5 steps to building NSA-level access control for your app
Access control has become a main concern when it comes to developing secure web applications, and the NSA has a lot to say about it.…
Category: HelpnetSecurity
DDoS alert traffic reaches record-breaking level of 436 petabits in one day
With over one billion websites worldwide, HTTP/HTTPS application-layer attacks have increased by 487% since 2019, with the most significant surge in the second half of…
Binarly Transparency Platform identifies vulnerabilities and malicious threats in code
Binarly has released the Binarly Transparency Platform, delivering transparency for device supply chains enabling device manufacturers and endpoint protection products to analyze both firmware and…
Rezonate’s new ITDR module empowers security teams to stop active threats in real-time
Rezonate’s ITDR offering detects and responds to active identity threats using both common and sophisticated techniques missed by traditional IAM solutions and endpoint controls. The…
Zigbee PRO 2023 introduces new security mechanisms, feature enhancements
The Connectivity Standards Alliance released Zigbee PRO 2023 of the Zigbee protocol stack. The revision brings several enhancements and new features to the technology, allowing…
HashiCorp Vault vulnerability could lead to RCE, patch today! (CVE-2023-0620)
Oxeye discovered a new vulnerability (CVE-2023-0620) in the HashiCorp Vault Project, an identity-based secrets and encryption management system that controls access to API encryption keys,…
Kodi forum breach: User data, encrypted passwords grabbed
The developers of Kodi, the widely used open-source media player app, have revealed a data breach of its user forum. What happened? The breach did…
GitGuardian Honeytoken helps companies secure their software supply chains
GitGuardian launched its new Honeytoken module, providing intrusion detection, code leakage detection and helping companies secure their software supply chains against attackers targeting Source Control…
Data-backed insights for future-proof cybersecurity strategies
The Qualys Threat Research Unit (TRU) has been hard at work detecting vulnerabilities worldwide, and its latest report is set to shake up the industry.…
Hybrid work environments are stressing CISOs
The impact of the hybrid workforce on security posture, as well as the risks introduced by this way of working, are posing concerns for CISOs…
Threat hunting programs can save organizations from costly security breaches
Cybersecurity threats to organizations are only increasing, not only in number but in scope, according to Team Cymru. The true cost of cyber breaches Proactive…
Microsoft patches zero-day exploited by attackers (CVE-2023-28252)
It’s April 2023 Patch Tuesday, and Microsoft has released fixes for 97 CVE-numbered vulnerabilities, including one actively exploited zero-day (CVE-2023-28252). About CVE-2023-28252 CVE-2023-28252 is a…