application security – Page 4

PixPirate: The Brazilian financial malware you can’t see

Posted on January 28, 2024 by Nir Somech

Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a […]

The post PixPirate: The Brazilian financial malware you can’t see appeared first on Security Intelligence.

Continue reading PixPirate: The Brazilian financial malware you can’t see→

New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise

Posted on January 12, 2024 by Ionut Arghire

Researchers detail a CI/CD attack leading to PyTorch releases compromise via GitHub Actions self-hosted runners.
The post New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise appeared first on SecurityWeek.
Continue reading New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise→

Top 2024 AppSec predictions

Posted on January 8, 2024 by Help Net Security

In this Help Net Security video, Shahar Man, CEO of Backslash Security, offers his top three AppSec predictions for 2024, uncovering future trends.
The post Top 2024 AppSec predictions appeared first on Help Net Security.
Continue reading Top 2024 AppSec predictions→

The dynamic relationship between AI and application development

Posted on January 4, 2024 by Help Net Security

In this Help Net Security video, Greg Ellis, General Manager, Application Security, at Digital.ai, discusses how artificial intelligence is revolutionizing the way applications are developed and redefining the possibilities within the tech industry.
Th… Continue reading The dynamic relationship between AI and application development→

Aqua Security Scores $60M Series E Funding

Posted on January 3, 2024 by Ryan Naraine

Late-stage player in the CNAPP space secures a $60 million extended Series E funding round at a valuation north of $1 billion.
The post Aqua Security Scores $60M Series E Funding appeared first on SecurityWeek.
Continue reading Aqua Security Scores $60M Series E Funding→

SentinelOne Snaps up Seed-Stage CNAPP Startup PingSafe

Posted on January 3, 2024 by Ryan Naraine

SentinelOne plans to acquire PingSafe in a cash-and-stock deal that adds cloud native application protection platform (CNAPP) technologies.
The post SentinelOne Snaps up Seed-Stage CNAPP Startup PingSafe appeared first on SecurityWeek.
Continue reading SentinelOne Snaps up Seed-Stage CNAPP Startup PingSafe→

Wiz and Apiiro partner to provide context-driven security from code to cloud

Posted on December 19, 2023 by Mirko Zorz

Apiiro, a leading application security posture management (ASPM) solution, today announced its partnership with Wiz, the leading cloud security company and Cloud Native Application Protection Platform (CNAPP) provider. By joining Wiz Integrations (WIN)… Continue reading Wiz and Apiiro partner to provide context-driven security from code to cloud→

Web injections are back on the rise: 40+ banks affected by new malware campaign

Posted on December 19, 2023 by Tal Langus

Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript […]

The post Web injections are back on the rise: 40+ banks affected by new malware campaign appeared first on Security Intelligence.

Continue reading Web injections are back on the rise: 40+ banks affected by new malware campaign→

NSA Issues Guidance on Incorporating SBOMs to Improve Cybersecurity

Posted on December 18, 2023 by Ionut Arghire

NSA has published guidance to help organizations incorporate SBOM to mitigate supply chain risks.
The post NSA Issues Guidance on Incorporating SBOMs to Improve Cybersecurity appeared first on SecurityWeek.
Continue reading NSA Issues Guidance on Incorporating SBOMs to Improve Cybersecurity→

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle

Posted on December 12, 2023 by Ryan Naraine

Adobe warned users on both Windows and macOS systems about exposure to code execution, memory leaks and denial-of-service security issues.
The post Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle appeared first on SecurityWeek.
Continue reading Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle→