Attackers typically use one of three common techniques to compromise SAP systems at the application layer: pivoting, portal attacks, and database warehousing, according to researchers from application security firm Onapsis.
Analysis of the Naenara Browser, a version of Mozilla Firefox modified by North Korea and bundled into Red Star OS, shows the DPRK may be funneling all traffic through one—or a handful—of public IP addresses.
A security vulnerability identified on AliExpress, the wholesale marketplace owned by the Chinese e-commerce giant Alibaba, could have been exploited by hackers to hijack merchant accounts. A different flaw could have been leveraged to gain access to buyers' details.
Researchers have uncovered several vulnerabilities in the admin panel of InfiniteWP, a free application that allows WordPress website administrators to control multiple installations from a single dashboard.
As SaaS adoption grows, so do the security concerns. But there is so much confusion around SaaS security that many enterprises are focusing on the wrong problems. Here are the three biggest myths when it comes to SaaS security...
While free tools aren’t the answer for every problem, they probably should be a part of your security toolkit. Even better, they can provide an easy way to learn about new security technologies and provide your team with hands-on experience.
When the development cycle moves quickly, it will often bypass security. When rapid development equates to shoehorning security controls in after the fact, we’re left with an approach that has potentially disastrous consequences.