Category: Security Boulevard

These women are innovating in the cybersecurity field. How many of them do you know? The post The 10 Women in Cybersecurity You Need to Follow appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read…

Read more →

In August 2023, Russian threat actors targeted several government agencies worldwide with Microsoft Teams phishing attacks. Many of these attacks were successful because unsuspecting users fell for the lures set by the attackers—emails purporting to be from trusted senders. Unfortunately,…

Read more →

HSM Integration refers to the process of incorporating a Hardware Security Module (HSM) into an organization’s IT and security infrastructure. HSMs are physical devices designed to secure digital keys and perform cryptographic operations, such as encryption, decryption, and digital signing,…

Read more →

Authors/Presenters: *Zhaohan Xi, Tianyu Du, Changjiang Li, Ren Pang, Shouling Ji, Xiapu Luo, Xusheng Xiao, Fenglong Ma and Ting Wang* Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open…

Read more →

The Akira ransomware has been around for just more than a year, but has caused its share of damage, racking up more than 250 victims and pulling in about $42 million in ransom, according to law enforcement and cybersecurity agencies…

Read more →

A new book by Alan Shark offers an excellent guide and an AI road map for state and local governments. He answers basic questions that public-sector leaders are asking in 2024.    The post Review: ‘Artificial Intelligence — A Primer…

Read more →

Mobile application security testing is a critical aspect of modern software development, driven by the widespread use of mobile devices in our daily lives, which store vast amounts of personal data like photos, email access, social media accounts, and payment…

Read more →

Authors/Presenters: *Quan Yuan, Zhikun Zhang, Linkang Du, Min Chen, Peng Cheng, Mingyang Sun* Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated…

Read more →

Vaguely relevant but very cyber image from Dall-E One pattern I spotted after looking at the evolution of IT and security organizations over the years, including my time at Gartner is: change is hard, but transformation is harder. Perhaps it is an…

Read more →

The takedown this week of a massive phishing-as-a-service (PhaaS) operation spanned law enforcement agencies from both sides of the Atlantic and is the latest example of an increasingly aggressive approach by authorities to disrupt the operations of high-profile cybercriminal gangs.…

Read more →

Authors/Presenters: *Cheng-Long Wang, Mengdi Huai, Di Wang* Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via…

Read more →

Security testing allows you to evaluate the robustness of applications and systems and identify potential weaknesses that attackers may exploit. DAST and fuzzing are two popular, important, and proven security testing methods. DAST (dynamic application security testing) searches for security…

Read more →

Did you know that the total number of data breaches more than tripled between 2013 and 2022?  These breaches exposed 2.6 billion personal records in the past two years alone… The post Scaling Application Security With Application Security Posture Management…

Read more →

See how a SafeBreach Labs researcher bypassed the anti-tampering mechanism of a leading EDR to execute malicious code within one of the EDR’s own processes and altered the mechanism to gain unique, persistent, and fully undetectable capabilities. The post The…

Read more →

In light of cookie stealing attacks and to ensure Chrome browser protection, Google has recently piloted its new Chrome DBSC. The device-bound session credentials (DBSC) are aimed at protecting users against cookie theft that threat actors may carry out using…

Read more →

PHP Extended Lifecycle Support (ELS) allows you to continue using older versions of PHP while still receiving security updates for the language, without introducing breaking changes to your application. The first and obvious question might be, “Why would I want…

Read more →

The world advances based on innovation, and innovation can come from anywhere. The trouble is that the current capitalist economic system encourages large corporations to play conservatively with their products and their budgets while working to secure their own positions…

Read more →

In their haste to deploy LLM tools, organizations may overlook crucial security practices. The rise in threats like Remote Code Execution indicates an urgent need to improve security measures in AI development. The post Vulnerabilities for AI and ML Applications…

Read more →

Given the widespread use of third-party components in application development, identifying and remediating code vulnerabilities as early in development as possible is critical. As a result, many organizations turn to SCA tools, however traditional ones often deliver superficial code analysis…

Read more →

<a class=” sqs-block-image-link ” href=”https://xkcd.com/2921/” rel=”noopener” target=”_blank”> <img alt=”” height=”674″ src=”https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/b0b4c940-efc2-4c4f-bcf2-fa6a434060e6/eclipse_path_maps.png?format=1000w” width=”562″ /> </a><figcaption class=”image-caption-wrapper”> via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘Eclipse Path Maps’ appeared first on…

Read more →