Katharine Watson, Data Analytics, Author at Security Boulevard

MORE JAVA ATTACKS HIT EXISTING VULNERABILITIES IN MARCH–APRIL

The massive application attacks on SolarWinds and Microsoft Exchange Server in recent months did not slow the activity of cyber criminals. In March and April of this year, for example, social media networks were hit with several high-profile data breaches when the personal profile information of hundreds of millions of ... Read More

A BIGGER SHARE OF VULNERABILITIES WERE SERIOUS IN THE FIRST TWO MONTHS OF THE YEAR

Until recently, the word “Hafnium” most commonly referred to an obscure atomic element—atomic number 72 in the Periodic Table of the Elements. It was named for the city where it was discovered in 1923—Copenhagen, Denmark, whose Latin name is Hafnia. Chemically similar to zirconium, it is used for control rods ... Read More

AS 2020 CLOSED OUT, MORE APPLICATIONS HAD SERIOUS VULNERABILITIES AND ATTACK LIKELIHOOD REMAINED ELEVATED

As we look back on 2020, I think we all would agree that it was a year like no other. What we now know is that for many of the same months we were working from home and experiencing myriad other disruptions in our lives, state-sponsored cyber criminals were moving ... Read More

CONTRAST V.5 BETA RISKSCORE RELEASE HELPS WITH APPSEC PRIORITIZATION CHALLENGES

The massive SolarWinds hack is a stark reminder of the importance of application security, but as most readers of this blog are aware, this event is unique only because of its size. The truth is that attacks on applications are rapidly growing in scale and frequency. Verizon’s latest Data Breach ... Read More

Application Risk From 4 of Top 5 Vulnerability Attack Types Grows, .NET Applications Become Bigger Target for Attacks

Industries across the spectrum are seeing rapid changes in their threat landscape. With the arrival of COVID-19, healthcare companies quickly became top targets for bad actors. The Chief Information Security Officer (CISO) of Johnson and Johnson recently indicated the company has seen a 30% increase in attack volume, including cyber ... Read More

Application Security Risks Remain Elevated

Highlights From Contrast Security's Bimonthly Application Security Intelligence Report The saying that “every company is a software company” has never been more apropos. With the onset of COVID-19, we have witnessed an acceleration in the digital transformation already taking place. More code is now being written and deployed, at a ... Read More

Application Vulnerabilities Spike, .NET Applications Appear in the Attack Crosshairs

COVID-19 transformed businesses overnight. Suddenly, more than half of the workforce found themselves working from home and most businesses could no longer meet with customers and prospects in person. Those with mature digital strategies had a competitive advantage, while businesses that were late to the digital game have been left ... Read More

Application Risk Is 1.7x Higher for Organizations That Fail to Manage Security Debt

Analyzing data captured from June 2019 to May 2020, Contrast Labs found that applications experienced over 13,000 attacks on average each month over the past year. Serious vulnerabilities plague more than one-quarter of applications and 11% have six or more serious vulnerabilities. And the numbers of vulnerabilities continue to increase: ... Read More

What Vulnerabilities and Attacks Matter? Insights from Contrast Labs’ AppSec Intelligence Report

The threat landscape is constantly evolving, growing in sophistication as well as volume and velocity. This presents serious challenges for organizations of all sizes and industry sectors. Software applications are a top target when it comes to cyberattacks: 62% of data breaches and 39% of incidents occur at the web ... Read More

DECEMBER 2019 AppSec Intelligence Report

This report summarizes Contrast Labs' analysis of real world application attack and vulnerability data from December 2019. By providing continuous insight and detection from inside applications, Contrast can identify and trend the way that attackers pursue applications and combine that with an understanding of if and when applications are vulnerable ... Read More