attack

attack news search results

Developer news items we found relating to attack

35 results
ImmuniWeb-Neuron-web-security-scanning

ImmuniWeb Neuron web security scanning


Friday, June 10, 2022 by

ImmuniWeb has announced the launch of ImmuniWeb Neuron, a web application and API web security scanning solution that is based on the award-winning ImmuniWeb AI Platform available. ImmuniWeb Neuron is designed to rapidly scan tens, hundreds, or even thousands of web applications and APIs for vulnerabilities, weaknesses, and misconfigurations. It c...


Metaverse-land-sale-announced-by-Billionaire-Zombies-Club

Metaverse land sale announced by Billionaire Zombies Club


Thursday, June 9, 2022 by

Billionaire Zombies Club (BZC) has officially announced its metaverse land sale. In what has been a rather historic rise for one of the earliest Polygon-based NFT communities, BZC as the community is affectionately known has spawned a rather unique ethos, movement, and aesthetic that now influences projects across the globe. Since its launch late last year, BZC has s...


Mitigating-API-attacks-in-2022

Mitigating API attacks in 2022


Wednesday, January 5, 2022 by

Nathanael Coffing, co-founder and CSO of Cloudentity, is also a board member. Nathanael has over 20 years of management and architecture experience across identity, security, microservices, and IT domains. Prior to founding Cloudentity, he founded OrchIS.io and helped build numerous technology startups leveraging his experience at Sun, Oracle, Imperva, Washington Mutual...


Software-cyberattack-predictions-for-2022

Software cyberattack predictions for 2022


Tuesday, January 4, 2022 by

Nigel Thorpe hails from a software development background and moved to the IT security industry with Entrust Technologies during the early days of PKI. His knowledge has benefited a number of security companies in the UK, Canada, and the USA, and he now serves as Technical Director at SecureAge Technology. With a wide range of experience in different business environmen...


StorONE-launches-backup-storage

StorONE launches backup storage


Friday, November 19, 2021 by

The latest ransomware variants perform what is known as sleeper attacks, which avoid discovery by slowly infecting data. By the time an organization realizes it is dealing with a ransomware attack, a high percentage of data is encrypted. Modern backup storage needs to not only provide immutability of backup data it must do so, without impacting performance for pote...


Oxeye-closes-a-$5.3-Million-seed-financing-round

Oxeye closes a $5.3 Million seed financing round


Thursday, November 4, 2021 by

Oxeye announced the closing of a $5.3 Million seed financing round led by MoreVC, a seed-stage venture capital fund in Israel. The latest round includes support from i3 Equity Partners, and other cybersecurity focused investors as the company prepares to protect the world’s most popular Web applications with next-generation cloud-native Application Security Testin...


Offshore-software-developers-risks-and-advantages

Offshore software developers risks and advantages


Thursday, October 28, 2021 by

The onset of COVID-19 has hastened CEOs’ prioritization of digital transformation to future-proof their organizations. This paradigm change is driving the IT outsourcing spend to improve operational agility, integrate new technologies, and achieve cost-savings and faster time-to-market. Risks and advantages of using offshore software developers The pandemic ...


Protecting-source-code

Protecting source code


Wednesday, October 6, 2021 by

Earlier this year, EA (Electronic Arts), reported a cyberattack and the theft of some 780GB of source code for games such as FIFA 21 and the proprietary Frostbite game engine used for many other high-profile games such as Battlefield. The threat actors responsible for the EA data breach put the stolen data up for sale on an underground hacking forum for $28 million, pro...


Faster-customer-integrations-from-HackerOne

Faster customer integrations from HackerOne


Thursday, July 29, 2021 by

Tray.io has announced that HackerOne is using Tray Embedded to develop and deliver powerful customer integrations at scale. With Tray Embedded, HackerOne quadrupled its integration delivery speed to maximize developer efficiency and reduce the integration maintenance burden. Armed with seamless integrations, HackerOne customers can spend less time context-switching...


Compliance-automation-will-take-center-stage-this-year

Compliance automation will take center stage this year


Wednesday, May 26, 2021 by

Compliance automation uses artificial intelligence features and technology to make compliance procedures easier - according to most sources on the web, about the meaning of compliance automation.  Progress Software CEO Yogesh Gupta says with smart companies turning to a compliance-as-code approach to keep infrastructure, apps, and end-user devices secure and com...


Not-all-security-vulnerabilities-are-created-equal

Not all security vulnerabilities are created equal


Tuesday, May 25, 2021 by

Applications are the heart of employee and user productivity. There are billions of applications each with a specific function, value and, unfortunately, they also provide one of the easiest openings for cybercriminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the concept o...


Six-areas-of-focus-for-continuous-security

Six areas of focus for continuous security


Friday, April 16, 2021 by

Applications are the heart of employee and user productivity. There are billions of applications each with a specific function and value and, unfortunately, they also provide one of the easiest openings for cyber criminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the conce...


