Application and platform security
Applications and platform security is the basis of preventing vulnerabilities and attacks. Learn the latest about applications attacks, secure software development, patch management, OS security, virtualization, open source security, API security, web app and server security and more.
Top Stories
-
News
06 Mar 2024
Apple discloses 2 iOS zero-day vulnerabilities
CVE-2024-23225 and CVE-2024-23296, which bypass kernel memory protections, mark the second and third zero-day vulnerabilities that Apple has disclosed and patched this year. Continue Reading
-
News
28 Feb 2024
New Nvidia, GitHub AI coding assistants expand devs' options
GitHub Copilot Enterprise and StarCoder2 LLMs, both released this week, will add to an array of AI coding assistants. But caution, especially with security, is still warranted. Continue Reading
-
News
27 Feb 2024
Ransomware gangs exploiting ConnectWise ScreenConnect flaws
Ransomware activity is ramping up against vulnerable ScreenConnect systems as Black Basta and Bl00dy threat actors were observed exploiting the vulnerabilities. Continue Reading
-
News
23 Feb 2024
GitHub Copilot replicating vulnerabilities, insecure code
Research from Snyk shows that AI assistants such as GitHub Copilot, which offer code completion suggestions, often amplify existing bugs and security issues in a user's codebase. Continue Reading
-
News
22 Feb 2024
ConnectWise ScreenConnect flaws under attack, patch now
Huntress said in a blog post this week that the ConnectWise ScreenConnect flaws, which have come under attack, were 'trivial and embarrassingly easy' for a threat actor to exploit. Continue Reading
-
News
21 Feb 2024
Apple unveils PQ3 post-quantum encryption for iMessage
Apple said its new PQ3 protocol for iMessage is the first of its kind and addresses both future threats from quantum computing as well as "harvest now, decrypt later" attacks. Continue Reading
-
News
15 Feb 2024
Eclypsium: Ivanti firmware has 'plethora' of security issues
In its firmware analysis, Eclypsium found that the Ivanti Pulse Secure appliance used a version of Linux that was more than a decade old and several years past end of life. Continue Reading
-
Definition
15 Feb 2024
firewall as a service (FWaaS)
Firewall as a service (FWaaS), also known as a cloud firewall, is a service that provides cloud-based network traffic analysis capabilities to customers as part of an overall cybersecurity program. Continue Reading
-
News
14 Feb 2024
Microsoft, OpenAI warn nation-state hackers are abusing LLMs
Microsoft and OpenAI observed five nation-state threat groups leveraging generative AI and large language models for social engineering, vulnerability research and other tasks. Continue Reading
-
News
13 Feb 2024
February Patch Tuesday corrects two Windows zero-days
Administrators should focus on quickly deploying a critical vulnerability in Microsoft Outlook and exercising caution when applying an Exchange Server 2019 cumulative update. Continue Reading
-
Definition
12 Feb 2024
crisis management plan (CMP)
A crisis management plan (CMP) outlines how an organization should respond to a critical situation that if left unaddressed, could negatively affect its profitability, reputation or ability to operate. Continue Reading
-
News
07 Feb 2024
CISA: Volt Typhoon had access to some U.S. targets for 5 years
A joint cybersecurity advisory expanded on the Volt Typhoon threat Wednesday, confirming attackers maintained prolonged persistent access to critical infrastructure targets. Continue Reading
-
Tip
31 Jan 2024
Top 15 email security best practices for 2024
Attackers exploit email every day to break into corporate networks, but the risk can be reduced by adhering to these 15 email security best practices. Continue Reading
-
Tip
29 Jan 2024
Cybersecurity skills gap: Why it exists and how to address it
The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
-
News
19 Jan 2024
Chinese threat group exploited VMware vulnerability in 2021
After VMware confirmed that CVE-2023-34048 had been exploited, Mandiant attributed the activity to a China-nexus threat group and revealed that exploitation began in late 2021. Continue Reading
-
News
18 Jan 2024
Chainalysis observes decrease in cryptocurrency crime in 2023
