Top

Category: Application security


Application security, Security

Mitigating AI security risks

February 15, 2024

Via: The Register

It has become possible to swiftly and inexpensively train, validate and deploy AI models and applications, yet while we embrace innovation, are we aware of the security risks? Because it’s not just the good guys who use AI – bad […]


Application security, Security

Rust can help make software secure – but it’s no cure-all

February 8, 2024

Via: The Register

Memory-safety flaws represent the majority of high-severity problems for Google and Microsoft, but they’re not necessarily associated with the majority of vulnerabilities that actually get exploited. So while coding with Rust can help reduce memory safety vulnerabilities, it won’t fix […]


Application security, Security

Managing the hidden risks of shadow APIs

February 2, 2024

Via: The Register

Application programming interfaces (APIs) play a significant role in today’s digital economy, but at the same time they can also represent a data security vulnerability. While APIs serve as building blocks to modern app development, their proliferation and sprawl have […]


Application security, Security

Beware, all Windows and Mac devices possibly at risk – dangerous Opera security flaw could have allowed hackers to run any file they want

January 16, 2024

Via: TechRadar

Opera, a popular Chromium-based browser, was found carrying a vulnerability that would allow hackers to install pretty much any file on both Windows and macOS operating systems. The vulnerability was discovered by cybersecurity researchers from Guardio Labs, who notified the […]


Application security, Security

Facebook, Instagram now mine web links you visit to fuel targeted ads

January 8, 2024

Via: The Register

We gather everyone’s still easing themselves into the New Year. Deleting screens of unread emails, putting on a brave face in meetings, and slowly getting up to speed. While you’re recovering from the Christmas break, Meta has been busy introducing […]


Application security, Security

Microsoft to Add Dedicated AI Copilot Button on Windows PCs

January 8, 2024

Via: SecureWorld

In a bold move that promises to redefine the way users interact with their computers, Microsoft has announced the integration of a dedicated Copilot button on the keyboards of its Windows PCs. This innovative step signifies a major leap forward […]


Application security, Security

Mozilla decides Trusted Types is a worthy security feature

December 21, 2023

Via: The Register

Mozilla last week revised its position on a web security technology called Trusted Types, which it has decided to implement in its Firefox browser. By so doing, the browser biz will help reduce a longstanding form of web attack that […]


Application security, Security

To BCC or not to BCC – that is the question data watchdog wants answered

December 15, 2023

Via: The Register

A data regulator has reminded companies they need to take care while writing emails to avoid unintentionally blurting out personal data. Unsurprisingly, much of the UK’s Information Commissioner’s Office (ICO) guidance comes down to the correct use of address fields […]


Application security, Security

ArmorCode raises $40 million to help companies ship secure software

December 4, 2023

Via: Help Net Security

ArmorCode announced it closed a pre-emptive $40 million Series B round to advance its mission of helping companies ship secure software fast and at scale. Premier venture firm HighlandX led the round, joined by NGP Capital, along with participation from […]


Application security, Security

Brit borough council apologizes for telling website users to disable HTTPS

November 29, 2023

Via: The Register

Reading Borough Council has securely restored its planning portal after facing criticism for recommending questionable tech security practices to users. Before the fixed version went live this morning, the English local authority’s online planning application portal had been offline due […]


Application security, Security

Helping companies defend what attackers want most – their data

November 28, 2023

Via: The Register

Athena AI, the new generative AI layer that spans across the entire Varonis Data Security Platform, redefines how security teams protect data – from visibility to action. Using natural language, customers can conduct in-depth investigations and analysis more efficiently, transforming […]


Application security, Security

Faults in Our Security: 6 Common Misconceptions in Cybersecurity

November 28, 2023

Via: SecureWorld

In the ever-evolving landscape of computer security, many innovations flood the market, each boasting its efficacy. As a regular attendee of security conferences and contributor to security books, it’s evident to me that the field remains a hot topic. However, […]


Application security, Security

OpenSSL 3.2.0 released: New cryptographic algorithms, support for TCP fast open, and more!

November 27, 2023

Via: Help Net Security

OpenSSL is a full-featured toolkit for general-purpose cryptography and secure communication. The final version of OpenSSL 3.2.0 is now available. Major changes in OpenSSL 3.2.0 This release incorporates the following potentially significant or incompatible changes: The default SSL/TLS security level […]


Application security, Security

Sophos XDR: Extending Sophos Endpoint protection with threat detection and response

November 20, 2023

Via: Naked Security

With Sophos XDR (Extended Detection and Response), Sophos Endpoint customers can extend their defenses against sophisticated human-led attacks. It gives you the tools to detect and respond to suspicious activity on your Sophos-protected endpoints and your wider environment before active […]


Application security, Security

CISA Roadmap for AI Unlocks Its Potential in Cybersecurity

November 16, 2023

Via: SecureWorld

In a significant move to harness the power of artificial intelligence (AI) for enhanced cybersecurity, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its “2023-2024 CISA Roadmap for Artificial Intelligence.” The comprehensive plan, released this month, outlines CISA’s […]


Application security, Security

Cybercrooks amp up attacks via macro-enabled XLL files

November 1, 2023

Via: The Register

Cybercriminals are once again abusing macro-enabled Excel add-in (XLL) files in malware attacks at a vastly increased rate, according to new research. HP Wolf Security revealed that .xlam files are now the seventh most commonly abused file extension in Q3 […]


Application security, Security

Scammers use India’s real-time payment system to siphon off money, send it to China

October 24, 2023

Via: The Register

China-based scammers are using a combination of fake loan apps and India’s real-time mobile payment system, Unified Payments Interface (UPI), to separate victims from their cash, according to a report by threat intel firm CloudSEK. “UPI service providers currently operate […]


Application security, Security

Redefining united data protection

October 23, 2023

Via: The Register

There is no longer an off button for businesses and organizations, no closed signs, or downtime. This means enterprise IT operations and data assets must be protected round the clock in all operating environments. In the past this has often […]


Application security, Security

Philippine Military Ordered to Stop Using Artificial Intelligence Apps Due to Security Risks

October 20, 2023

Via: SecurityWeek

The Philippine defense chief has ordered all defense personnel and the 163,000-member military to refrain from using digital applications that harness artificial intelligence to generate personal portraits, saying they could pose security risks. Defense Secretary Gilberto Teodoro Jr. issued the […]


Application security, Security

Fresh curl tomorrow will patch ‘worst’ security flaw in ages

October 10, 2023

Via: The Register

Start your patch engines – a new version of curl is due tomorrow that addresses a pair of flaws, one of which lead developer Daniel Stenberg describes as “probably the worst curl security flaw in a long time.” Curl 8.4.0 […]