CircleCI-brings-privacy-enhancements-for-teams-across-the-enterprise

CircleCI brings privacy enhancements for teams across the enterprise


Monday, February 22, 2021 by

CircleCI introduced new platform updates to increase the control, protection, privacy, and confidence of today’s engineering teams.   Business leaders are concerned with the growth of remote-only and its impact on security. In fact, research shows 28 percent of leaders in 2020 were anticipated to prioritize improving application security capabilities ...


Improving-security-posture-with-static-application-security-testing-

Improving security posture with static application security testing


Friday, February 12, 2021 by

Amid the worldwide pursuit of digital transformation, the software has seen a meteoric rise, and application security has become paramount. As more companies become software-centric, they publish more applications, increasing the risk vulnerable code will be released. To help reduce this risk, static application security testing (SAST) can help dev teams find and fix we...


Zero-trust-framework-no-longer-optional-2021-predictions

Zero trust framework no longer optional 2021 predictions


Tuesday, January 12, 2021 by

There’s no doubt that COVID-19 and the shift to remote work have accelerated Zero Trust adoption in the enterprise. In 2021 and the following years, implementing a Zero Trust approach will become essential to protecting every enterprise, regardless of industry. This is due to the increasing volume of cyberthreats that organizations and individuals face on a regula...


API-sprawl-security-concern-predictions-of-2021-from-Volterra

API sprawl security concern predictions of 2021 from Volterra


Wednesday, January 6, 2021 by

As organizations continue to digitally transform business processes, they are increasingly transitioning from legacy applications to modern, cloud-native apps. These intricate modern apps feature far more APIs than their predecessors including API sprawl. Since these apps are built with extensive microservices, many of these APIs are deeply embedded and hidden. Th...


5-mistakes-businesses-make-in-application-development

5 mistakes businesses make in application development


Friday, October 23, 2020 by

5 Mistakes Businesses Make While Prioritizing Speed Over Security in Application Development Earlier this year, the Democratic party in Iowa announced its plans to use a smartphone app to calculate and transmit their caucus results. One would think that by using technology to improve the speed of governance, what could possibly go wrong? A lot, apparently. The a...


GitLab-acquires-Peach-Tech-and-Fuzzit

GitLab acquires Peach Tech and Fuzzit


Friday, June 12, 2020 by

GitLab announced it has acquired Peach Tech and Fuzzit. These acquisitions will add fully-mature testing solutions including protocol fuzzing, API fuzzing, DAST API testing, and coverage-guided fuzz testing. This makes GitLab’s DevSecOps offering the first security solution to offer both coverage-guided and behavioral fuzz testing techniques as well as the fi...


Linux-and-LISH-release-census-for-open-source-security

Linux and LISH release census for open source security


Wednesday, February 19, 2020 by

The Linux Foundation’s Core Infrastructure Initiative (CII) and the Laboratory for Innovation Science at Harvard (LISH), announced the release of ‘Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software. This Census II analysis and report represent important steps towards understanding and addressing structural and s...


Microsoft-DART-team-tracks-77k-active-web-shells

Microsoft DART team tracks 77k active web shells


Thursday, February 6, 2020 by

In a blog post promoting the capabilities of its commercial security platform, Microsoft said that on a daily basis the company's security team detects and tracks on average around 77,000 active web shells, spread across 46,000 infected servers. According to ZDNet, these numbers are staggering, since the 77,000 figure is far larger than any previous reports about...


Data-Privacy-Day-2020-is-here

Data Privacy Day 2020 is here


Tuesday, January 28, 2020 by

Data Privacy Day is here, and with the recent implementation of the California Consumer Privacy Act, the timing could not be better to discuss the importance of taking steps to protect sensitive data while also keeping personal data private and secure. Similar to GDPR, CCPA will have a profound impact on data privacy and protection, making this year’s Data Priv...


Decentralized-technologies-solve-Illiquidity-problems

Decentralized technologies solve Illiquidity problems


Tuesday, December 17, 2019 by

Illiquidity is one of the major factors affecting global financial markets. Digitizing new assets and finding corresponding buyers and sellers is difficult and costly. Much has been said about the potential for decentralized technologies to solve these problems, but current offerings fundamentally lack the necessary performance guarantees, feature set, and architectural...


StrandHogg-Android-vulnerability-identified

StrandHogg Android vulnerability identified


Thursday, December 5, 2019 by

Promon, a Norwegian app security company, has identified tangible evidence of a dangerous Android vulnerability that allows malware to pose as any legitimate app, granting hackers access to private SMS’ and photos, steal victims’ log-in credentials, track movements, make and/or record phone conversations, and spy through a phone’s camera and microphone...


Zero-Trust-platform-from-Pulse-Secure-is-enhanced

Zero Trust platform from Pulse Secure is enhanced


Tuesday, October 29, 2019 by

Pulse Secure announced that it has introduced new Secure Access management and threat mitigation capabilities within its Zero Trust Network Access platform. Through these enhancements, Pulse Secure enables enterprise and service provider organizations to progress Zero Trust security and mitigate hybrid IT risks while simplifying access to multi-cloud and data center res...