During 2023, Chainalysis tracked a decrease in the total value and volume of illicit cryptocurrency transactions. But it is unclear if the downward trend will continue. Continue Reading
-
News
17 Jan 2024
New zero-days in Citrix NetScaler ADC, Gateway under attack
The new vulnerabilities come four months after a variety of threat actors exploited the 'Citrix Bleed' zero-day flaw in NetScaler ADC and Gateway products. Continue Reading
-
News
16 Jan 2024
Ivanti zero-day flaws under 'widespread' exploitation
Volexity confirmed that multiple threat actors have exploited two critical Ivanti zero-day vulnerabilities, with 1,700 devices compromised so far. Continue Reading
-
News
11 Jan 2024
Ivanti confirms 2 zero-day vulnerabilities are under attack
Volexity reported the vulnerabilities to Ivanti after discovering that suspected Chinese nation-state threat actors created an exploit chain to achieve remote code execution. Continue Reading
-
News
09 Jan 2024
Microsoft starts year with a subdued January Patch Tuesday
For the second month in a row, Microsoft had no zero-days and relatively few vulnerabilities for administrators to address. Continue Reading
-
Definition
09 Jan 2024
sandbox
A sandbox is an isolated testing environment that enables users to run programs or open files without affecting the application, system or platform on which they run. Continue Reading
-
News
27 Dec 2023
Another Barracuda ESG zero-day flaw exploited in the wild
On Christmas Eve, Barracuda disclosed that a China-nexus threat actor had resumed attacks against its Email Security Gateway appliance using a new zero-day vulnerability. Continue Reading
-
News
21 Dec 2023
Cisco Security Cloud adds Isovalent for multi-cloud networks
The commercial backer of open source networking and security projects Cilium and Tetragon comes under Cisco's control for cloud-native network security. Continue Reading
-
Tip
21 Dec 2023
Web fuzzing: Everything you need to know
Web fuzzing provides automated web application testing, which enables security teams to discover vulnerabilities within web apps before attackers do. Continue Reading
-
Definition
21 Dec 2023
Zoombombing
Zoombombing is a type of cyber-harassment in which an unwanted and uninvited user or group of such users interrupts online meetings on the Zoom video conference app. Continue Reading
-
News
18 Dec 2023
Akamai discloses zero-click exploit for Microsoft Outlook
During research into an older Microsoft Outlook privilege escalation vulnerability, Akamai discovered two new flaws that can be chained for a zero-click RCE exploit. Continue Reading
-
Definition
15 Dec 2023
business logic
In programming, business logic is the part of a software program responsible for implementing the business rules that define how data should be created, modified, transformed, communicated and in other ways managed and controlled. Continue Reading
-
News
12 Dec 2023
Microsoft delivers light December Patch Tuesday for admins
IT operations teams should prioritize deploying the Windows cumulative update to dispatch a critical MSHTML bug affecting Microsoft Outlook. Continue Reading
-
Opinion
12 Dec 2023
Application security consolidation remains nuanced
As web application and API protection converge into cloud-based WAAP, Enterprise Strategy Group research shows enterprise interest, but security concerns remain. Continue Reading
-
Definition
12 Dec 2023
cyber attack
A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Continue Reading
-
News
05 Dec 2023
Exposed Hugging Face API tokens jeopardized GenAI models
Lasso Security discovered more than 1,600 exposed Hugging Face API tokens provided access to generative AI and large-language models contained in hundreds of repositories. Continue Reading
-
News
04 Dec 2023
Fancy Bear hackers still exploiting Microsoft Exchange flaw
Microsoft and Polish Cyber Command warned enterprises that Russian nation-state hackers are exploiting CVE-2023-23397 to gain privileged access to Exchange email accounts. Continue Reading
-
Feature
01 Dec 2023
TikTok bans explained: Everything you need to know
The United States wants to ban the viral video sharing application TikTok. Continue Reading
-
News
30 Nov 2023
ScamClub spreads fake McAfee alerts to ESPN, AP, CBS sites
