Businesses and agencies today are spending an average of about 250 days to remediate high-severity risks, NTT Application Security found.
The education sector sees an improving window of exposure despite lower remediation rates and higher than average time to fix, according to an NTT report
The incident raises considerations for security for critical data housed in third-party infrastructure, researchers say.
A new report from IBM Security X-Force has found that two-thirds of cloud breaches can be traced to misconfigured application programming interfaces.
Users of HAProxy 2.0 and later versions are being urged to push through updates after a vulnerability was found that could allow "an attacker to bypass the check for a duplicate HTTP
Nowadays, much of the business world operates digitally. This has prompted many companies to invest in new digital offerings to better serve their customer base.
The average time taken to fix high severity application security flaws has increased by ten days in just a month, according to the latest data from NTT Application Security.
The threat landscape surrounding web, mobile and API-based applications is evolving rapidly.
Almost three-quarters of Web applications for businesses that handle accounting, auditing, finances, and operations have critical vulnerabilities every day of the year.
The scope of a cyberattack at T-Mobile US keeps growing, as the operator today confirmed personal data on at least 54 million people were exposed and stolen.
A newly disclosed flaw in software from BlackBerry Ltd. has resulted in warnings from U.S. government authorities due to its serious nature.
Zero-trust architecture is being adopted across all assets within network infrastructure—data, cloud, applications. And now, more frequently, developers are seeing zero-trust as a useful security approach for APIs.
A new Android Trojan has been identified by cybersecurity firm Zimperium, which released a report on Monday explaining how the malware has been able to hit more than 10,000 victims in 144 co
A new Android Trojan has been identified by cybersecurity firm Zimperium, which released a report on Monday explaining how the malware has been able to hit more than 10,000 victims in 144 countries.
Threats to web, mobile and API-based apps are developing rapidly and the average time taken to fix them isn't improving, with critical vulnerabilities remaining open on average for 202 days.
A new report from NTT Application Security found that the window of exposure for many companies' vulnerabilities is growing.
Each month in 2021, NTT Application Security has been tracking the state of application security and the threat landscape, paying particular attention to the window of exposure (WoE), vulnerability by class and time to fix.
Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others.
Verizon will be working with Google to bring the Rich Communications Service (RCS) standard to Android users in the US starting next year, joining T-Mobile and AT&T which both announced the switch earlier this year.
The revelation that Israeli company NSO Group’s spy software Pegasus was targeting the smartphones of activists, journalists and business executives sent a shockwave through the international press.
Microsoft has now released patches to protect all versions of Windows against the critical PrintNightmare flaw. On Tuesday, the company had deployed fixes to cover most but not all editions of Windows.
The latest zero-day entails an attack chain that allows an unauthenticated intruder to execute code as root and install a permanent backdoor on the vendor’s network-attached storage (NAS) devices. It’s found in all Western Digital NAS devices running the old, no-longer-supported My Cloud 3 operating system.
The cryptocurrency brokerage of Robinhood Markets Inc. expects to pay New York regulators a penalty of at least $10 million for allegedly violating state rules on cybersecurity and anti-money-laundering practices, the company said in filings last week.
For many industries, the pandemic was a time of economic uncertainty, great technological change and reflection about where they and their services fit into a post-COVID reality.
WhiteHat Security published their latest installment of the AppSec Stats Flash report and podcast, surveying the current state of the application security and wider threat landscape.
The cybersecurity industry has become so essential and exciting. What is coming around the corner? What are the concerns we should keep an eye out for?
The report, titled AppSec Stats Flash, shows that utility companies have the widest exposure in their applications vulnerabilities.
A new report from WhiteHat Security has found that the average time taken to fix critical cybersecurity vulnerabilities has increased from 197 days in April 2021 to 205 days in May 2021.
The threat of cyberattacks continues to rise unabated, and Washington is taking urgent notice.
A new report from WhiteHat Security measured the amount of time a sector remained vulnerable to a known application exploit out in the wild, a metric they call an industry’s window of exposure (WoE).
Around 2% of the 1,000 top-grossing apps in the Apple App Store are scams, according to a recent analysis by The Washington Post.