AppSec

Better Prioritization and Network Clarity Can Close the Gap Between Application Security and Speed

Kyle Wickert | November 25, 2024 | Application Security, network connectivity

A strategic approach to achieving speed without sacrificing protection requires a deliberate focus on application connectivity ...

Security Boulevard

web applications, web app, cyberthreats, vulnerable, vulnerabilities, web app attacks, SaaS, SaaS app security, cybersecurity SaaS extension

7 Common Web App Security Vulnerabilities Explained

Guarav Belani | November 19, 2024 | waf cyber security, web app security

Web applications have increasingly become the backbone of many businesses, but also, unfortunately, major targets for cyberthreats ...

Security Boulevard

Apple Enrages IT — 45-Day Cert Expiration Fury

Richi Jennings | October 16, 2024 | 90-day certificates, 90-day TLS certificate validity, Apple, Apple Safari, browser, Browser Security, CA/B Forum, CA/Browser Forum, CAB Forum, certificate, Certificate and Key Lifecycle Management, Certificate and Key Management, Certificate Automation, mobile safari, Safari, SB Blogwatch, Sectigo

CA/B testing: Ludicrous proposal draws ire from “furious” systems administrators ...

Security Boulevard

The famous “distracted boyfriend” meme: A man is walking with his girlfriend but looks backwards at another woman, to the disgust of his girlfriend

(In)Fidelity Admits Data Breach 8 Weeks Ago — 77K PII Lost

FMR FAIL: Huge investment firm won’t say how it was hacked ...

Security Boulevard

Biggest Ever DDoS is Threat to OT Critical Infrastructure

Egyptian River Floods: Operational technology (OT) targeted in “world record” 3.8 Tb/s distributed denial of service (DDoS) ...

Security Boulevard

Kia’s Huge Security Hole: FIXED (Finally)

Richi Jennings | September 30, 2024 | Car Dealer, connected car security, Connected Cars, connected vehicle, Connected Vehicles, connected-car, Consumer IoT, Internet of things, Internet of Things (IoT), Internet of Things (IoT) Security, Internet of Things cyber security, iot, Kia, Korea, SB Blogwatch, South Korea, southkorea

Connected cars considered crud: Kia promises bug never exploited. But even 10-year-old cars were vulnerable ...

Security Boulevard

zero-trust, be, ZTA, architecture, security, Permiso, applications, zero-trust, ML, AI, zero-trust, access, zero-trust, PAM, zero-trust, ZTNA, migrating, backup data, zero-trust, security, zero-trust, business, policy container zero-trust ZTNA

Permiso Launches Universal Identity Graph to Advance Zero-Trust IT

Michael Vizard | September 19, 2024 | applications, IT, zero trust

Permiso today added a Universal Identity Graph engine that makes it simpler for cybersecurity teams to visually map the relationship between individuals, applications and systems to better enforce zero-trust IT policies ...

Security Boulevard

E2EE is MIA in iPhone/Android Chat — GSMA Gonna Fix it

Richi Jennings | September 18, 2024 | android, Apple, Apple iOS, Apple iPhone, china, E2EE, end-to-end, end-to-end encryption, google, Great Firewall of China, GSMA, iChat, imessage, ios, iOS 18, iPhone, iphone security, MLS, RCS, RCS protocol, SB Blogwatch, SMS, SMS messages

No More Barf-Green Bubbles? GSM Association is “excited” to bring Apple and Google closer together, but encryption is still lacking ...

Security Boulevard

Russian ‘WhisperGate’ Hacks: 5 More Indicted

Eaten by a GRU: Fake ransomware created by Russian GRU Unit 29155 attacked Ukraine and NATO—a month before the full scale invasion ...

Security Boulevard

China Cyberwar Coming? Versa’s Vice: Volt Typhoon’s Target

Richi Jennings | August 28, 2024 | CenturyLink, china, china espionage, China-linked Hackers, China-nexus cyber attacks, China-nexus cyber espionage, CVE-2024-39717, Lumen, Lumen Technologies, Peoples Republic of China, SB Blogwatch, Versa Director, Versa Neworks, VersaMem, Volt Typhoon

Xi whiz: Versa Networks criticized for swerving the blame ...

Security Boulevard

AppSec

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On