Malwarebytes said the malicious affiliate behind the fake virus alerts and other malvertising attacks has been flagged many times over the years, but McAfee has yet to take action. Continue Reading
-
News
29 Nov 2023
Okta: Support system breach affected all customers
Okta warned customers that they face an 'increased risk of phishing and social engineering attacks' after new details emerged from a breach that occurred earlier this year. Continue Reading
-
Opinion
20 Nov 2023
Security continues to lag behind cloud app dev cycles
Enterprise Strategy Group research revealed security gaps in cloud-native software development -- issues that should be addressed as soon as possible. Continue Reading
-
Tip
17 Nov 2023
SBOM formats compared: CycloneDX vs. SPDX vs. SWID Tags
Organizations can choose between three SBOM formats: CycloneDX, SPDX and SWID Tags. Learn more about them to determine which fits your organization best. Continue Reading
-
News
14 Nov 2023
Microsoft halts 3 zero-days on November Patch Tuesday
Microsoft addresses 67 vulnerabilities, including six critical, and shuts down four bugs in the Exchange Server email platform this month. Continue Reading
-
News
14 Nov 2023
Cryptocurrency wallets might be vulnerable to 'Randstorm' flaw
Cryptocurrency recovery company Unciphered discovered a vulnerability in a JavaScript Bitcoin library that could jeopardize private keys. Continue Reading
-
News
09 Nov 2023
Generative AI brings changes to cloud-native platforms
Generative AI took over tech in 2023, and cloud-native platforms are no exception. The need to support LLMs is already affecting CNCF projects, including Kubernetes. Continue Reading
-
News
09 Nov 2023
Lace Tempest exploits SysAid zero-day vulnerability
SysAid urged users to patch a zero-day vulnerability in its on-premises software, which is being exploited by the threat actor behind the MoveIt Transfer ransomware attacks. Continue Reading
-
News
08 Nov 2023
Atlassian Confluence vulnerability under widespread attack
Atlassian's Confluence Data Center and Server products are under attack again as reports of widespread exploitation roll in just days after CVE-2023-22518 was publicly disclosed. Continue Reading
-
News
08 Nov 2023
Intel exec affixes OpenSSF, CNCF open source security efforts
Intel's Arun Gupta, now governing board chair of both the CNCF and OpenSSF, discusses his plans to bring all three organizations together to improve open source security. Continue Reading
-
News
07 Nov 2023
Microsoft, ZDI disagree over Exchange zero-day flaws
Microsoft said it had previously fixed one of the flaws and that the others did not require a patch. Trend Micro's Zero Day Initiative, however, disagreed with the software giant. Continue Reading
-
Definition
06 Nov 2023
multisig (multisignature)
Multisig, also called multisignature, is the requirement for a transaction to have two or more signatures before it can be executed. Continue Reading
-
News
02 Nov 2023
Microsoft launches Secure Future Initiative to bolster security
In the wake of several significant attacks, Microsoft announced new initiatives to address software development and vulnerability mitigation, among other security risks. Continue Reading
-
News
02 Nov 2023
Zscaler finds 117 Microsoft 365 bugs via SketchUp 3D file type
Microsoft published patches to address all 117 Microsoft 365 Apps flaws disclosed Tuesday, and the tech giant has disabled support for SketchUp, or SKP, 3D model files. Continue Reading
-
Definition
01 Nov 2023
authentication
Authentication is the process of determining whether someone or something is who or what they say they are. Continue Reading
-
News
31 Oct 2023
No patches yet for Apple iLeakage side-channel attack
Apple said it is working on more complete fixes for the iLeakage side-channel attack technique, but only one partial mitigation is currently available to macOS customers. Continue Reading
-
Definition
31 Oct 2023
virtualization-based security (VBS)
Virtualization-based security (VBS) is a technology that abstracts computer processes from the underlying operating system (OS) and, in some cases, hardware. Continue Reading
-
Definition
30 Oct 2023
supercookie
A supercookie is a type of tracking cookie inserted into an HTTP header to collect data about a user's internet browsing history and habits. Continue Reading
-
Tip
30 Oct 2023
