Application Security

HeadCrab Malware Threatens Redis Servers

TheCISO - February 5, 2023

A new type of malware, dubbed "HeadCrab", has been discovered by Nitzan Yaakov and Asaf Eitani, researchers at Aqua Security. It is designed to...

Vulnerabilities

Critical Vulnerability Discovered in Jira Service Management Server and Data Center

TheCISO - February 4, 2023

A critical security vulnerability has been discovered in Jira Service Management Server and Data Center, which has been assigned the CVE identifier CVE-2023-22501 and...

Application Security

Zero-Day Vulnerability Found in Fortra’s GoAnywhere MFT

TheCISO - February 4, 2023

A dangerous zero-day vulnerability has been discovered in Fortra's GoAnywhere Managed File Transfer (MFT) application and is currently being actively exploited. Security reporter Brian...

Application Security

Apple Announces New Security Features

TheCISO - December 11, 2022

Apple has announced the introduction of three new advanced security features focused on protecting against threats to user data in the cloud. “At Apple, we...

News

Half of Twitter’s Workers Have Access to Its Code And User Confidential Data

TheCISO - August 24, 2022

Twitter's former head of security accused the social media company and its executives of “extensive legal violations.” Peiter Zatko, Twitter’s head of security who was...

Articles

Three New Web Application Security Risks Climb Up The OWASP Top 10

Dimitris Gkoutzamanis - April 22, 2022

OWASP Top 10 is a standard awareness document which represent a consensus about the most critical security risks to web applications. For the year 2021,...

Articles

How to Secure Your Microservices

Dimitris Gkoutzamanis - March 3, 2022

Compared to monolithic applications, which house all code in a single system, microservices are small, autonomous units that address individual functions and work with...

Application Security

Google Cloud Gets Virtual Machine Threat Detection to Help Detect Crypto Mining

Dimitris Gkoutzamanis - February 9, 2022

Google announced the public preview of a tool which helps identify threats within virtual machines running on its Google Cloud infrastructure. VMTD to Help Identify...

Vulnerabilities

13 Known Exploited Vulnerabilities Added to CISA Catalog

Dimitris Gkoutzamanis - January 23, 2022

CISA has added 13 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed...

Application Security

What are Dependency Confusion Attacks?

TheCISO - January 14, 2022

A dependency confusion attack (or supply chain attack) occurs when a software installer script is tricked into pulling malicious code file from a public...

News

Huge Increase of WordPress Vulnerabilities in 2021

Dimitris Gkoutzamanis - January 13, 2022

Riskbased Security researchers revealed a huge increase of WordPress vulnerabilities in 2021 in their latest research. 10,359 vulnerabilities were reported to affect third-party WordPress...

News

Patch Microsoft Critical Flaw Now

TheCISO - January 13, 2022

Latest Microsoft security updates address a new critical flaw CVE-2022-21907 in the HTTP protocol stack which could potentially lead to remote code execution. Microsoft...

123 4 Page 2 of 4

Latest

FTI Consulting Study Reveals Significant Communications Gaps Between CISOs and C-Suites Despite Increased Focus on Cybersecurity

April 3, 2024

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Application Security

Latest

FTI Consulting Study Reveals Significant Communications Gaps Between CISOs and C-Suites Despite Increased Focus on Cybersecurity

The “World’s Most Harmful Cyber Crime Group” Taken Down

The Canadian Clampdown on Flipper Zero: A Move Against Auto Theft

CISA Warns on Known Exploited Vulnerability ‘Roundcube’

HPE Hacked by Russian Group Following Microsoft Email Breach

SEC Blames SIM Swapping and Lack of MFA for X Account Hijacking

FCC Expands Data Breach Notification Requirements

CISA’s Pre-Ransomware Alerts Saved Organizations Millions in Damages

Microsoft Executive Emails Hacked by Russian Intelligence Group

Top Impersonated Brands in Phishing

Sophisticated Email Spoofing Attack Results in Multi-Million Dollar Theft from US Health Department

FBI and CISA Issue Warning on AndroxGh0st Malware

Over 178,000 SonicWall Firewalls Vulnerable to Exploits

Ransomware Attacks in 2023: A Startling Surge and the Ongoing Battle

How the LockBit Ransomware Compromised the World’s Largest Financial Institution

Hacker Group Actively Exploiting a Critical Exchange Server Vulnerability

Understanding the Escalating Threat of DoS Attacks: Insights from the ENISA Threat Landscape Report

Okta Security Breach More Serious Than Initially Estimated

Exposed: How Romance Scams Steal Millions in Crypto

Hamas-linked APT Group Targeting Israeli Entities

Menu

Popular Categories