The DevOps vs. DevSecOps debate has recently been gaining more and more momentum in IT circles. However, these two concepts aren’t competitors; rather, they comprehend each other. It’s important to understand the difference between DevOps and DevSecOps to choose the…
Stopping Criminals from Profiting Off Malware Requires a New Approach
By CW Walker, Director, Security Product Strategy at SpyCloud The first three quarters of 2022 saw the total detection of over 62.29 million new types of malware – approximately 228,000 new threats […] The post Stopping Criminals from Profiting Off Malware Requires…
The Data Dilemma: Balancing Business Growth and Security
By Noah Johnson, Co-Founder & CTO of Dasera In today’s digital age, data is the lifeblood of business growth. With large amounts of data sprawled across multiple platforms, companies must […] The post The Data Dilemma: Balancing Business Growth and…
Cisco Counterfeiter Pleads Guilty to $100m Scheme
Dual US/Turkish citizen ran at least 19 companies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cisco Counterfeiter Pleads Guilty to $100m Scheme
New PowerDrop Malware Discovered Targeting U.S. Aerospace Industry
Researchers announced finding a sample of the new PowerDrop malware in the network of a defense contractor in the U.S. The discovery indicates that threat actors use PowerShell-based malware to attack the U.S. aerospace defense industry. The new PowerDrop malware…
Experts call for overhaul of ‘outdated’ critical infrastructure cyber policy
A new report analyzes the federal government’s approach to infrastructure cybersecurity as a key strategy document is getting a rewrite. This article has been indexed from FCW – All Content Read the original article: Experts call for overhaul of ‘outdated’…
PCI DSS 4.0 Requirements – Protect Stored Account Data and Protect Cardholder Data During Transmission
If someone asked you “are you protecting your data,” your initial response would probably be to clarify what they are referring to specifically, since the question is so broadly stated. You could just reply with a terse “Yes,” but that…
Tripwire Patch Priority Index for May 2023
Tripwire’s May 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Edge. These patches resolve elevation and security feature bypass vulnerabilities. Up next are 3 patches…
FBI Warns of Surge in Deepfake Sextortion Attempts
Fake imagery is being used to harass and extort victims This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: FBI Warns of Surge in Deepfake Sextortion Attempts
The Risks and Ethical Implications of AI Clones
The rapid advancement of artificial intelligence (AI) technology has opened up a world of exciting possibilities, but it also brings to light important concerns regarding privacy and security. One such emerging issue is the creation of AI clones based on…
CVEs Surge By 25% in 2022 to Another Record High
Volume of new vulnerabilities has increased three-fold in a decade This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CVEs Surge By 25% in 2022 to Another Record High
+60,000 Android apps spotted hiding adware for past six months
Bitdefender researchers have discovered 60,000 different Android apps secretly installing adware in the past six months. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices. The…
IT threat evolution Q1 2023. Mobile statistics
The smartphone threat statistics for Q1 2023 includes data for Android malware, adware, banking Trojans and ransomware. This article has been indexed from Securelist Read the original article: IT threat evolution Q1 2023. Mobile statistics
IT threat evolution Q1 2023
Recent BlueNoroff and Roaming Mantis activities, new APT related to the Russo-Ukrainian conflict, ChatGPT and threat intelligence, malvertising through search engines, cryptocurrency theft campaign and fake Tor browser This article has been indexed from Securelist Read the original article: IT…
IT threat evolution in Q1 2023. Non-mobile statistics
PC malware statistics for the Q1 2023 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices. This article has been indexed from Securelist Read the original article: IT threat evolution in Q1 2023.…
Why performing security testing on your products and systems is a good idea
How to make developers love security
In my last post I discussed how developers can be your security secret weapon… but how to help them love doing security work? That’s a whole other challenge! Stories of the tension between developers and security teams are a longstanding…
Apple offers new privacy and security protections at WWDC
During the recent Worldwide Developers Conference (WWDC), Apple Inc. unveiled a range of new privacy and security features designed to enhance user protection. One notable feature is aimed at safeguarding children against online spying tools, while another focuses on maintaining…
Will zero trust make any sense in enterprise cyber world
Zero Trust is an emerging cybersecurity framework that challenges the traditional perimeter-based security model. In the enterprise cyber world, where the threat landscape is constantly evolving, Zero Trust offers a compelling approach to enhancing security and protecting sensitive data. Here’s…
New PowerDrop Malware Targeting U.S. Aerospace Industry
An unknown threat actor has been observed targeting the U.S. aerospace industry with a new PowerShell-based malware called PowerDrop. “PowerDrop uses advanced techniques to evade detection such as deception, encoding, and encryption,” according to Adlumin, which found the malware implanted in an…
Current SaaS security strategies don’t go far enough
Many recent breaches and data leaks have been tied back to SaaS apps, according to Adaptive Shield. “We wanted to gain a deeper understanding of the incidents within SaaS applications and how organizations are building their threat prevention and detection…
Public sector apps show higher rates of security flaws
Applications developed by public sector organizations tend to have more security flaws than applications created by the private sector, according to Veracode. The findings are notable because increased numbers of flaws and vulnerabilities in applications correlate with increased levels of…
Embracing realistic simulations in cybersecurity training programs
In this Help Net Security video, Ed Adams, CEO of Security Innovation, discusses the shifts in cybersecurity training. 60% of companies now include realistic simulations in their cybersecurity training programs compared to 36% in 2020. According to Security Innovation research,…
Sharing your business’s data with ChatGPT: How risky is it?
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. As a natural language processing model, ChatGPT –…
Phishing-resistant MFA 101: What you need to know
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The spread of the remote workforce and the…
The role of cybersecurity in financial institutions -protecting against evolving threats
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Cybersecurity is practice of protecting information technology (IT)…
The intersection of telehealth, AI, and Cybersecurity
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Artificial intelligence is the hottest topic in tech…