Application security, Security
September 13, 2023
Via: Help Net SecuritySCYTHE has unveiled its latest version of the SCYTHE Core platform, introducing a number of new features designed to provide essential insight into the exploitability, impact, and prioritization of threats. SCYTHE 4.0 introduces dual-deployment options, supporting agentless and agent-based configurations. […]
Application security, Security
September 12, 2023
Via: Help Net SecurityCTERA unveiled CTERA Vault, Write Once, Read Many (WORM) protection technology which provides regulatory compliant storage for the CTERA Enterprise Files Services Platform. CTERA Vault aids enterprises in guaranteeing the preservation and tamperproofing of their data, while also ensuring compliance […]
Application security, Security
September 12, 2023
Via: Help Net SecurityWing Security has partnered with Drata to integrate SaaS security controls, robust insights, and automation in order to streamline and expedite user access reviews and vendor risk assessments for compliance frameworks and standards such as SOC 2 and ISO 27001. […]
Application security, Security
September 11, 2023
Via: Help Net SecurityWhile APIs are essential to many operations and used extensively, a lack of prioritization and understanding is leading us towards a growing API security crisis, according to a report by Traceable AI and Ponemon Institute. The urgency for API security […]
Application security, Security
August 28, 2023
Via: The Hacker NewsCyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel, they build and deploy increasingly more API interfaces, with threat actors constantly exploring more ways to exploit vulnerabilities. This is why regular testing […]
Application security, Security
August 21, 2023
Via: The Hacker NewsFrom a user’s perspective, OAuth works like magic. In just a few keystrokes, you can whisk through the account creation process and gain immediate access to whatever new app or integration you’re seeking. Unfortunately, few users understand the implications of […]
Application security, Security
August 18, 2023
Via: The Hacker NewsGoogle has announced plans to add a new feature in the upcoming version of its Chrome web browser to alert users when an extension they have installed has been removed from the Chrome Web Store. The feature, set for release […]
Application security, Security
August 4, 2023
Via: The Hacker NewsA four-year-old critical security flaw impacting Fortinet FortiOS SSL has emerged as one of the most routinely and frequently exploited vulnerabilities in 2022. “In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted […]
Application security, Security
August 4, 2023
Via: Dark ReadingWhen Fortanix launched in 2016, the company made a decision: It would commit to the one-year-old Rust’s programming language to benefit from its security strengths and performance. Seven years later, Fortanix’s commitment to Rust has proved to be a success. […]
Application security, Security
July 28, 2023
Via: The Hacker NewsCybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could be exploited by malicious actors to orchestrate data breach incidents and steal confidential data. This includes a specific […]
Application security, Security
July 28, 2023
Via: The Hacker NewsUsers of Metabase, a popular business intelligence and data visualization software package, are being advised to update to the latest version following the discovery of an “extremely severe” flaw that could result in pre-authenticated remote code execution on affected installations. […]
Application security, Security
July 24, 2023
Via: The Hacker NewsThe healthcare industry is under a constant barrage of cyberattacks. It has traditionally been one of the most frequently targeted industries, and things haven’t changed in 2023. The U.S. Government’s Office for Civil Rights reported 145 data breaches in the […]
Application security, Security
July 20, 2023
Via: The Hacker NewsMultiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. “Attackers can bring the application into […]
Application security, Security
July 17, 2023
Via: Dark ReadingA human rights organization was alerted by Microsoft that it was compromised as part of a July email breach attributed to Storm-0558, but the organization couldn’t find any evidence of compromise in their logs. Why? It didn’t pay Microsoft a […]
Application security, Security
July 11, 2023
Via: The Hacker NewsApple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw that it said has been actively exploited in the wild. The WebKit bug, cataloged as CVE-2023-37450, could allow threat actors […]
Application security, Security
July 10, 2023
Via: The Hacker NewsBrick-and-mortar retailers and e-commerce sellers may be locked in a fierce battle for market share, but one area both can agree on is the need to secure their SaaS stack. From communications tools to order management and fulfillment systems, much […]
Application security, Security
July 10, 2023
Via: The Hacker NewsMozilla has announced that some add-ons may be blocked from running on certain sites as part of a new feature called Quarantined Domains. “We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run […]
Application security, Security
July 5, 2023
Via: The Hacker NewsThe npm registry for the Node.js JavaScript runtime environment is susceptible to what’s called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation. “A npm package’s […]
Application security, Security
June 30, 2023
Via: Help Net SecurityNokod Security announced its $8 million seed round, which will be used to establish a presence in the United States market, as well as to expand the R&D teams and support novel research of security vulnerabilities in the low-code/no-code domain. […]
Application security, Security
June 30, 2023
Via: Help Net SecurityTotal Assure announced its spinout from IBSS. Total Assure partners with its customers to identify security gaps, develop attainable cybersecurity objectives, and deliver comprehensive cybersecurity solutions that protect their businesses from modern cybersecurity threats. On account of the cybersecurity talent […]