Zeroday-vulnerability-announced-byMcAfee-at-Defcon

Zeroday vulnerability announced byMcAfee at Defcon


Monday, August 19, 2019 by

At DEFCON, McAfee has announced the discovery of a zero-day vulnerability in a commonly used Delta industrial control system. The vulnerability found in the Delta enteliBUS Manager could allow malicious actors complete control of the operating system, enabling remote manipulation of access control systems, boiler rooms, temperature control for critical systems and mo...


Elastic-Stack-7.3-brings-maps-and-more

Elastic Stack 7.3 brings maps and more


Monday, August 5, 2019 by

Elastic has delivered Elastic Stack 7.3, which includes some very cool new features such as data frames, anomaly detection, elastic maps, and more. Check out all the highlights of the latest release below. Elastic Stack 7.3 highlights  Data frames: a new feature that allows users to pivot their Elasticsearch data on the fly to create live entity-centric in...


One-click-microsegmentation-platform-from-Edgewise

One click microsegmentation platform from Edgewise


Thursday, June 20, 2019 by

Edgewise Networks launched its new platform that radically simplifies the creation and management of zero trust environments with one-click microsegmentation. In seconds, companies can stop internal network attacks that have bypassed perimeter defenses. The benefits include a significantly reduced network attack surface, operational efficiency for policy creation and ma...


Making-things-easy-for-the-developer-is-ActiveState

Making things easy for the developer is ActiveState's mission


Tuesday, April 2, 2019 by

ActiveState added enhancements to its ActiveState Platform, a SaaS offering, benefiting contributors, maintainers and users facing challenges with Python and other open source languages. The new features will give ActiveState Platform account holders the flexibility to fork an existing language distribution and install it into a virtual environment. Developers elimin...


API-security-testing-just-got-easier-with-42Crunch

API security testing just got easier with 42Crunch's new scanner


Thursday, March 21, 2019 by

42Crunch officially released the 42Crunch API Platform, an API security cloud platform to discover vulnerabilities in APIs and protect them from attack. The 42Crunch Platform can protect SaaS, Web, or IoT APIs, as well as microservices. This follows the launch of the free API Contract Security Audit tool at APISecurity.io earlier this month. The tool helps API d...


Running-applications-directly-from-Cohesity-now-possible

Running applications directly from Cohesity now possible


Monday, March 4, 2019 by

Cohesity announced new capabilities that empower enterprises to run applications from Cohesity as well as third parties directly on the Cohesity DataPlatform. This milestone is a big step forward in empowering enterprises to derive insights from their most valuable business asset, their data.  This is the first time that enterprises are able to run applications ...


This-DDoS-report-could-help-you-avoid-a-security-disaster

This DDoS report could help you avoid a security disaster


Thursday, January 10, 2019 by

MazeBolt Technologies, the company offering DDoS threat assessment, has released ”The State of DDoS Protection Report,” the first global independent report about DDoS mitigation effectiveness. ”Since DDoS mitigation started in the late 1990s, enterprises have had little to no visibility on how effective their DDoS mitigation actually is,” said...


Join-us-for-a-free-mobile-app-security-threats-webinar-on-Tuesday

Join us for a free mobile app security threats webinar on Tuesday


Friday, December 7, 2018 by

In 2016, a record 3 billion Yahoo accounts were hacked, and Uber reported that hackers stole the information of over 57 million accounts. Then in 2017, 412 million user accounts were taken from Friendfinder’s sites, and 147.9 million consumers were affected by the Equifax Breach. In 2018, Under Armor said that that it's My Fitness Pal app was hacked, affecting...


What-does-the-Kubernetes-privilege-escalation-flaw-mean

What does the Kubernetes privilege escalation flaw mean


Tuesday, December 4, 2018 by

Bringing together powerful applications into containerized services that are open source can have their drawbacks, as recently discovered by the RedHat issued a critical Security Advisory and patches for CVE-2018-1002105, a privilege escalation flaw impacting Kubernetes. Sumo Logic CSO, George Gerchow weighs in: "The Kubernetes vulnerability is a huge deal, even...


AI-for-cybersecurity-

AI for cybersecurity


Tuesday, November 27, 2018 by

As organizations struggle to deal with the growing sophistication of hackers and the influx in data breaches, it's becoming clear that AI could be a critical tool for automatically defending applications from cyber attacks - but there are challenges to overcome. Ivan Novikov, the CEO of AI security company Wallarm, offers some insight below on how AI can be utilized...


IAST-supports-AppSec-efficiencies-while-cutting-costs-and-headaches

IAST supports AppSec efficiencies while cutting costs and headaches


Monday, November 26, 2018 by

It’s easy to feel passionate about interactive application security testing (IAST) in the world of application security. You see, IAST makes security testing almost invisible. It’s not something that requires a highly trained team to be brought in to carry out and analyze testing results. It doesn’t hold up other teams or processes from moving forward....