporate networks of U.S. and Japanese companies.
The post Chinese ...
Continue reading on Medium »
SpecterOps announced new Purple Team Assessment Services. This two-week assessment evaluates how well an organization’s security controls can detect and prevent common attack techniques using a novel proprietary approach from SpecterOps for ...
