;){kind=icon}
;){kind=icon}
;){kind=icon}
Interview with Dave Gerry – NTT Application Security
David Gerry serves as Chief Revenue Officer and Head of Operations at NTT Application Security. Read below to find out more about the company and his role in it.
Transform Your AppSec Program at RSA 2022
RSA Conference 2022 is coming up quickly and our team is excited to return and share what NTT Application Security (NTTAS) has been up to since the last in-person RSA back in 2020.
Step 1 to Resolving the Spring4Shell Vulnerability: Find It, Safely
The NTT AppSec Security Specialists provide the first step to resolving the Spring4Shell vulnerability and how Vantage Prevent can help.
RSA Conference 2022 Product Review
From security policy building to automated cybersecurity defense, Security magazine spotlights solutions from the 2022 RSA Conference.
Hackers Are Targeting Taxpayers. Here’s How to Protect Your Data
Tax season is very profitable for hackers.
Beware! That App You’re Downloading Might Not Be Real
The next app you download might look legitimate but actually contain harmful code that could steal your personal information.
Report: 50% of All Web Applications Were Vulnerable to Attacks in 2021
Global organizations continue to struggle against the rising tide of application-specific and web-application attacks
Key Application Security Metrics Show Few Signs of Improvement
A new study shows that organizations continued to take an inordinately long time to fix vulnerabilities and fixed fewer known issues in their environments last year than in 2020.
Massive LinkedIn Phishing, Bot Attacks Feed on the Job-Hungry
The phishing attacks are spoofing LinkedIn to target ‘Great Resignation’ job hunters, who are also being preyed on by huge data-scraping bot attacks.
Application Security Has Its Best Ever Chance For Success
The last year has been marked by the rapid progress of transformational DevOps models. IT teams are grappling with how to manage and scale infrastructures facing the sudden digital-first reality brought on by the global pandemic.
Sophisticated Ransomware Criminals Pose Growing Threat to Law Firms
The new year brings with it worrying trends about the rising threat to law firms posed by ever-more sophisticated ransomware attacks.
AdSanity, AccessPress Plugins Open Scads of WordPress Sites to Takeover
The WordPress content management system (CMS) is offering admins more headaches this week, thanks to a pair of disparate but concerning security problems in add-ons for the platform.
Log4J: Microsoft Discovers Attackers Targeting Undisclosed SolarWinds Vulnerability
Microsoft researchers have discovered a previously undisclosed vulnerability in the SolarWinds Serv-U software while monitoring threats related to Log4J vulnerabilities.
How to transform the role of a CISO for the digital-first economy
With any business venture, all organizations aim to minimize downside risks and maximize upside opportunities at some basic level. With the rapid transition to digital-first technologies, organizations are offering new products to improve customer experiences by delivering the value proposition of any time, any place.
Microsoft Warns of Continued Log4j Attacks
Microsoft has warned the security community that the Log4j vulnerabilities still represent a complex and high risk for companies across the globe, as this open-source component is widely used across many suppliers' software and services.
New NTT Application Security Solution Assists DevSecOps with App Testing
NTT Security AppSec Solutions Inc. today announced a solution that enables enterprises to conduct dynamic application security testing at each phase of the development cycle and prevent exploitable vulnerabilities from reaching production.
No Significant Intrusions Related to Log4j Flaw Yet, CISA Says
In the one month since news broke of a critical remote code execution vulnerability in the Log4j logging framework, there have been no major intrusions tied to the flaw in the US, officials from the Cybersecurity and Infrastructure Security Agency (CISA) said Monday.
NY AG Warns Credential Stuff Compromised 1.1M Accounts
New York Attorney General Letitia James has put 17 companies on notice that 1.1 million online accounts have been compromised by cyberattacks involving credential stuffing.
JFrog Researchers Find JNDI Vulnerability in H2 Database Consoles Similar to Log4shell
Security researchers from JFrog said on Thursday that they discovered a critical JNDI-based vulnerability in the H2 database console exploiting a root cause similar to Log4Shell.
Microsoft Sees Rampant Log4j Exploit Attempts, Testing
Microsoft says it’s only going to get worse: It’s seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December.
VA’s IT office used 9 SaaS apps that did not meet federal cloud requirements
The Office of Inspector General (OIG) for the Department of Veterans Affairs last week issued a report that claimed that a division in the VA’s Office of Information Technology (OIT) used SaaS applications and application programming interfaces (APIs) that did not meet federal security requirements.