Application Security Archives - Page 3 of 29

Every Application Journey Needs a Cybersecurity Platform

Issued by: DataBreach Today

The desire for digital acceleration has led organizations to drive toward delivering faster and better application experiences and to bring applications and data closer to users and devices. Many organizations realize that application journeys are fluid in practice because applications can live anywhere from data centers to hybrid and multi-clouds to edge compute. The reason…

Application Security

Zimbra Zero-Day Demands Urgent Manual Update

Issued by: Dark Reading

Teams running the Zimbra Collaboration Suite version 8.8.15 are urged to apply a manual fix against a recently discovered zero-day vulnerability that’s being actively exploited in the wild. The Zimbra cloud suite offers email, calendar functions, and other enterprise collaboration tools. The vulnerability compromises the security of data on Zimbra servers, the company said in…

Application Security

Apple Objects to UK Bill That Would Break Encrypted Messaging

Issued by: Dark Reading

Apple has joined more than 80 technology experts and organizations in an appeal to UK lawmakers to consider the broader privacy ramifications of pending legislation called the Online Safety Bill. The legislation, moving its way through Parliament, is intended to force accountability for technology platforms used to distribute child abuse materials. Platforms like iMessage and…

Application Security

Application Security Testing vs. API Security Testing

Issued by: DataBreach Today

As organizations continue to embrace digital transformation, it’s essential to ensure that applications and APIs are protected. Application security testing, or AST, and API security testing are important components of a comprehensive cybersecurity strategy. AST is the process of analyzing application code and configurations to identify potential vulnerabilities. API security testing ensures that APIs are…

Application Security

Use of Multifactor Authentication (MFA) Nearly Doubles Since 2020, Okta Secure Sign-in Trends Reports Finds

Issued by: Dark Reading

Okta, Inc. (NASDAQ: OKTA), the leading independent identity partner, today announced the release of its international Secure Sign-In Trends Report. The report, which analyzes billions of monthly workforce customer logins to Okta Workforce Identity Cloud across more than 16 industries around the world, reveals that the use of multi-factor authentication (MFA) has nearly doubled since…

Application Security

OX Security Launches OX-GPT, AppSec’s First ChatGPT Integration

Issued by: Dark Reading

OX Security, a leader in software supply chain security, today announced the launch of OX-GPT, the first ChatGPT integration to improve software supply chain security. With the new integration, OX now presents developers with customized fix recommendations and cut and paste code fixes, providing for quick remediation of critical security issues across the software supply…

Application Security

Google leaking 2FA secrets – researchers advise against new “account sync” feature for now

Issued by: Naked Security

The Google Authenticator 2FA app has featured strongly in cybersecurity news stories lately, with Google adding a feature to let you backup your 2FA data into the cloud and then restore it onto other devices. To explain, a 2FA (two-factor authentication) app is one of those programs that you run on your mobile phone or…

Application Security

‘Good’ AI Is the Only Path to True Zero-Trust Architecture

Issued by: Dark Reading

Threat actors armed with artificial intelligence (AI) tools like ChatGPT can pass the bar exam, ace an Advanced Placement biology course, and even create polymorphic malware. It’s up to the cybersecurity community to put AI to work to combat it. RSA CEO Rohit Ghai used the opening keynote of this year’s RSAC in San Francisco,…

Application Security

Double zero-day in Chrome and Edge – check your versions now!

Issued by: Naked Security

If you’re a Google Chrome or Microsoft Edge browser fan, you’re probably getting updates automatically and you’re probably up to date already. However… …just in case you’ve missed any updates recently, we suggest you go and check right now, because the Chromium browser core, on which both Edge and Chrome are based, has patched not…

Application Security

Google Warns of New Chrome Zero-Day Attack

Issued by: SecurityWeek

Google on Friday joined the list of vendors dealing with zero-day attacks, rolling out a major Chrome Desktop update to fix a security defect that’s already been exploited in the wild. The high-severity vulnerability, tracked as CVE-2023-2033, is described as a type confusion in the Chrome V8 JavaScript engine. “Google is aware that an exploit…