State-sponsored groups in China appear to be targeting India’s power supply by dropping malware into systems, according to online digital threat analysis company Recorded Future. The Indian government says it has taken steps to mitigate the risks.
Prolific Ryuk ransomware has a new trick up its sleeve. "A Ryuk sample with worm-like capabilities - allowing it to spread automatically within networks it infects" was recently discovered during an incident response effort, warns CERT-FR, the French government's computer emergency response team.
A pair of U.S. House committees held their first public hearings into the SolarWinds attack, with lawmakers and witnesses offering support for expanding federal cybersecurity laws to address the security failures. This includes a larger role for CISA to conduct threat hunting.
Integrating application security into your software development process is critical, but figuring out where to start can be confusing. Downloading Gartner’s Magic Quadrant for Application Security Testing (AST) is a smart place to start.
By reading the report, you’ll learn:
Why modern application...
Penetration testing. Bleeding-edge technology solutions. A huge budget. Are these enterprise cybersecurity essentials … or could you ignore them and still have a comprehensive and effective cyber defense?
We all know that cybersecurity is an increasingly important part of our business life, and that it requires...
The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.
The cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the Accellion File Transfer Appliance to steal data and execute ransomware. Australia's Transport for New South Wales and Canada's Bombardier are the latest victims to be revealed.
High-speed identity screening can play a critical role in cracking down on fraud tied to COVID-19 economic relief efforts without impeding legitimate access to funds, says Dr. Gary Shiffman, CEO of Giant Oak, which offers artificial intelligence technology.
The Python Software Foundation is issuing updates for Python 3.9.2 and 3.8.8 to address critical security vulnerabilities, including a remote code execution vulnerability that can be exploited to shut down systems.
Are you protected from these common AppSec risks?
A single weak point in a line
of code can create an open
door for attackers.
The cost of an average
breach is $3,920,000.
Nearly 80% of apps contain
at least one critical or high
Attacks targeting the application layer are on the rise.
Standards and legislation provide incomplete security coverage:
61% of applications had at least one Critical and High Issue NOT covered by OWASP Top 10.
This up 12% YOY, from 49% to 61%.
Open source code has blind spots:
Among the top movers in...
Are Your Applications Secure?
Turn on the news today, and you’ll see how hacks and other cyber threats are wreaking havoc on
businesses across the globe. And, while software security is becoming a higher priority, for many
businesses it’s still an afterthought for most - one-quarter of respondents report their...
A newly-discovered phishing campaign posts harvested credentials using the Telegram messaging app's application programming interface to bypass secure email gateways, report researchers at the Cofense Phishing Defense Center.