Decipher’s new behind the scenes look at the weekly news with input from our sources. Topping the headlines this week are two key cybersecurity-related moves by the U.S. government.
The running list of prioritized vulnerabilities will evolve based on CISA's understanding of adversary activity, the agency said.
Under a new binding operational directive (BOD), CISA has developed a catalog of known, exploited vulnerabilities that federal agencies must address.
Application security (AppSec) in general — and application security testing (AST) specifically — are over as we know them.
In September 2020, security researchers discovered a document with names, social security numbers, addresses and grades in an underground forum.
Businesses and agencies today are spending an average of about 250 days to remediate high-severity risks, NTT Application Security found.
The education sector sees an improving window of exposure despite lower remediation rates and higher than average time to fix, according to an NTT report
The incident raises considerations for security for critical data housed in third-party infrastructure, researchers say.
A new report from IBM Security X-Force has found that two-thirds of cloud breaches can be traced to misconfigured application programming interfaces.
Users of HAProxy 2.0 and later versions are being urged to push through updates after a vulnerability was found that could allow "an attacker to bypass the check for a duplicate HTTP
Nowadays, much of the business world operates digitally. This has prompted many companies to invest in new digital offerings to better serve their customer base.
The average time taken to fix high severity application security flaws has increased by ten days in just a month, according to the latest data from NTT Application Security.
The threat landscape surrounding web, mobile and API-based applications is evolving rapidly.
Almost three-quarters of Web applications for businesses that handle accounting, auditing, finances, and operations have critical vulnerabilities every day of the year.
The scope of a cyberattack at T-Mobile US keeps growing, as the operator today confirmed personal data on at least 54 million people were exposed and stolen.
A newly disclosed flaw in software from BlackBerry Ltd. has resulted in warnings from U.S. government authorities due to its serious nature.
Zero-trust architecture is being adopted across all assets within network infrastructure—data, cloud, applications. And now, more frequently, developers are seeing zero-trust as a useful security approach for APIs.
A new Android Trojan has been identified by cybersecurity firm Zimperium, which released a report on Monday explaining how the malware has been able to hit more than 10,000 victims in 144 co
A new Android Trojan has been identified by cybersecurity firm Zimperium, which released a report on Monday explaining how the malware has been able to hit more than 10,000 victims in 144 countries.
Threats to web, mobile and API-based apps are developing rapidly and the average time taken to fix them isn't improving, with critical vulnerabilities remaining open on average for 202 days.
A new report from NTT Application Security found that the window of exposure for many companies' vulnerabilities is growing.