Application Security
Google today introduced a new bug bounty program to reward security researchers who discover and report vulnerabilities in the company’s open source projects.As part...
Hi, what are you looking for?
SecurityWeek
Application Security
RevEng.ai has raised $4.15 million in seed funding for an AI platform that automatically detects malicious code and vulnerabilities in software.
Application Security
New research suggests more than 10,000 SaaS apps could remain vulnerable to a nOAuth variant despite the basic issue being disclosed in June 2023.
Application Security
Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions.
Application Security
Join the live webinar to understand why data in itself is not enough to make informed decisions for prioritization.
Application Security
Atlassian’s security response team has issued an urgent advisory to warn of a critical command injection flaw in its Bitbucket Server and Data Center...
Application Security
Password management software firm LastPass has suffered a data breach that led to the theft of source code and proprietary technical information.
Application Security
BalkanID, a Texas startup building technology in the Identity Governance and Administration (IGA) space, has added $2.3 million to its seed financing round, bringing...
Application Security
Google has officially announced the open sourcing of ‘Paranoid’, a project for identifying well-known weaknesses in cryptographic artifacts.
Application Security
Popular streaming media platform Plex is scrambling to reset user passwords after a database hack that included the theft of emails, usernames, and encrypted...
Application Security
Virtualization technology software giant VMware on Tuesday released patches to fix an important-severity security flaw in the VMware Tools suite of utilities.The vulnerability, tracked...
Application Security
Remote code execution vulnerability fixed in GitLab Community Edition (CE) and Enterprise Edition (EE) updates.
Application Security
Healthcare services provider Novant Health has sent notifications to more than 1.3 million individuals that their protected health information (PHI) might have been inadvertently...
Application Security
The Federal Bureau of Investigation (FBI) has raised an alarm for cybercriminals using proxies and configurations to hide and automate credential stuffing attacks against...
Application Security
TXOne Networks, a joint venture between cybersecurity firm Trend Micro and industrial networking solutions provider Moxa, has banked $70 million in new venture capital...
Application Security
Apple on Wednesday rolled out emergency patches for a pair of already exploited zero-day vulnerabilities in its flagship macOS and iOS platforms.Apple confirmed in-the-wild...
Application Security
Trend Micro’s Zero Day Initiative, a major player in the vulnerability disclosure ecosystem, is ramping up the pressure on software vendors that consistently ship...
Application Security
A team of researchers from various companies has analyzed Electron-based desktop applications and ended up discovering vulnerabilities in several widely used pieces of software.
Application Security
Microsoft on Monday announced another major disruption of an APT actor believed to be linked to the Russian government, cutting off access to accounts...
Application Security
Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas.
Application Security
LAS VEGAS - BLACK HAT USA 2022 - An analysis conducted by two researchers has revealed that some commercial cybersecurity products rely on algorithms...
Application Security
Onions are great for analogies, as are buckets full of stuff from the beach. In this piece, I’d like to take a look at...
Application Security
Microsoft Office has started publishing Office symbols for Windows in an effort to help bug hunters find and report security issues.Symbols are pieces of...
Application Security
Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that...
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
Ransomware is a major threat to the enterprise. Tools and training help, but survival depends on one thing: your organization’s muscle memory to respond fast and recover stronger.
(Trevin Edgeworth)
Strong security doesn’t just rely on tools—it starts with trust, clarity, and sincerity from the top down.
(Joshua Goldfarb)
The future of secure digital engagement depends on continuous identity verification and proofing that can scale with risk.
(Torsten George)
In a rapidly changing AI environment, CISOs are worried about investing in the wrong solution or simply not investing because they can’t decide what the best option is.
(Marc Solomon)
Adopting a layered defense strategy that includes human-centric tools and updating security components.
(Stu Sjouwerman)