newsFlaw in Citrix software led to the recent cyberattack on Boeing: ReportMalicious elements, including LockBit 3.0, managed to exploit vulnerabilities in Citrix software even after they were fixed. By Gagandeep Kaur22 Nov 20233 minsVulnerabilities news MOVEit carnage continues with over 2600 organizations and 77M people impacted so farBy Gagandeep Kaur21 Nov 20233 minsData BreachVulnerabilitiesnews analysis Intel patches high-severity CPU privilege escalation flawBy Lucian Constantin15 Nov 20234 minsVulnerabilities news analysisCisco patches serious flaws in Firepower and Identity Services EngineBy Lucian Constantin 06 Nov 20234 minsNetwork SecurityVulnerabilities feature12 notable bug bounty programs launched in 2023By Michael Hill 06 Nov 202312 minsHackingSecurity PracticesVulnerabilities news analysisHelloKitty ransomware deployed via critical Apache ActiveMQ flawBy Lucian Constantin 02 Nov 20234 minsRansomwareMalwareNetwork Security newsiLeakage updates Spectre for novel info-stealing side-channel attackBy Shweta Sharma 31 Oct 20236 minsCyberattacksVulnerabilities newsFailure to verify OAuth tokens enables account takeover on websitesBy Lucian Constantin 27 Oct 20237 minsAuthenticationApplication SecuritySecurity Practices newsCitrix urges immediate patching of critically vulnerable product linesBy Shweta Sharma 25 Oct 20233 minsNetwork SecurityVulnerabilities ArticlesfeatureKey findings from the CISA 2022 Top Routinely Exploited Vulnerabilities reportCISA’s recommendations for vendors, developers, and end-users promote a more secure software ecosystem.By Chris Hughes 21 Sep 2023 8 minsZero TrustThreat and Vulnerability ManagementSecurity PracticesnewsMicrosoft reveals memory corruption bugs in ‘ncurses’ libraryThe research reveals that the vulnerabilities can allow attackers to gain unauthorized access to systems and data by modifying a program’s memory.By Shweta Sharma 18 Sep 2023 3 minsVulnerabilitiesnews analysisAutomotive supply chain vulnerable to attack as cybersecurity regulation loomsAlmost two-thirds of automotive industry leaders believe their supply chain is vulnerable to cyberattacks, with many behind the curve on upcoming international regulation.By Michael Hill 14 Sep 2023 5 minsRegulationAutomotive IndustrySupply Chainnews analysisNew Kubernetes vulnerability allows privilege escalation in WindowsAttackers can abuse YAML configuration files to execute malicious commands in Windows hosts.By Lucian Constantin 13 Sep 2023 4 minsDevSecOpsDevSecOpsDevSecOpsnews analysisSevere Azure HDInsight flaws highlight dangers of cross-site scripting Microsoft flagged the now-patched vulnerabilities as important, and they serve as a reminder to implement proper XSS defenses.By Lucian Constantin 13 Sep 2023 5 minsInternet SecurityVulnerabilitiesfeatureEmerging cyber threats in 2023 from AI to quantum to data poisoningIn cybersecurity’s never-ending cat-and-mouse game with hackers and grifters, the threats are always evolving. Here are some of the main attacks experts see as the biggest and baddest on the horizon.By Mary K. Pratt 07 Sep 2023 10 minsAdvanced Persistent ThreatsHackingThreat and Vulnerability ManagementnewsNew research reveals most-attacked, most-vulnerable assetsWhile medical devices are the most susceptible to unpatched CVEs, operational technology assets are the most attacked.By Michael Hill 05 Sep 2023 4 minsCritical InfrastructureNetwork SecurityVulnerabilitiesnewsExpect SQL Server failures as Microsoft disables old TLS in WindowsMicrosoft has decided to pull back support for Transport Layer Security versions 1.0 and 1.1 in upcoming Windows rollouts. By Shweta Sharma 05 Sep 2023 3 minsWindows SecurityVulnerabilitiesfeatureHow attackers exploit QR codes and how to mitigate the riskAttackers are taking advantage of the increased use of QR codes to steal sensitive information or conduct phishing campaigns. Here's what security teams and employees need to know.By Bob Violino 05 Sep 2023 8 minsMobile SecurityVulnerabilitiesSecuritynews analysisChinese hackers deploy new malware to hinder Barracuda ESG remediation effortsThe fast response to mitigation attempts shows a high level of sophistication to extend what is likely a cyberespionage campaign.By Lucian Constantin 30 Aug 2023 7 minsAdvanced Persistent ThreatsMalwareVulnerabilitiesnews analysisRecently patched Juniper firewall flaws allow remote code executionResearchers have chained two medium severity vulnerabilities to execute "world ending" remote code execution, and a real-world exploit has been found. By Lucian Constantin 29 Aug 2023 6 minsRemote Access SecurityNetwork SecurityVulnerabilitiesnewsImmuniWeb releases Mobile Neuron to scan for OWASP Mobile Top 10 vulnerabilities, iOS/Android weaknessesThe automated solution features DAST, SAST, and SCA scanning capacities.By Michael Hill 24 Aug 2023 3 minsMobile SecurityApplication SecurityVulnerabilities Show more Show less View all Resources whitepaper The shift to a security approach for the full application stack This whitepaper discusses how technologists can optimize security for modern application stacks. The post The shift to a security approach for the full application stack appeared first on Whitepaper Repository. By WWT & AppDynamics 05 May 2023Application Performance ManagementEmerging TechnologyIT Management View all Video on demand videoPrinters: The overlooked security threat in your enterprise | TECHtalkPrinters, often a forgotten target in the enterprise, are vulnerable to all the usual cyberattacks. Watch as IDG TECH(talk) hosts Ken Mingis and Juliet Beauchamp and CSO Online's J.M. Porup discuss the threats to these devices, plus how to secure them and protect your network. 07 Nov 2019 20 minsHackingPrintersVulnerabilities Don't ignore application security | Salted Hash Ep 35 23 Jul 2018 18 minsApplication SecurityVulnerabilitiesSecurity The Dyn cyberattack, one year later | Salted Hash Ep 11 11 Dec 2017 22 minsCybercrimeInternet of ThingsVulnerabilities See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Generative AI Show me morePopularArticlesPodcastsVideos feature How a digital design firm navigated its SOC 2 audit By Alex Levin 28 Nov 202311 mins CertificationsCompliance news GE investigates alleged data breach into confidential projects: Report By Shweta Sharma 27 Nov 20233 mins Data Breach opinion A year after ChatGPT’s debut, is GenAI a boon or the bane of the CISO’s existence? By Christopher Burgess 27 Nov 20236 mins Generative AIData and Information SecuritySecurity Practices podcast CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison 20 Nov 202315 mins CSO and CISO podcast CSO Executive Sessions Australia with Robbie Whittome, CISO at Curtin University 16 Oct 202315 mins CSO and CISO podcast CSO Executive Sessions / ASEAN: Cisco's Anthony Grieco on opportunities in Southeast Asia's cybersecurity landscape 10 Oct 202316 mins CSO and CISO video CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison 20 Nov 202315 mins CSO and CISO video AI and Cybersecurity: Speed Bumps, Training, and Communication 06 Nov 202317 mins CyberattacksGenerative AI video CSO Executive Sessions Australia with Robbie Whittome 16 Oct 202315 mins CSO and CISO