With any business venture, all organizations aim to minimize downside risks and maximize upside opportunities at some basic level. With the rapid transition to digital-first technologies, organizations are offering new products to improve customer experiences by delivering the value proposition of any time, any place.
Microsoft has warned the security community that the Log4j vulnerabilities still represent a complex and high risk for companies across the globe, as this open-source component is widely used across many suppliers' software and services.
NTT Security AppSec Solutions Inc. today announced a solution that enables enterprises to conduct dynamic application security testing at each phase of the development cycle and prevent exploitable vulnerabilities from reaching production.
In the one month since news broke of a critical remote code execution vulnerability in the Log4j logging framework, there have been no major intrusions tied to the flaw in the US, officials from the Cybersecurity and Infrastructure Security Agency (CISA) said Monday.
New York Attorney General Letitia James has put 17 companies on notice that 1.1 million online accounts have been compromised by cyberattacks involving credential stuffing.
Security researchers from JFrog said on Thursday that they discovered a critical JNDI-based vulnerability in the H2 database console exploiting a root cause similar to Log4Shell.
Microsoft says it’s only going to get worse: It’s seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December.
The Office of Inspector General (OIG) for the Department of Veterans Affairs last week issued a report that claimed that a division in the VA’s Office of Information Technology (OIT) used SaaS applications and application programming interfaces (APIs) that did not meet federal security requirements.
Software demand has skyrocketed for nearly a decade now, but COVID-19 further accelerated the trend by pushing businesses to rapidly develop and adopt technologies for remote work and customer interaction.
Online shopping safety with Craig Hinkley, NTT Application Security
A new report from NTT Application Security has found that 94% of consumers understand the risks of online shopping.
Only 25% of consumers surveyed by NTT Application Security said they'd take their online business elsewhere following a data breach.
Decipher’s new behind the scenes look at the weekly news with input from our sources. Topping the headlines this week are two key cybersecurity-related moves by the U.S. government.
The running list of prioritized vulnerabilities will evolve based on CISA's understanding of adversary activity, the agency said.
Under a new binding operational directive (BOD), CISA has developed a catalog of known, exploited vulnerabilities that federal agencies must address.
Application security (AppSec) in general — and application security testing (AST) specifically — are over as we know them.
In September 2020, security researchers discovered a document with names, social security numbers, addresses and grades in an underground forum.
Businesses and agencies today are spending an average of about 250 days to remediate high-severity risks, NTT Application Security found.
The education sector sees an improving window of exposure despite lower remediation rates and higher than average time to fix, according to an NTT report
The incident raises considerations for security for critical data housed in third-party infrastructure, researchers say.
A new report from IBM Security X-Force has found that two-thirds of cloud breaches can be traced to misconfigured application programming interfaces.
Users of HAProxy 2.0 and later versions are being urged to push through updates after a vulnerability was found that could allow "an attacker to bypass the check for a duplicate HTTP
Nowadays, much of the business world operates digitally. This has prompted many companies to invest in new digital offerings to better serve their customer base.