Application Security Archives

SECURITYWEEK NETWORK:

Security Experts:

Hi, what are you looking for?

Application Security

PayPal Warns Users of Credential Stuffing Attacks

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Ionut ArghireJanuary 20, 2023

Application Security

Drupal Patches Vulnerabilities Leading to Information Disclosure

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Ionut ArghireJanuary 20, 2023

Application Security

Chainguard Trains Spotlight on SBOM Quality Problem

A new report finds that barely 1% of all SBOMs being generated today meets the “minimum elements” defined by the U.S. government.

Ryan NaraineJanuary 19, 2023

Application Security

CSRF Vulnerability in Kudu SCM Allowed Code Execution in Azure Services

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Ionut ArghireJanuary 19, 2023

Application Security

Credential Leakage Fueling Rise in API Breaches

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Kevin TownsendJanuary 19, 2023

Application Security

Vendors Actively Bypass Security Patch for Year-Old Magento Vulnerability

Vendors and agencies are bypassing a security patch that Adobe released in February 2022 to address CVE-2022-24086.

Ionut ArghireJanuary 18, 2023

Application Security

Website of Canadian Liquor Distributor LCBO Infected With Web Skimmer

Canadian liquor distributor Liquor Control Board of Ontario said a web skimmer injected into its online store was used to steal data.

Ionut ArghireJanuary 16, 2023

Application Security

Tesla Returns as Pwn2Own Hacker Takeover Target

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Ryan NaraineJanuary 12, 2023

Application Security

Investors Bet Big on Subscription-Based Security Skills Training

Hack The Box Raises $55 Million in Funding Round Led by Carlyle

Ryan NaraineJanuary 11, 2023

Application Security

Microsoft Patch Tuesday: 97 Windows Vulns, 1 Exploited Zero-Day

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s...

Ryan NaraineJanuary 10, 2023

Application Security

Adobe Plugs Security Holes in Acrobat, Reader Software

Software maker Adobe has rolled out its first batch of security patches for 2023 with fixes for at least 29 security vulnerabilities in a...

Ryan NaraineJanuary 10, 2023

Application Security

Zoom Patches High Risk Flaws on Windows, MacOS Platforms

Video messaging giant Zoom has released patches for multiple security vulnerabilities that expose both Windows and macOS users to malicious hacker attacks.The vulnerabilities, in...

Ryan NaraineJanuary 10, 2023