A group of spoofed cryptocurrency trading apps is targeting devices running macOS to install malware called Gmera, security firm ESET reports. The malware can steal users' data as well as their cryptocurrency wallets.
COVID-19 contract-tracing applications that help monitor individuals' possible exposure to those who have tested positive for the virus present a variety of privacy issues that must be addressed, says regulatory attorney Nancy Perkins.
Is the difference between network security and web application security a bit of a puzzle for you? If so, you're not alone.
This topic is now more important than ever because the majority of cyberattacks and data breaches are related to web applications. If you're using the freebie web application scanner bundled...
The lessons of the Mirai botnet's abuse of internet-connected devices four years ago have been taken to heart, says Aaron Guzman of OWASP, which is working with others to improve security benchmarks and testing for connected devices.
Based on real-world scenarios and written by industry experts who have been in the trenches, Secure Beyond Breach is a practical guide that details how to implement a successful micro-segmentation strategy from start to finish.
Download this essential read for all cybersecurity professionals, from security...
Apache Guacamole, an open-source application that allows for remote connections to devices, contains several vulnerabilities that could enable attackers to steal data or run remote code execution, Check Point Research found. These bugs come at a time when many employees are still working remotely.
Apps are a primary target for hackers. If you don't have tools to help you find and fix application vulnerabilities, you're leaving yourself exposed.
But what tools do you need? There's a wide array of application security tools on the market to help you address security risks, and it can be hard to sort out which...
The collaboration enabled by Office 365 through file sharing and online services can streamline processes and give your company a competitive advantage and result in faster time to market. But how can people collaborate effectively if their apps are slow to respond, or their video quality is poor, or their connections...
Vulnerabilities due to "coding errors" in a number of mobile banking applications make them all too susceptible to hacking and customer account data theft, the security firm Positive Technologies warns.
Third-party risk management (TPRM) is more important now than ever. The practice extends far beyond "checking the box" for compliance. And while compliance is a critical component, recent market turbulence has organizations prioritizing business continuity, financial due diligence, and business resilience. How can you...
Microsoft's Azure Security Center has detected a new hacking campaign that for the first time specifically targets the Kubeflow platform on Kubernetes and uses XMRig cryptominer to mine for monero across multiple clusters.
Researchers at MIT and the University of Michigan have uncovered multiple security flaws in the online voting platform OmniBallot which could allow hackers to access and manipulate voter data. The platform is currently in use in three states for military personnel and disabled residents.
To remain competitive in an environment where data breaches are getting more common, focusing on application security can be a competitive advantage for you.
Download this guide on Application Security to learn:
The key factors involved in having a strong application security posture
What business leaders need...
A bipartisan group of lawmakers sent a letter to Juniper Networks seeking a more detailed explanation into a 2015 incident when an NSA-created algorithm - that may have included a backdoor - appeared in a company product that would have allowed VPN traffic to be decrypted.
Carnegie Mellon University Software Engineering Institute's CERT notification center has posted a warning of a flaw in the Universal Plug and Play protocol that could potentially affect billions of internet-connected devices. If exploited, this flaw could lead to DDoS attacks and theft of data.