Application Security

Application Security

Backdoor in XZ Utils That Almost Happened

Last week, the internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s ...
A person standing in a field, but with a TV for a head

Watch This? Patch This! LG Fixes Smart TV Vulns

4×CVE=RCE or Merely CE? Update your LG TV now, or let hackers root it. But is Bitdefender overhyping the issue? ...
Security Boulevard

Navigating SAP Security Notes: April 2024 Patch Tuesday

SAP published ten new and two updated Security Notes for April 2024 Patch Tuesday. Compared to March’s SAP Security Patch Day release, this month’s release contains the same number of patches. However, ...

Federal Support for Open-Source Security

In an unexpected move, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced an initiative aimed at bolstering the security posture of open-source software developers. This initiative, as reported by Axios, ...
Reimagined “Just a bill” of Schoolhouse Rock fame

Here Comes the US GDPR: APRA, the American Privacy Rights Act

Enter the lobbyists: A draft federal privacy act has Washington DC buzzing. But it’s just a bill—and it’s a long, long journey before it becomes a law ...
Security Boulevard
Exploiting limited markup features on web applications

Exploiting limited markup features on web applications

Limited features. Big vulnerabilities? Web applications might seem straightforward, but stripped-down code can create hidden weaknesses. Web applications that support limited markup in fields, such as comments, utilize a simplified... The post ...
process automation Palo Alto Networks developer security AI felony mdr cybersecurity

Salt Security Applies Generative AI to API Security

Salt Security claims Pepper can decrease the time it takes to surface actionable security-related information by as much as 91% ...
Security Boulevard
Ghostwriter v4.1: The Custom Fields Update

Ghostwriter v4.1: The Custom Fields Update

Let’s dive into what makes this so exciting! There’s so much to cover that we won’t be offended if you want to look at the CHANGELOG for a quick synopsis.Introducing Customizable FieldsOver ...
Data-Centric Cybersecurity for SAP: Protecting Against External Threats

Data-Centric Cybersecurity for SAP: Protecting Against External Threats

Migrating to the cloud and keeping pace with technological advancements are exciting, but they also expand your attack surface. Among the most coveted targets for cybercriminals are critical business systems like SAP, ...