security Archives - Cyber Security Minute

PoC exploit code for critical Fortinet FortiNAC bug released online

Issued by: Security Affairs

Researchers at Horizon3 cybersecurity firm have released a proof-of-concept exploit for a critical-severity vulnerability, tracked as CVE-2022-39952, in Fortinet’s FortiNAC network access control solution. Last week, Fortinet has released security updates to address two critical vulnerabilities in FortiNAC and FortiWeb solutions. The two vulnerabilities, tracked as CVE-2022-39952 and CVE-2021-42756, are respectively an external control of…

News

Cyberthreats, Regulations Mount for Financial Industry

Issued by: Dark Reading

The cybersecurity landscape for financial institutions and finance technology (fintech) has changed dramatically in the past few years, and 2023 will likely be no different. In 2022, for example, distributed denial-of-service (DDoS) attacks targeting financial firms increased by 22% worldwide, compared to the previous year, according to a joint report published by the Financial Services…

Application Security

API management (APIM): What It Is and Where It’s Going

Issued by: Security Affairs

So, where does this leave businesses that want to leverage the power of APIs? For starters, they need to invest in an API security strategy that covers all their bases. A robust strategy will be held up by a number of different tools and methodologies, including API management (APIM). In this article, we’re taking a…

Software Security

QuSecure launches quantum-computing based security for endpoints

Issued by: CSO Online

QuSecure, a quantum-computing technology company based in Silicon Valley, today announced the latest version of its security platform, called QuEverywhere — designed to allow organizations to extend quantum-safe security all the way to endpoints like laptops and smartphones, the company said in a statement. QuEverywhere, according to the company, is an app- or browser-based method…

Vulnerabilities

Why the Culture Shift on Privacy and Security Means Today’s Data Looks Different

Issued by: Dark Reading

Over the past 15 years, several events have reshaped how we think about data — what it means from a business perspective and what rights individuals have regarding how their personal information is used. Data security governance undoubtedly will play a large role in the future; however, conversations are still in relatively early stages. In…

Application Security

Darwinium Raises $10 Million for Customer Protection Platform

Issued by: Security Week

The security and fraud prevention firm’s platform identifies bad behavior in real time by continuously assessing users’ digital interactions across websites, applications, and APIs. Darwinium says it takes a new approach to customer protection by combining internal cybersecurity tools with fraud-prevention tools, in a single view. The startup aims to prevent account compromise and online…

Application Security, Software Security

The Makings of a Successful Threat-Hunting Program

Issued by: Dark Reading

Over the last few years, an influx of high-profile industry security issues (PDF) have placed offensive tactics among the top priorities for corporations to help mitigate the risk of a potential attack. With many companies opting to continue remote and hybrid working environments, potential security risks cannot go ignored or be left to chance, and…

Software Security

Proofpoint Introduces a Smarter Way to Stay Compliant with New Intelligent Compliance Platform

Issued by: Dark Reading

Proofpoint Inc., a leading cybersecurity and compliance company, today announced the launch of its Intelligent Compliance Platform, offering enterprises modern regulatory compliance safeguards while simplifying corporate legal protection practices. The platform leverages Proofpoint’s proprietary machine learning engine to provide business leaders with AI-powered collection, classification, detection, prevention, search, eDiscovery, supervision, and next generation predictive analytics…

Application Security

Mudge Blows Whistle on Alleged Twitter Security Nightmare

Issued by: Dark Reading

Twitter’s former head of security has blown the whistle on what he characterizes as sprawling cybersecurity weaknesses, including vulnerabilities that could lay the social media platform open to cyberattacks that could have major national-security implications. That’s the allegation from Peiter “Mudge” Zatko, who sent a 200+-page disclosure to Congress detailing issues that he claims could…