Application Security News and Articles
Aug 18, 2025 - Lina Romero - Title: FireTail at Black Hat USA 2025: Finalist in the Startup Spotlight
FireTail was one of just four finalists competing at Black Hat’s Startup Spotlight this year.
FireTail was one of four startups selected as a ...
At Blackhat, there wasn’t a space of 10 feet not festooned with vapid promises of AI curing – basically everything in security. During an AI summit here, multiple tens of would-be AI security contenders, sometimes with little else but a PhD ...
A New Corporate Victim in a Broader CRM Exploitation Campaign Workday, one of the world’s leading human capital management (HCM) software providers, has confirmed it was impacted in a recent string of coordinated cyberattacks targeting ...
Despite better tools and growing awareness, phishing and impersonation attacks remain rampant.
The post Why the Email Security Battle Feels Lost (At Least for Now) appeared first on Security Boulevard.
Generative-AI systems are a dense web of non-human identities (NHIs)—APIs, services, agents, schedulers, model endpoints, data pipelines—talking to each other over Transport Layer Security (TLS). Attackers now target these NHIs to move ...
Is There a Simple Way to Stay Calm in the Face of Rising Cyber Threats? It’s no secret that cyber threats are increasing at an alarming pace. From financial services and healthcare to travel and development operations, we all grapple with the ...
The Importance of Secure Cloud-Native Identities Why is the management of Non-Human Identities (NHIs) and their associated secrets paramount to driving innovation while ensuring security? The answer lies in the need for high-level control and ...
Creator, Author and Presenter:
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at ...
Have you heard about Operation Secure Saint Paul? The city of St. Paul, Minnesota, has confirmed the July 25 cyberattack was a ransomware assault carried out by the group Interlock. The hackers claim they posted 43 gigabytes of stolen city data ...
Imperva Offensive team discovered that threat actors could smuggle malformed packets to exhaust memory and crash QUIC servers even before a connection handshake is established, therefore, bypassing QUIC connection-level safeguards. Executive ...
via the cosmic humor & dry-as-the-desert wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Grounded’ appeared first on Security Boulevard.
In today’s hyper-connected digital world, businesses of all sizes face relentless cyber threats. From ransomware and phishing campaigns to advanced persistent threats (APTs) and insider risks, attackers are becoming increasingly sophisticated ...
Researchers detailed a new 5G attack named Sni5Gect that can allow attackers to sniff traffic and cause disruption.
The post Novel 5G Attack Bypasses Need for Malicious Base Station appeared first on SecurityWeek.
Workday, a high-profile HR and finance software solutions maker, is the latest victim of a string of data breaches orchestrated by the resurgent ShinyHunters threat group through Salesforce's CRM solution, joining a lineup of targets that ...
Most AI agents forget everything very soon. I benchmarked OpenAI Memory, LangMem, MemGPT, and Mem0 in real production environments. One system delivered 26% better accuracy and 91% faster performance. Here's which memory solution actually works ...
Creators, Authors and Presenters: Reed Loden, Ricky, Steve Sekiguchi, Tania McClain, Meghan Manfre
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content ...
Face morphing software can blend two people’s photos into one image, making it possible for someone to fool identity checks at buildings, airports, borders, and other secure places. These morphed images can trick face recognition systems into ...
Our new Edgee Integration is the latest in a range of 50+ integrations that ensure DataDome stops fraud on any infrastructure.
The post DataDome Releases Edgee Server-Side Integration appeared first on Security Boulevard.
Attackers pushing the Noodlophile infostealer are targeting businesses with spear-phishing emails threatening legal action due to copyright or intellectual property infringement, Morphisec researchers have warned. The campaign The emails, ...
A Qualified Electronic Signature (QES) is the most secure and legally binding form of e-signature under EU eIDAS regulations. Unlike simple or advanced e-signatures, QES requires strict identity verification, qualified certificates, and trusted ...
