Application Security News and Articles
Passwords have gotten a lot of attention lately. Why? Because they pose a double threat with hackers and users. According to the Verizon 2023 DBIR, 86% of breaches involve stolen, weak, or default passwords. Of those breaches, 74% involve the ...
A survey identified cybersecurity as the biggest challenge small organizations face today, with 49% more concerned than they were six months ago.
The post Cybersecurity the Biggest Challenge for Smaller Organizations appeared first on Security ...
A new vulnerability found in GitHub’s operations could have given bad actors another way of getting around the code hosting platform’s security protections and exposing thousands of code packages to being hijacked. A hacker could have ...
The varied ways in which gig economy platforms use short message service (SMS) make them attractive targets for bot-driven SMS toll fraud. To prevent financial losses and erosion of consumer trust, gig economy platforms must use bot detection and ...
Many thanks to BSides Buffalo for publishing their presenter’s outstanding BSides Buffalo security content on the organizations’ YouTube channel.
Permalink
The post BSides Buffalo 2023 – Jeff Hoge – Mitigating (Radio)Active ...
September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities in Adobe Acrobat and Reader (CVE-2023-26369), Microsoft Word (CVE-2023-36761), and Microsoft Streaming Service Proxy (CVE-2023-36802). Microsoft ...
Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild.
The post Zero Day Summer: Microsoft Warns of Fresh New Software Exploits appeared first on SecurityWeek.
Foresite today announced a new partnership with Apptega to leverage Foresite’s ProVision platform to simplify cybersecurity and compliance with single sign-on for Foresite partners and their customers. This new offering will further enable ...
Kingston Digital has launched the Kingston IronKey D500S, a hardware-encrypted USB flash drive that provides military-grade security for classified data in transit. D500S is FIPS 140-3 Level 3 (Pending) certified with new enhancements from NIST ...
On a new episode of stackCast (powered by stackArmor), host Martin Rieger, Chief Solutions Officer & CISO at stackArmor, welcomes the CEO at IriusRisk, Stephen de Vries. The two discuss: What threat modeling is, and why it’s crucial in ...
Sentra has unveiled that large language models (LLMs) are now included in its data classification engine, enabling enterprises to accurately identify and understand sensitive unstructured data such as employee contracts, source code and user ...
Israeli security startup Zenity banks $16.5 million in new venture capital funding to work on ‘low-code/no-code’ security technology.
The post Intel Capital Bets on Zenity for Low-Code/No-Code Security appeared first on SecurityWeek.
GroupSense announced that it has made its security intelligence available to managed service providers (MSPs) and managed security service providers (MSSPs) through a new Tracelight Fuse security threat intelligence offering. GroupSense provides ...
via the comic artistry and dry wit of Randall Munroe, maker of XKCD!
Permalink
The post Randall Munroe’s XKCD ‘Gold’ appeared first on Security Boulevard.
You’re welcome to it. Not happening in Vegas: 12 hotels and casinos—nor in many more elsewhere, neither.
The post What Happens in Vegas: MGM Resorts ‘Ransomware’ Attack appeared first on Security Boulevard.
The post SANS DevSecOps report: 5 key takeaways appeared first on Security Boulevard.
Netskope has unveiled that its existing strategic alliance with Deloitte has expanded with the addition of Netskope to the Managed Extended Detection and Response (MXDR) by Deloitte platform. The new Netskope module on MXDR by Deloitte will ...
Discover how software supply chain security regulations could develop and evolve, and what the outcome could be.
The post How Software Supply Chain Security Regulation Will Develop, and What Will It Look Like? appeared first on Mend.
The post How ...
Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking AttackContinue reading on Medium »
Adobe raises an alarm for new in-the-wild zero-day attacks hitting users of its widely deployed Adobe Acrobat and Reader product.
The post Adobe Says Critical PDF Reader Zero-Day Being Exploited appeared first on SecurityWeek.
