Application and platform security
Applications and platform security is the basis of preventing vulnerabilities and attacks. Learn the latest about applications attacks, secure software development, patch management, OS security, virtualization, open source security, API security, web app and server security and more.
Top Stories
-
News
26 Jul 2024
Researcher says deleted GitHub data can be accessed 'forever'
Truffle Security researcher John Leon warned GitHub users that deleted repository data is never actually deleted, which creates an "enormous attack vector" for threat actors. Continue Reading
-
News
26 Jul 2024
CrowdStrike: 97% of Windows sensors back online after outage
While most Windows systems are back online after last week's outage, CrowdStrike CEO George Kurtz said the vendor remains 'committed to restoring every impacted system.' Continue Reading
-
Definition
09 Dec 2021
OCSP (Online Certificate Status Protocol)
OCSP (Online Certificate Status Protocol) is one of two common schemes used to maintain the security of a server and other network resources. Continue Reading
-
News
07 Dec 2021
Cambridge Quantum delivers first quantum encryption keys
Cambridge Quantum, newly merged with Honeywell's Quantum Solutions division, has debuted the first as-a-service cryptographic key generator for quantum computing. Continue Reading
-
News
01 Dec 2021
BlackByte ransomware attacks exploiting ProxyShell flaws
Red Canary said BlackByte's campaign is using wormable ransomware against organizations vulnerable to ProxyShell flaws in Microsoft Exchange. Continue Reading
-
News
30 Nov 2021
Windows Installer zero-day under active exploitation
McAfee said the Windows Installer vulnerability is being exploited in 23 countries around the world, including the United States, China, India and others. Continue Reading
-
News
23 Nov 2021
Researcher drops instant admin Windows zero-day bug
A newly-disclosed zero-day vulnerability in Windows could potentially allow local users to elevate their permissions to administrator status, and Microsoft has yet to post a fix. Continue Reading
-
Definition
23 Nov 2021
cookie poisoning
Cookie poisoning is a type of cyber attack in which a bad actor hijacks, forges, alters or manipulates a cookie to gain unauthorized access to a user's account, open a new account in the user's name or steal the user's information for purposes such as identity theft. Continue Reading
-
Guest Post
16 Nov 2021
3 ways to balance app innovation with app security
New innovations come with an onslaught of risks and vulnerabilities. Use these three concepts to promote innovation, while ensuring web application security. Continue Reading
-
News
15 Nov 2021
Microsoft releases out-of-band update for Windows Server
Less than a week after November's Patch Tuesday, Microsoft released an unscheduled security update for Windows Server to address an authentication vulnerability. Continue Reading
-
News
09 Nov 2021
Medical devices at risk from Siemens Nucleus vulnerabilities
Thirteen bugs, including a critical security flaw, have been patched in the Siemens Nucleus TCP/IP stack, a vital component for millions of connected medical devices. Continue Reading
-
Definition
05 Nov 2021
cross-site scripting (XSS)
Cross-site scripting (XSS) is a type of injection attack in which a threat actor inserts data, such as a malicious script, into content from otherwise trusted websites. Continue Reading
-
Definition
05 Nov 2021
cache poisoning
Cache poisoning is a type of cyber attack in which attackers insert fake information into a domain name system (DNS) cache or web cache for the purpose of harming users. Continue Reading
-
News
03 Nov 2021
CISA requires agencies to patch nearly 300 vulnerabilities
The Cybersecurity and Infrastructure Security Agency issued a directive for government agencies that requires patching for hundreds of known software security vulnerabilities. Continue Reading
-
News
02 Nov 2021
Trojan Source bugs enable 'invisible' source code poisoning
A pair of flaws in nearly every popular programming language enables attackers to hide malicious code in plain sight without the ability to be detected prior to compiling. Continue Reading
-
Feature
28 Oct 2021
Amid explosive growth, API security a growing concern
APIs are expanding exponentially across the technology landscape and creating a vast attack surface that enterprise security teams are struggling to understand and defend. Continue Reading
-
Guest Post
28 Oct 2021
Applying security to operating models requires collaboration
Balancing business needs with security is more important than ever. Integrating operating models with reference architectures is a key step in the process. Continue Reading
-
Definition
25 Oct 2021
payload (computing)
In computing, a payload is the carrying capacity of a packet or other transmission data unit. Continue Reading
-
Definition
21 Oct 2021
script kiddie
Script kiddie is a derogative term that computer hackers coined to refer to immature, but often just as dangerous, exploiters of internet security weaknesses. Continue Reading
-
News
08 Oct 2021
Admins: Patch management is too complex and cumbersome
