Hot Topics

Application Security

Application Security

cloud file service

AI Helps Security Teams, But Boosts Threats 

| | AI, application containers, career, cyberedge group, industrial control systems, mobile devices, Ransomware, research
Industrial control systems, application containers, and mobile devices are the top contenders on this year's list of the most difficult assets to secure ...
Security Boulevard

Five Key Takeaways from the 2024 Imperva Bad Bot Report

| | advanced bot protection, Application Security, bad bots, Bots, Consumer Security, imperva
Bad bots continue to affect consumers and organizations across all sectors. For over eleven years, Imperva has been dedicated to helping organizations manage and mitigate the threat of bad bots. We’ve published ...
Blog

Linux Backdoor Infection Scare, Massive Social Security Number Heist

| | backdoor, Cyber Security, Cybersecurity, Data breach, Data Privacy, Digital Privacy, Episodes, government, Government Contractor, Hacking, Information Security, Infosec, Linux, open source, pii, Podcast, Podcasts, Privacy, security, sensitive data, Social Security Numbers, technology, Weekly Edition, XZ Utils
In episode 325, Tom and Kevin discuss a significant backdoor threat that nearly compromised Linux systems globally, stemming from an infiltration into an open-source project called XZ Utils by attackers who gained ...
Shared Security Podcast
Seal of the Cybersecurity & Infrastructure Security Agency

Sisense Hacked: CISA Warns Customers at Risk

| | Amazon Web Services (AWS), aws, AWS access keys, AWS bucket, cisa, CISA Advisories, CISA Advisory, CISA Alert, CISA warning, CISA.gov, depth, NSA/CISA, Sangram Dash, SB Blogwatch, Sisense
A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.” ...
Security Boulevard
Are custom security tests a product security superpower? ⎜Keshav Malik (LinkedIn)

Are custom security tests a product security superpower? ⎜Keshav Malik (LinkedIn)

| | API security, Application Security, Custom Security Tests, Product Security
Learn from our interview with Keshav how to better write your custom security tests and why they're necessary for your Product Security Program ...
Escape - The API Security Blog
How to secure cloud-native applications

How to secure cloud-native applications

| | Application Security, Cloud Security, Cloud-native applications security
This article is based on the Elephant in AppSec podcast episode with Mihir Shah, a Senior Staff Application Security Engineer at ForgeRock, and the author of the Cloud Native Software Security Handbook ...
Escape - The API Security Blog
How to Address API Sprawl: The Challenges and Opportunities of API Governance

The challenges and opportunities of API governance

| | API discovery, API governance, API management, API security, API sprawl, Application Security
Learn more about the concept of API sprawl, its implications, and the challenges and importance of API governance ...
Escape - The API Security Blog

Unlocking the Power of Data-Centric SAP Security: A Look at Pathlock CAC Through Kuppinger Cole’s Lens

| | Access Governance, Application Security, Vulnerability Management
Last month, Kuppinger Cole, a globally recognized analyst organization, took a closer look at Pathlock’s Cybersecurity Application Controls (CAC) product in a detailed Executive View report. Known for their impartial and thorough ...
Pathlock

CISA SharePoint Vulnerability Warning: RCE Flaw Exploited

| | Attack sequence, Authentication protocols, cisa, Common Vulnerability Scoring System (CVSS), CVE-2023-24955, Cyber Threats, Cybersecurity Measures, Cybersecurity News, Cybersecurity updates, federal agencies, Known Exploited Vulnerabilities (KEV), Microsoft, Network Security, patch management, Proactive defense, Remote Code Execution (RCE), Security Strategies, sharepoint, threat actors, Vulnerability warning
In light of recent cyber threats, a CISA SharePoint vulnerability warning has been issued. According to media reports, threat actors are exploiting the remote code execution flaw to launch arbitrary code, which ...
TuxCare
A person standing in a field, but with a TV for a head

Watch This? Patch This! LG Fixes Smart TV Vulns

| | BitDefender, bitdefender research, Consumer IoT, CVE-2023-6317, CVE-2023-6318, CVE-2023-6319, CVE-2023-6320, iot, LG, SB Blogwatch, Smart TV, Smart TV Security, Smart TV Vulnerability, Smart TVs, The ‘S’ in IoT stands for Security, TV, WebOS
4×CVE=RCE or Merely CE? Update your LG TV now, or let hackers root it. But is Bitdefender overhyping the issue? ...
Security Boulevard
Load more