application security – Page 20

Cloud-native application adoption puts pressure on appsec teams

Posted on January 6, 2023 by Help Net Security

Oxeye revealed five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research, which shows the industry is shifting away from legacy software infrastructure and standardizing on cloud-native appli… Continue reading Cloud-native application adoption puts pressure on appsec teams→

Predictions 2023: Big Tech’s Coming Security Shopping Spree

Posted on January 5, 2023 by SecurityWeek News

Slack Says Hackers Stole Private Source Code Repositories

Posted on January 5, 2023 by Eduard Kovacs

Enterprise communication and collaboration platform Slack has informed customers that hackers have stolen some of its private source code repositories, but claims impact is limited.
read more Continue reading Slack Says Hackers Stole Private Source Code Repositories→

Malware Delivered to PyTorch Users in Supply Chain Attack

Posted on January 3, 2023 by Ionut Arghire

Last week’s nightly builds of the open source machine learning framework PyTorch were injected with malware following a supply chain attack.
Now part of the Linux Foundation umbrella, PyTorch is based on the Torch library and is used for applications i… Continue reading Malware Delivered to PyTorch Users in Supply Chain Attack→

Netwrix Acquires Remediant for PAM Technology

Posted on December 28, 2022 by Ryan Naraine

Data security software vendor Netwrix has acquired Remediant, an early-stage startup working on technology in the PAM (privileged access management) category.
Financial terms of the acquisition were not disclosed.
read more Continue reading Netwrix Acquires Remediant for PAM Technology→

Twitter is the New Poster Child for Failing at Compliance

Posted on December 28, 2022 by Mike Elgan

All companies have to comply with privacy and security laws. They must also comply with any settlements or edicts imposed by regulatory agencies of the U.S. government. But Twitter now finds itself in a precarious position and appears to be failing to take its compliance obligations seriously. The case is a “teachable moment” for all […]

The post Twitter is the New Poster Child for Failing at Compliance appeared first on Security Intelligence.

Continue reading Twitter is the New Poster Child for Failing at Compliance→

Microsoft Patches Azure Cross-Tenant Data Access Flaw

Posted on December 23, 2022 by Ryan Naraine

Microsoft has silently fixed an important-severity security flaw in its Azure Container Service (ACS) after an external researcher warned that a buggy feature allowed cross-tenant network bypass attacks.
read more Continue reading Microsoft Patches Azure Cross-Tenant Data Access Flaw→

LastPass Says Password Vault Data Stolen in Data Breach

Posted on December 22, 2022 by Ryan Naraine

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that could be exposed by brute-forcing or guessing master passwords.
read more Continue reading LastPass Says Password Vault Data Stolen in Data Breach→

Okta Source Code Stolen by Hackers

Posted on December 22, 2022 by Eduard Kovacs

Identity and access management solutions provider Okta this week informed customers that some of the company’s source code was stolen recently from its GitHub repositories.
read more Continue reading Okta Source Code Stolen by Hackers→

FoxIt Patches Code Execution Flaws in PDF Tools

Posted on December 19, 2022 by Ryan Naraine

Foxit Software has rolled out a critical-severity patch to cover a dangerous remote code execution flaw in its flagship PDF Reader and PDF Editor products.
read more Continue reading FoxIt Patches Code Execution Flaws in PDF Tools→