It’s Time to Stop Waiting for Application Security to Find You

If software is the gooey center of the business world, what can we do to harden it? As a CISO, business manager, industry… The post It’s Time to Stop Waiting for Application ...
Hackers Use VPN Impersonation in Phishing Emails to Steal Office 365 Credentials

Hackers Use VPN Impersonation in Phishing Emails to Steal Office 365 Credentials

A phishing attack is using VPN impersonation to trick people into revealing their Microsoft Office 365 credentials. With so many people working from home, VPN use has increased considerably. Most companies rely ...

What Does Successful Vulnerability Discovery Look Like?

If you’re developing software, you need quality assurance (QA) and you need a way to manage vulnerability discovery.… The post What Does Successful Vulnerability Discovery Look Like? appeared first on ZeroNorth ...
How to overcome the top 6 application security challenges

How to overcome the top 6 application security challenges

Take a closer look at the most common application security challenges and how managed services can help you overcome them proactively and cost-effectively. The post How to overcome the top 6 application ...

Using a Software Bill of Materials (SBOM) is Going Mainstream

I read a couple of advisories by Caleb Queern of KPMG entitled, What Are SBOMs?, and, Which Teams In My Organization Can Help Reduce Risk Using SBOM’s? These articles bring a smile ...
Phishers Use Fake VPN Config Notification to Target Office 365 Details

Phishers Use Fake VPN Config Notification to Target Office 365 Details

Security researchers observed phishers leveraging a fake VPN configuration notification to target employees’ Office 365 credentials. Abnormal Security found that the campaign attempted to capitalize on the trend of organizations implementing VPNs ...
Joomla Open-Source CMS Affected by Data-Breach

Joomla Open-Source CMS Affected by Data-Breach

A data breach affecting Joomla, the popular open-source content management system (CMS), was announced by its developers from Open Source Matters. While some data breaches take place when bad actors use vulnerabilities ...

DevOps Assurance with OWASP SAMM

Today we’re going to discuss OWASP. More specifically, we’ll focus on SAMM and how it pairs with DevOps ...

Hybrid DDoS Protection is Like a Faulty Airbag

We know that some businesses are the target of constant DDoS attacks, while others face attacks less frequently. If your company falls on the side of less-frequent attacks or having never been ...
Zoom

Zoom’s New Model is Making Heads Hurt

Zoom will be introducing end-to-end encryption. But if you were expecting it in the free tier, think again ...
Security Boulevard