Application Security News and Articles
Insight No. 1 — How to survive without CISA
As CISA scales back, it’s time for enterprises to wake up to a harsh reality: You can’t rely on the government to secure your infrastructure. The safety net is shrinking, and those still waiting ...
The First Loophole: Insecure CodingContinue reading on Medium »
A vulnerability in the OttoKit WordPress plugin with over 100,000 active installations has been exploited in the wild.
The post Vulnerability in OttoKit WordPress Plugin Exploited in the Wild appeared first on SecurityWeek.
Noteworthy stories that might have slipped under the radar: Scattered Spider still active despite arrests, hacker known as EncryptHub unmasked, Rydox admins extradited to US.
The post In Other News: Scattered Spider Still Active, EncryptHub ...
The ROI of Vulnerability Management comes down to the metrics—these might sound boring, but they are the magic numbers that decide whether security spending should be considered a cost or...
The post How to Prove the ROI of Your Vulnerability ...
Today, in the age of quantum threats, AI and sophisticated digital manipulations, the question is: where does the human factor end, and where does technology begin? This reality, primarily in the context of cybersecurity, will be discussed at the ...
SonicWall has released fixes for three vulnerabilities in NetExtender for Windows, including a high-severity bug.
The post SonicWall Patches High-Severity Vulnerability in NetExtender appeared first on SecurityWeek.
Seceon, a leading MSSP (Managed Security Service Provider) cybersecurity platform company, steps up to this challenge by offering a next-generation platform that goes far beyond traditional security approaches. Seceon provides an advanced MSSP ...
Laboratory Services Cooperative says the personal and medical information of 1.6 million was stolen in an October 2024 data breach.
The post 1.6 Million People Impacted by Data Breach at Laboratory Services Cooperative appeared first on SecurityWeek.
At the start of this year, IRONSCALES launched an integration with CrowdStrike Falcon® Next-Gen SIEM, delivering enhanced threat visibility, detection, and correlation to help organizations combat phishing and account takeover (ATO) threats. ...
In a secret meeting between Chinese and US officials, the former confirmed conducting cyberattacks on US infrastructure.
The post China Admitted to US That It Conducted Volt Typhoon Attacks: Report appeared first on SecurityWeek.
Very few people in the cybersecurity industry do not know, or know of, Bryson Bort. Yes, he’s the CEO/Founder of SCYTHE, but he’s also the co-founder of ICS Village (the next one at RSA Conference from April 28 to May 1, 2025). This event, ...
Overview On April 9, NSFOCUS CERT detected that Microsoft released a security update patch for April, fixing 126 security problems in widely used products such as Windows, Microsoft Office, Azure, Microsoft Edge for iOS, Microsoft Visual Studio, ...
KELA unveiled Digital Cyber Analysts, next-generation AI-powered digital employees designed to transform how security teams consume, prioritize, and act on threat intelligence. These always-on, interactive agents enhance the speed and efficiency ...
Authentication and authorization, while distinct, work in concert to create secure and usable applications. Authentication ensures that users are who they claim to be, while authorization ensures they can only access what they're permitted to see ...
In this Help Net Security interview, Norah Beers, CISO at Grayscale, discusses key security challenges in managing crypto assets, adversary tactics, private key management, and securing both hot and cold wallets. From a threat modeling ...
Ransomware attacks increased by nearly 20% in 2024, and the severity rose by 13%, according to At-Bay. The blast radius of ransomware continues to grow as businesses impacted by attacks on vendors and partners increased 43%, while the average ...
Remote work is seen as more than a temporary solution, it’s a long-term strategy for many organizations. Remote work cybersecurity challenges Unsecured networks: Workers often operate from home or public Wi-Fi networks that don’t have the ...
2024 brought about countless new cybersecurity challenges including significant growth of the mobile threat landscape, according to Lookout. Threat actors, ranging from nation-states to individuals, are increasingly targeting mobile devices for ...
Here’s a look at the most interesting products from the past week, featuring releases from Forescout, Index Engines, Jit, RunSafe Security, and Seal Security. Jit launches AI agents to ease AppSec workload Jit has launched its new AI agents to ...
