application security – Page 11

GitHub Enterprise Server Gets New Security Capabilities

Posted on August 30, 2023 by Ionut Arghire

GitHub Enterprise Server 3.10 released with additional security capabilities, including support for custom deployment rules.
The post GitHub Enterprise Server Gets New Security Capabilities appeared first on SecurityWeek.
Continue reading GitHub Enterprise Server Gets New Security Capabilities→

Signs of Malware Attack Targeting Rust Developers Found on Crates.io

Posted on August 28, 2023 by Eduard Kovacs

The Crates.io Rust package registry was targeted in preparation of a malware attack aimed at developers, according to Phylum.
The post Signs of Malware Attack Targeting Rust Developers Found on Crates.io appeared first on SecurityWeek.
Continue reading Signs of Malware Attack Targeting Rust Developers Found on Crates.io→

What you need to know about protecting your data across the hybrid cloud

Posted on August 18, 2023 by Edith Mendez

The adoption of hybrid cloud environments driving business operations has become an ever-increasing trend for organizations. The hybrid cloud combines the best of both worlds, offering the flexibility of public cloud services and the security of private on-premises infrastructure. We also see an explosion of SaaS platforms and applications, such as Salesforce or Slack, where […]

The post What you need to know about protecting your data across the hybrid cloud appeared first on Security Intelligence.

Continue reading What you need to know about protecting your data across the hybrid cloud→

Google Brings AI Magic to Fuzz Testing With Eye-Opening Results

Posted on August 17, 2023 by Ryan Naraine

Google sprinkles magic of generative-AI into its open source fuzz testing infrastructure and finds immediate success with code coverage.
The post Google Brings AI Magic to Fuzz Testing With Eye-Opening Results appeared first on SecurityWeek.
Continue reading Google Brings AI Magic to Fuzz Testing With Eye-Opening Results→

Gozi strikes again, targeting banks, cryptocurrency and more

Posted on August 17, 2023 by Itzik Chimino

In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for its advanced capabilities. Over time, Gozi underwent a significant transformation and became associated with other […]

The post Gozi strikes again, targeting banks, cryptocurrency and more appeared first on Security Intelligence.

Continue reading Gozi strikes again, targeting banks, cryptocurrency and more→

Vulnerability management, its impact and threat modeling methodologies

Posted on August 10, 2023 by Gaurang Joshi

Vulnerability management is a security practice designed to avoid events that could potentially harm an organization. It is a regular ongoing process that identifies, assesses, and manages vulnerabilities across all the components of an IT ecosystem. Cybersecurity is one of the major priorities many organizations struggle to stay on top of. There is a huge […]

The post Vulnerability management, its impact and threat modeling methodologies appeared first on Security Intelligence.

Continue reading Vulnerability management, its impact and threat modeling methodologies→

X-Force releases detection & response framework for managed file transfer software

Posted on August 9, 2023 by John Dwyer

How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response […]

The post X-Force releases detection & response framework for managed file transfer software appeared first on Security Intelligence.

Continue reading X-Force releases detection & response framework for managed file transfer software→

Patch Tuesday: Adobe Patches 30 Acrobat, Reader Vulns

Posted on August 8, 2023 by Ryan Naraine

Adobe rolls out a big batch of security updates to fix at least 30 Acrobat and Reader vulnerabilities affecting Windows and macOS users.
The post Patch Tuesday: Adobe Patches 30 Acrobat, Reader Vulns appeared first on SecurityWeek.
Continue reading Patch Tuesday: Adobe Patches 30 Acrobat, Reader Vulns→

Unmasking hypnotized AI: The hidden risks of large language models

Posted on August 8, 2023 by Chenta Lee

The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it’s important we recognize that cybercriminals are seeking the same benefits. LLMs are a new type of attack surface poised to make […]

The post Unmasking hypnotized AI: The hidden risks of large language models appeared first on Security Intelligence.

Continue reading Unmasking hypnotized AI: The hidden risks of large language models→

MSMQ QueueJumper (RCE Vulnerability): An In-Depth Technical Analysis

Posted on August 2, 2023 by Valentina Palmiotti

The security updates released by Microsoft on April 11, 2023, addressed over 90 individual vulnerabilities. Of particular note was CVE-2023-21554, dubbed QueueJumper, a remote code execution vulnerability affecting the Microsoft Message Queueing (MSMQ) service. MSMQ is an optional Windows component that enables applications to exchange messages via message queues that are reachable both locally and […]

The post MSMQ QueueJumper (RCE Vulnerability): An In-Depth Technical Analysis appeared first on Security Intelligence.

Continue reading MSMQ QueueJumper (RCE Vulnerability): An In-Depth Technical Analysis→