Application security, Security
October 24, 2023
Via: The RegisterChina-based scammers are using a combination of fake loan apps and India’s real-time mobile payment system, Unified Payments Interface (UPI), to separate victims from their cash, according to a report by threat intel firm CloudSEK. “UPI service providers currently operate […]
Application security, Security
October 23, 2023
Via: The RegisterThere is no longer an off button for businesses and organizations, no closed signs, or downtime. This means enterprise IT operations and data assets must be protected round the clock in all operating environments. In the past this has often […]
Application security, Security
October 20, 2023
Via: SecurityWeekThe Philippine defense chief has ordered all defense personnel and the 163,000-member military to refrain from using digital applications that harness artificial intelligence to generate personal portraits, saying they could pose security risks. Defense Secretary Gilberto Teodoro Jr. issued the […]
Application security, Security
October 10, 2023
Via: The RegisterStart your patch engines – a new version of curl is due tomorrow that addresses a pair of flaws, one of which lead developer Daniel Stenberg describes as “probably the worst curl security flaw in a long time.” Curl 8.4.0 […]
Application security, Security
October 5, 2023
Via: Help Net SecurityProtect AI announced a set of open-source software (OSS) tools designed to help organizations protect their AI and ML environments from security threats. The company is leading security for AI/ML by developing and maintaining three OSS tools — NB Defense, […]
Application security, Security
September 29, 2023
Via: TechRadarThe company behind the now-famous (for all the wrong reasons) MOVEit managed file transfer software has warned its clients that a different product – WS_FTP Server, also carries a couple of high-severity flaws that can be exploited in malware hacks. […]
Application security, Security
September 13, 2023
Via: Help Net SecuritySCYTHE has unveiled its latest version of the SCYTHE Core platform, introducing a number of new features designed to provide essential insight into the exploitability, impact, and prioritization of threats. SCYTHE 4.0 introduces dual-deployment options, supporting agentless and agent-based configurations. […]
Application security, Security
September 12, 2023
Via: Help Net SecurityCTERA unveiled CTERA Vault, Write Once, Read Many (WORM) protection technology which provides regulatory compliant storage for the CTERA Enterprise Files Services Platform. CTERA Vault aids enterprises in guaranteeing the preservation and tamperproofing of their data, while also ensuring compliance […]
Application security, Security
September 12, 2023
Via: Help Net SecurityWing Security has partnered with Drata to integrate SaaS security controls, robust insights, and automation in order to streamline and expedite user access reviews and vendor risk assessments for compliance frameworks and standards such as SOC 2 and ISO 27001. […]
Application security, Security
September 11, 2023
Via: Help Net SecurityWhile APIs are essential to many operations and used extensively, a lack of prioritization and understanding is leading us towards a growing API security crisis, according to a report by Traceable AI and Ponemon Institute. The urgency for API security […]
Application security, Security
August 28, 2023
Via: The Hacker NewsCyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel, they build and deploy increasingly more API interfaces, with threat actors constantly exploring more ways to exploit vulnerabilities. This is why regular testing […]
Application security, Security
August 21, 2023
Via: The Hacker NewsFrom a user’s perspective, OAuth works like magic. In just a few keystrokes, you can whisk through the account creation process and gain immediate access to whatever new app or integration you’re seeking. Unfortunately, few users understand the implications of […]
Application security, Security
August 18, 2023
Via: The Hacker NewsGoogle has announced plans to add a new feature in the upcoming version of its Chrome web browser to alert users when an extension they have installed has been removed from the Chrome Web Store. The feature, set for release […]
Application security, Security
August 4, 2023
Via: The Hacker NewsA four-year-old critical security flaw impacting Fortinet FortiOS SSL has emerged as one of the most routinely and frequently exploited vulnerabilities in 2022. “In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted […]
Application security, Security
August 4, 2023
Via: Dark ReadingWhen Fortanix launched in 2016, the company made a decision: It would commit to the one-year-old Rust’s programming language to benefit from its security strengths and performance. Seven years later, Fortanix’s commitment to Rust has proved to be a success. […]
Application security, Security
July 28, 2023
Via: The Hacker NewsCybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could be exploited by malicious actors to orchestrate data breach incidents and steal confidential data. This includes a specific […]
Application security, Security
July 28, 2023
Via: The Hacker NewsUsers of Metabase, a popular business intelligence and data visualization software package, are being advised to update to the latest version following the discovery of an “extremely severe” flaw that could result in pre-authenticated remote code execution on affected installations. […]
Application security, Security
July 24, 2023
Via: The Hacker NewsThe healthcare industry is under a constant barrage of cyberattacks. It has traditionally been one of the most frequently targeted industries, and things haven’t changed in 2023. The U.S. Government’s Office for Civil Rights reported 145 data breaches in the […]
Application security, Security
July 20, 2023
Via: The Hacker NewsMultiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. “Attackers can bring the application into […]
Application security, Security
July 17, 2023
Via: Dark ReadingA human rights organization was alerted by Microsoft that it was compromised as part of a July email breach attributed to Storm-0558, but the organization couldn’t find any evidence of compromise in their logs. Why? It didn’t pay Microsoft a […]