Application Security News and Articles
“I didn’t really have a choice,” says Ben Bernstein, the former CEO and co-founder of Twistlock (acquired by Palo Alto Networks in 2019) and the CEO and co-founder of a new cybersecurity startup that is still in stealth. “Building a ...
A supply chain attack is a cyberattack that focuses on a third-party supplier providing essential services or software to the supply chain. In this Help Net Security video, Dick O’Brien, Principal Intelligence Analyst in the Symantec Threat ...
Threat actors continued to exploit technical misconfigurations through various fraud schemes, according to a new report from Visa. These include the use of malvertising and search engine optimization (SEO) techniques to cultivate compelling and ...
Organizations are optimistic about AI, but AI adoption requires attention to privacy and security, productivity, and training, according to GitLab. “The transformational opportunity with AI goes way beyond creating code,” said David DeSanto, ...
Continue reading on Medium »
Trust is paramount for successful customer relationships in our digital age. However, customer identity verification faces evolving challenges, from identity theft to balancing security with a seamless user experience. Explore how adopting ...
SINET, a leading body in cybersecurity innovation, has named Obsidian Security a winner of its annual SINET16 Innovators Award. This recognition celebrates companies at the forefront of cybersecurity innovation, leveraging technology-driven ...
Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS ...
The post Patch Tuesday Update - September 2023 appeared first on Digital Defense.
The post Patch Tuesday Update – September 2023 appeared first on Security Boulevard.
As businesses grow and scale, the deployment of applications and services on production Kubernetes environments becomes increasingly prevalent. Platform engineering and development teams often grapple with ensuring these applications run ...
RhythmWorld 2023 Releases Full Agenda BROOMFIELD, Colo., September 12, 2023–(BUSINESS WIRE)–LogRhythm, the company helping security teams stop breaches by turning disconnected data and signals into trustworthy insights, today announced ...
Passwords have gotten a lot of attention lately. Why? Because they pose a double threat with hackers and users. According to the Verizon 2023 DBIR, 86% of breaches involve stolen, weak, or default passwords. Of those breaches, 74% involve the ...
A survey identified cybersecurity as the biggest challenge small organizations face today, with 49% more concerned than they were six months ago.
The post Cybersecurity the Biggest Challenge for Smaller Organizations appeared first on Security ...
A new vulnerability found in GitHub’s operations could have given bad actors another way of getting around the code hosting platform’s security protections and exposing thousands of code packages to being hijacked. A hacker could have ...
The varied ways in which gig economy platforms use short message service (SMS) make them attractive targets for bot-driven SMS toll fraud. To prevent financial losses and erosion of consumer trust, gig economy platforms must use bot detection and ...
Many thanks to BSides Buffalo for publishing their presenter’s outstanding BSides Buffalo security content on the organizations’ YouTube channel.
Permalink
The post BSides Buffalo 2023 – Jeff Hoge – Mitigating (Radio)Active ...
September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities in Adobe Acrobat and Reader (CVE-2023-26369), Microsoft Word (CVE-2023-36761), and Microsoft Streaming Service Proxy (CVE-2023-36802). Microsoft ...
Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild.
The post Zero Day Summer: Microsoft Warns of Fresh New Software Exploits appeared first on SecurityWeek.
Foresite today announced a new partnership with Apptega to leverage Foresite’s ProVision platform to simplify cybersecurity and compliance with single sign-on for Foresite partners and their customers. This new offering will further enable ...
Kingston Digital has launched the Kingston IronKey D500S, a hardware-encrypted USB flash drive that provides military-grade security for classified data in transit. D500S is FIPS 140-3 Level 3 (Pending) certified with new enhancements from NIST ...