What an email security policy is and how to build one
Companies must have an effective security policy in place to protect email from cybercriminals and employee misuse. Learn how to build one for your company. Continue Reading
-
News
24 Oct 2023
1Password stops attack linked to Okta breach
1Password said a threat actor used a HAR file stolen in the recent Okta breach to access the password manager's Okta tenant, but the activity was detected and blocked. Continue Reading
-
News
23 Oct 2023
Okta customer support system breached via stolen credentials
During the latest breach against the identity and access management vendor, attackers took advantage of the system intended to provide support for Okta customers. Continue Reading
-
Tip
20 Oct 2023
How to work with the new Windows LAPS feature
Microsoft updated this automated method to manage and back up passwords for local administrator accounts on Windows desktop and server systems. See what's new with Windows LAPS. Continue Reading
-
News
19 Oct 2023
North Korean hackers exploit critical TeamCity vulnerability
While a patch is available, Microsoft and JetBrains confirmed TeamCity users have been compromised in attacks that leverage CVE-2023-42793 as an initial attack vector. Continue Reading
-
News
18 Oct 2023
Prisma Cloud analytics, automation boost DevSecOps speed
Prisma Cloud's Darwin update looks to address DevSecOps communication and velocity lags with centralized analytics and by ditching tickets for automated pull requests. Continue Reading
-
Definition
17 Oct 2023
Secure Sockets Layer certificate (SSL certificate)
A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser. Continue Reading
-
Tip
17 Oct 2023
Allowlisting vs. blocklisting: Benefits and challenges
Allowlisting and blocklisting are key components of access control. Learn the benefits and challenges of each approach and why a combination of the two is often the best strategy. Continue Reading
-
News
10 Oct 2023
Microsoft tackles three zero-days for October Patch Tuesday
The company releases fixes for several products affected by the HTTP/2 "Rapid Reset" vulnerability to help curb widespread Distributed Denial-of-Service attacks. Continue Reading
-
News
04 Oct 2023
Critical Atlassian Confluence zero-day flaw under attack
Collaboration software vendor Atlassian urged customers with affected versions of Confluence Data Center and Server to apply patches for CVE-2023-22515 immediately. Continue Reading
-
News
04 Oct 2023
Docker Scout GA leads 'local plus cloud' push
Docker Scout replaces open source Docker Scan with an event-driven vulnerability management system in a bid to boost the vendor's value beyond developers' local laptops. Continue Reading
-
News
03 Oct 2023
Spyware vendor exploiting kernel flaw in Arm Mali GPU drivers
Arm Mali GPUs affected by CVE-2023-4211, which was discovered by Google researchers, include a wide range of Android phones as well as ChromeOS devices such as Chromebooks. Continue Reading
-
Definition
03 Oct 2023
security posture
Security posture refers to an organization's overall cybersecurity strength and how well it can predict, prevent and respond to ever-changing cyberthreats. Continue Reading
-
News
02 Oct 2023
Openwall patches 3 of 6 Exim zero-day flaws
The Openwall Project urged users to upgrade to the latest version of Exim, but there have been timely patching struggles with the message transfer agent software in the past. Continue Reading
-
Tip
29 Sep 2023
How to use Wireshark to sniff and scan network traffic
Wireshark continues to be a critical tool for security practitioners. Learning how to use it to scan network traffic should be on every security pro's to-do list. Continue Reading
-
News
26 Sep 2023
Clop MoveIt Transfer attacks affect over 2,000 organizations
According to research by security vendor Emsisoft, 2,095 organizations and 62,054,613 individuals have been affected by the Clop gang's attacks on MoveIt Transfer customers. Continue Reading
-
News
22 Sep 2023
Apple issues emergency patches for 3 zero-day bugs
Apple said CVE-2023-41992, CVE-2023-41991 and CVE-2023-41993 -- all reported by Citizen Lab and Google researchers -- might have been exploited against versions of iOS before 16.7. Continue Reading
-
Opinion
18 Sep 2023
What to consider when creating a SaaS security strategy
