Top

Category: Application security


Application security, Security

API sprawl: navigating the web of connectivity and security challenges

March 11, 2024

Via: TechRadar

In today’s fast evolving digital space, the proliferation of application programming interfaces (APIs) has been nothing short of explosive. One forecast predicts there will be nearly 1.7 billion active APIs by 2030 which ushers in unparalleled opportunities for innovation and […]


Application security, Security

Apple Strengthens iMessage Security with Post-Quantum Encryption

February 22, 2024

Via: SecureWorld

Apple announced this week that it is implementing post-quantum cryptography in its iMessage platform to protect against potential future attacks powered by quantum computers. The new encryption protocol, called PQ3, will roll out later this year. According to an Apple […]


Application security, Security

OpenAI, Microsoft Disrupt Nation-State Actors’ Malicious Use of AI

February 20, 2024

Via: SecureWorld

OpenAI and Microsoft recently collaborated to identify and disrupt several nation-state actors who were attempting to use AI services for malicious cyber activities. According to Microsoft, the disrupted threat actors were affiliated with China, Iran, North Korea, and Russia. Their […]


Application security, Security

Mitigating AI security risks

February 15, 2024

Via: The Register

It has become possible to swiftly and inexpensively train, validate and deploy AI models and applications, yet while we embrace innovation, are we aware of the security risks? Because it’s not just the good guys who use AI – bad […]


Application security, Security

Rust can help make software secure – but it’s no cure-all

February 8, 2024

Via: The Register

Memory-safety flaws represent the majority of high-severity problems for Google and Microsoft, but they’re not necessarily associated with the majority of vulnerabilities that actually get exploited. So while coding with Rust can help reduce memory safety vulnerabilities, it won’t fix […]


Application security, Security

Managing the hidden risks of shadow APIs

February 2, 2024

Via: The Register

Application programming interfaces (APIs) play a significant role in today’s digital economy, but at the same time they can also represent a data security vulnerability. While APIs serve as building blocks to modern app development, their proliferation and sprawl have […]


Application security, Security

Beware, all Windows and Mac devices possibly at risk – dangerous Opera security flaw could have allowed hackers to run any file they want

January 16, 2024

Via: TechRadar

Opera, a popular Chromium-based browser, was found carrying a vulnerability that would allow hackers to install pretty much any file on both Windows and macOS operating systems. The vulnerability was discovered by cybersecurity researchers from Guardio Labs, who notified the […]


Application security, Security

Facebook, Instagram now mine web links you visit to fuel targeted ads

January 8, 2024

Via: The Register

We gather everyone’s still easing themselves into the New Year. Deleting screens of unread emails, putting on a brave face in meetings, and slowly getting up to speed. While you’re recovering from the Christmas break, Meta has been busy introducing […]


Application security, Security

Microsoft to Add Dedicated AI Copilot Button on Windows PCs

January 8, 2024

Via: SecureWorld

In a bold move that promises to redefine the way users interact with their computers, Microsoft has announced the integration of a dedicated Copilot button on the keyboards of its Windows PCs. This innovative step signifies a major leap forward […]


Application security, Security

Mozilla decides Trusted Types is a worthy security feature

December 21, 2023

Via: The Register

Mozilla last week revised its position on a web security technology called Trusted Types, which it has decided to implement in its Firefox browser. By so doing, the browser biz will help reduce a longstanding form of web attack that […]


Application security, Security

To BCC or not to BCC – that is the question data watchdog wants answered

December 15, 2023

Via: The Register

A data regulator has reminded companies they need to take care while writing emails to avoid unintentionally blurting out personal data. Unsurprisingly, much of the UK’s Information Commissioner’s Office (ICO) guidance comes down to the correct use of address fields […]


Application security, Security

ArmorCode raises $40 million to help companies ship secure software

December 4, 2023

Via: Help Net Security

ArmorCode announced it closed a pre-emptive $40 million Series B round to advance its mission of helping companies ship secure software fast and at scale. Premier venture firm HighlandX led the round, joined by NGP Capital, along with participation from […]


Application security, Security

Brit borough council apologizes for telling website users to disable HTTPS

November 29, 2023

Via: The Register

Reading Borough Council has securely restored its planning portal after facing criticism for recommending questionable tech security practices to users. Before the fixed version went live this morning, the English local authority’s online planning application portal had been offline due […]


Application security, Security

Helping companies defend what attackers want most – their data

November 28, 2023

Via: The Register

Athena AI, the new generative AI layer that spans across the entire Varonis Data Security Platform, redefines how security teams protect data – from visibility to action. Using natural language, customers can conduct in-depth investigations and analysis more efficiently, transforming […]


Application security, Security

Faults in Our Security: 6 Common Misconceptions in Cybersecurity

November 28, 2023

Via: SecureWorld

In the ever-evolving landscape of computer security, many innovations flood the market, each boasting its efficacy. As a regular attendee of security conferences and contributor to security books, it’s evident to me that the field remains a hot topic. However, […]


Application security, Security

OpenSSL 3.2.0 released: New cryptographic algorithms, support for TCP fast open, and more!

November 27, 2023

Via: Help Net Security

OpenSSL is a full-featured toolkit for general-purpose cryptography and secure communication. The final version of OpenSSL 3.2.0 is now available. Major changes in OpenSSL 3.2.0 This release incorporates the following potentially significant or incompatible changes: The default SSL/TLS security level […]


Application security, Security

Sophos XDR: Extending Sophos Endpoint protection with threat detection and response

November 20, 2023

Via: Naked Security

With Sophos XDR (Extended Detection and Response), Sophos Endpoint customers can extend their defenses against sophisticated human-led attacks. It gives you the tools to detect and respond to suspicious activity on your Sophos-protected endpoints and your wider environment before active […]


Application security, Security

CISA Roadmap for AI Unlocks Its Potential in Cybersecurity

November 16, 2023

Via: SecureWorld

In a significant move to harness the power of artificial intelligence (AI) for enhanced cybersecurity, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its “2023-2024 CISA Roadmap for Artificial Intelligence.” The comprehensive plan, released this month, outlines CISA’s […]


Application security, Security

Cybercrooks amp up attacks via macro-enabled XLL files

November 1, 2023

Via: The Register

Cybercriminals are once again abusing macro-enabled Excel add-in (XLL) files in malware attacks at a vastly increased rate, according to new research. HP Wolf Security revealed that .xlam files are now the seventh most commonly abused file extension in Q3 […]


Application security, Security

Scammers use India’s real-time payment system to siphon off money, send it to China

October 24, 2023

Via: The Register

China-based scammers are using a combination of fake loan apps and India’s real-time mobile payment system, Unified Payments Interface (UPI), to separate victims from their cash, according to a report by threat intel firm CloudSEK. “UPI service providers currently operate […]