Application Security News and Articles
As cyber threats continue to evolve and become more sophisticated, protecting identities and access has never been more critical. To help organizations manage digital risks, the National Institute of Standards and Technology (NIST) has provided ...
Right now, your company is likely working with dozens or hundreds of third-parties (e.g., SaaS vendors, cloud infrastructure, professional service firms) to handle all kinds of business processes. Some of them are in possession of your ...
The average vulnerability and patch management backlog now contains over 100,000 vulnerabilities, making better vulnerability prioritization essential to ensure the most pressing threats are promptly addressed. In this blog, we’ll delve deeper ...
Many thanks to Israel’s Tel Aviv University for publishing their presenter’s tremendous Cyber Week 2023 security content on the Tel Aviv University’s TAUVOD YouTube channel.
Permalink
The post Cyber Week 2023 & The Israel National ...
The developers of the Signal messaging app are strengthening the app’s central encryption capabilities for the upcoming post-quantum era. Signal is upgrading the Signal Protocol – the cryptographic specifications behind the end-to-end ...
Noteworthy stories that might have slipped under the radar: Snowden file analysis, Yubico starts trading, election hacking event.
The post In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking appeared first on ...
What does data sovereignty mean for organizations and what’s the best practice for ensuring compliance?
The post Don’t Ignore Data Sovereignty appeared first on Security Boulevard.
Overview On August 29th, 2023, Qlik issued a patch for two vulnerabilities we identified in Qlik Sense Enterprise, CVE-2023-41265 and CVE-2023-41266. These vulnerabilities allowed for unauthenticated remote code execution via path traversal and ...
In the age of generative AI, identity is being exploited by attackers as a weakness in the security perimeter. Here's what to do.
The post The Battle of the Bots: Safeguarding Identity in the Age of AI appeared first on Security Boulevard.
Chinese state-sponsored threat groups have targeted telecoms, financial and government organizations in Africa as part of soft power efforts.
The post China’s Offensive Cyber Operations in Africa Support Soft Power Efforts appeared first on ...
To help protect consumers from browser-based security, privacy and identity threats, Norton, a consumer Cyber Safety brand of Gen, has released Norton Secure Browser. Just as a passport is essential for travel, web browsers are essential for ...
Canada’s largest airline says the personal information of some employees was accessed in a recent cyberattack.
The post Air Canada Says Employee Information Accessed in Cyberattack appeared first on SecurityWeek.
Keysight Technologies and Synopsys are partnering to provide internet of things (IoT) device makers with a comprehensive cybersecurity assessment solution to ensure consumers are protected when devices are shipped to market. Under the ...
Mitek announced a strategic partnership with Equifax, a global data, analytics and technology company. The agreement will add Mitek’s biometric-based identity verification and liveness detection technology to Equifax’s digital identity ...
The latest BIND security updates include patches for two high-severity DoS vulnerabilities that can be exploited remotely.
The post BIND Updates Patch Two High-Severity DoS Vulnerabilities appeared first on SecurityWeek.
DAT Freight & Analytics introduced an AI-powered identity fraud detection and prevention platform through a partnership with Verosint, to help prevent the unauthorized use of customer login credentials and combat the growing threat of ...
CISA says Known Exploited Vulnerabilities Catalog has helped federal agencies significantly accelerate their vulnerability remediation pace.
The post Faster Patching Pace Validates CISA’s KEV Catalog Initiative appeared first on SecurityWeek.
Contrast Security, the code security platform built for developers and trusted by security, today announced its integration with Amazon Web Services (AWS) Security Hub to offer full-spectrum security visibility, from infrastructure to ...
GitLab has fixed a critical vulnerability (CVE-2023-5009) in the Enterprise Edition (EE) and Community Edition (CE) of its widely used DevOps platform. The flaw may allow a threat actor to abuse scan execution policies to run pipelines as another ...
Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities (CVE-2023-41992, CVE-2023-41991, CVE-2023-41993) exploited “against versions of iOS before iOS 16.7.” Bill Marczak of The ...