Securing SaaS applications is more important and confusing than ever. Consider visibility, UX and workflow when creating a SaaS security strategy and adopting tools. Continue Reading
-
News
14 Sep 2023
CloudBees scales its Jenkins CI, previews SaaS platform
About a year after acquiring ReleaseIQ, CloudBees prepares the fruits of its integration for launch and adds long-awaited scale-out to its commercial version of Jenkins. Continue Reading
-
News
14 Sep 2023
Developer platform Retool breached in vishing attack
A successful vishing attack against a Retool employee led to account takeovers of 27 cloud customers, but the company is pointing the finger at Google. Continue Reading
-
Feature
14 Sep 2023
Generative AI emerges for DevSecOps, with some qualms
New and developing tools use natural language processing to assist DevSecOps workflows, but concerns linger among developers about security risks as well. Continue Reading
-
News
12 Sep 2023
Microsoft solves two zero-days for September Patch Tuesday
Microsoft addresses 62 vulnerabilities this month, including a Microsoft Word flaw and a Windows bug that have both been exploited in the wild. Continue Reading
-
Podcast
12 Sep 2023
Risk & Repeat: Big questions remain on Storm-0558 attacks
Microsoft revealed that Storm-0558 threat actors stole a consumer signing key from its corporate network, but many questions about the breach and subsequent attacks remain. Continue Reading
-
News
12 Sep 2023
Cisco Full-Stack Observability draws on channel clout
Cisco's latest tie-in between app security and observability doesn't break new ground, but the vendor can use its network security cachet and partners to woo enterprise buyers. Continue Reading
-
News
07 Sep 2023
How Storm-0558 hackers stole an MSA key from Microsoft
Microsoft detailed a series of errors that led to a consumer account signing key accidentally being included in a crash dump that was later accessed by Storm-0558 actors. Continue Reading
-
News
06 Sep 2023
Okta: 4 customers compromised in social engineering attacks
Okta said a threat actor convinced IT personnel at several customers to reset MFA factors for highly privileged users, though it's unclear how they accomplished that task. Continue Reading
-
Podcast
30 Aug 2023
Risk & Repeat: Digging into Microsoft security criticisms
Executives, researchers and former employees told TechTarget Editorial about issues with Microsoft security practices, including patch bypasses, poor transparency and more. Continue Reading
-
News
29 Aug 2023
Microsoft Teams attack exposes collab platform security gaps
Criminal and state-sponsored hackers are ramping up cyberattacks on instant messaging platforms and other workplace collaboration tools. Meanwhile, enterprises' readiness lags. Continue Reading
-
News
29 Aug 2023
Mandiant reveals new backdoors used in Barracuda ESG attacks
Further investigations show threat actors were prepared for Barracuda Networks' remediation efforts, including an action notice to replace all compromised devices. Continue Reading
-
Feature
25 Aug 2023
Better API security needed as companies modernize apps
As developers build more complex applications, the widespread use of APIs is creating significant security challenges for organizations, according to a new survey from ESG. Continue Reading
-
News
24 Aug 2023
FBI: Suspected Chinese actors continue Barracuda ESG attacks
The alert comes after Barracuda Networks issued an advisory stating that patches for CVE-2023-2868 were insufficient and all affected ESG devices need to be replaced. Continue Reading
-
Definition
23 Aug 2023
BYOI (bring your own identity)
BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password are managed by a third party. BYOI is increasingly being used for website authentication. Continue Reading
-
News
22 Aug 2023
Ivanti issues fix for third zero-day flaw exploited in the wild
CVE-2023-38035 is the latest Ivanti zero-day vulnerability to be exploited in the wild. The vendor has released a series of remediation recommendations. Continue Reading
-
News
21 Aug 2023
Vendors criticize Microsoft for repeated security failings
Microsoft is facing frustration for numerous security issues, including problematic transparency, numerous patch bypasses and inconsistent communication practices. Continue Reading
-
Definition
18 Aug 2023
Electronic Discovery Reference Model (EDRM)
The Electronic Discovery Reference Model (EDRM) is a conceptual framework that outlines activities for the recovery and discovery of digital data. Continue Reading
-
News
17 Aug 2023
CISA, vendors warn Citrix ShareFile flaw under attack
A vulnerability in the managed file transfer product that enterprises use is being actively exploited two months after Citrix released a fix. Continue Reading
-
Definition
11 Aug 2023
message authentication code (MAC)
A message authentication code (MAC) is a cryptographic checksum applied to a message in network communication to guarantee its integrity and authenticity. Continue Reading
-
News
10 Aug 2023
Palo Alto: SugarCRM zero-day reveals growing cloud threats
Recent incident response investigations reveal that attackers are becoming more advanced when it comes to the cloud, but there are steps enterprises can take to mitigate risks. Continue Reading
-
News
10 Aug 2023
Trend Micro discloses 'silent threat' flaws in Azure ML
During a Black Hat 2023 session, Trend Micro researchers discussed several vulnerabilities they discovered in Azure Machine Learning that allow sensitive information disclosure. Continue Reading
-
News
09 Aug 2023
Onapsis researchers detail new SAP security threats
At Black Hat 2023, Onapsis researchers demonstrated how attackers could chain a series of SAP vulnerabilities impacting the P4 protocol to gain root access to a target network. Continue Reading
-
News
09 Aug 2023
Several Exchange Server flaws fixed on August Patch Tuesday
Microsoft addresses 74 vulnerabilities this month with the on-premises email server platform returning to the spotlight with corrections to close six security holes. Continue Reading
-
News
09 Aug 2023
Tenable launches LLM-powered ExposureAI product
ExposureAI will be integrated into Tenable One, the vendor's encompassing exposure management platform, and is the latest cybersecurity produce to employ large language models. Continue Reading
-
Definition
09 Aug 2023
crisis management
Crisis management is the application of strategies designed to help an organization deal with a sudden and significant negative event, while maintaining business continuity. Continue Reading
-
Tip
08 Aug 2023
5 steps to ensure HIPAA compliance on mobile devices
IT must implement several measures to comply with HIPAA, and mobile devices can add further complexity to this process. Follow these important steps for mobile HIPAA compliance. Continue Reading
-
Definition
08 Aug 2023
Google Play Protect
Google Play Protect is a malware protection and detection service built into Android devices that use Google Mobile Services. Continue Reading
-
Definition
01 Aug 2023
Computer Fraud and Abuse Act (CFAA)
The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that imposes criminal penalties on individuals who intentionally access a protected computer without proper authorization or whose access exceeds their authorization. Continue Reading
-
Definition
28 Jul 2023
national identity card
A national identity card is a portable document, typically a plasticized card with digitally embedded information, that is used to verify aspects of a person's identity. Continue Reading
-
Opinion
26 Jul 2023
Security hygiene and posture management: A work in progress
Security hygiene and posture management may be the bedrock of cybersecurity, but new research shows it is still decentralized and complex in most organizations. Continue Reading
-
Tip
26 Jul 2023
How to avoid LinkedIn phishing attacks in the enterprise
Organizations and users need to be vigilant about spotting LinkedIn phishing attacks by bad actors on the large business social media platform. Learn how to foil the attempts. Continue Reading
-
News
25 Jul 2023
Thoma Bravo sells Imperva to Thales Group for $3.6B
With the acquisition, Thales looks to expand its Digital Security and Identity business with an increased focus on protecting web applications and API. Continue Reading
-
Tip
25 Jul 2023
5 steps to approach BYOD compliance policies
It can be difficult to ensure BYOD endpoints are compliant because IT can't configure them before they ship to users. Admins must enforce specific policies to make up for this. Continue Reading