A new survey from Ivanti shows a majority of administrators and infosec professionals feel the shift to decentralized workspaces has made patch management an even bigger headache. Continue Reading
-
Definition
08 Oct 2021
cryptographic nonce
A nonce is a random or semi-random number that is generated for a specific use. Continue Reading
-
Guest Post
04 Oct 2021
5 principles for AppSec program maturity
Applications remain a top cause of external data breaches. Follow these five principles to achieve application security program maturity. Continue Reading
-
Definition
01 Oct 2021
IP spoofing
Internet Protocol (IP) spoofing is a type of malicious attack where the threat actor hides the true source of IP packets to make it difficult to know where they came from. Continue Reading
-
News
30 Sep 2021
FireEye and McAfee Enterprise announce product mashup
Merger-happy investment firm STG has let slip that it will integrate the product lines of McAfee Enterprise and FireEye. Analysts say it will be a challenging road ahead. Continue Reading
-
Feature
30 Sep 2021
6 reasons unpatched software persists in the enterprise
Patching is like flossing -- everyone knows they should do it, yet too few do it often and well. Explore why unpatched software is still ubiquitous, despite the risks. Continue Reading
-
News
28 Sep 2021
Microsoft releases emergency Exchange Server mitigation tool
Microsoft turned its attention to organizations that are slower to patch by releasing an emergency mitigation tool as a temporary fix against current threats. Continue Reading
-
News
20 Sep 2021
Microsoft details 'OMIGOD' Azure vulnerability fixes, threats
Microsoft fixed the open source OMI software during last week's Patch Tuesday, but the tech giant has struggled to get the updated agents to Azure customers. Continue Reading
-
News
15 Sep 2021
‘OMIGOD’ vulnerabilities put Azure customers at risk
OMI, the software agent at the center of a remote code execution flaw, is "just one example" of silent, pre-installed software in cloud environments, according to one researcher. Continue Reading
-
News
14 Sep 2021
Google patches actively exploited Chrome zero-days
Two more vulnerabilities in Google's web browser joined a growing list of Chrome zero-days that have been actively exploited in the wild this year. Continue Reading
-
News
09 Sep 2021
'Azurescape': New Azure vulnerability fixed by Microsoft
The Azure Container Instances vulnerability would have allowed malicious actors to execute code on other customers' containers, but there have been no reports of exploitation. Continue Reading
-
News
07 Sep 2021
ProxyShell attacks ramping up on unpatched Exchange Servers
Security experts say active attacks on the series of Microsoft Exchange Server flaws, which can be chained to take control of servers, are already being launched in the wild. Continue Reading
-
News
01 Sep 2021
Atlassian Confluence flaw under active attack
Administrators are advised to patch immediately after security experts confirmed mass scanning and exploits against a critical remote code execution vulnerability. Continue Reading
-
News
30 Aug 2021
New 'ProxyToken' Exchange Server vulnerability disclosed
The Exchange Server vulnerability could allow an attacker 'to copy all emails addressed to a target and account and forward them to an account controlled by the attacker.' Continue Reading
-
News
27 Aug 2021
Researchers discover critical flaw in Azure Cosmos DB
Wiz security researchers found a new attack vector in Microsoft Azure, which if exploited could allow an attacker to gain access to customers primary keys. Continue Reading
-
Guest Post
27 Aug 2021
How to navigate cybersecurity product coverage
Cybersecurity tools are complex. It can be difficult for organizations to know which tools do what, and which tools they need -- or don't. Continue Reading
-
News
26 Aug 2021
Microsoft finally issues ProxyShell security advisory
The ProxyShell advisory includes a call to patch, as well as details on which Exchange servers are vulnerable. In short: Those without the May security update are unprotected. Continue Reading
-
Podcast
26 Aug 2021
Risk & Repeat: ProxyShell problems mount
CISA warned threat actors have begun exploiting the dangerous ProxyLogon flaws, but tens of thousands of vulnerable Microsoft Exchange servers remain online. Continue Reading
-
News
25 Aug 2021
Bugs aplenty as VMware, Cisco and F5 drop security updates
Two critical updates from Cisco, remote code execution flaws in F5's Big-IP, and a half-dozen VMware security holes are among the more pressing issues for admins to address. Continue Reading
-
News
23 Aug 2021
CISA: ProxyShell flaws being actively exploited, patch now
Security researchers weighed in with evidence of ProxyShell exploitation by threat actors using malicious web shells and a new ransomware variant called 'LockFile.' Continue Reading
-
News
17 Aug 2021
Many Exchange servers still vulnerable to ProxyLogon, ProxyShell
Tens of thousands of Exchange servers are still vulnerable to ProxyLogon and ProxyShell, and security researchers estimate honeypots represent only a small slice of those systems. Continue Reading
-
News
13 Aug 2021
New ransomware crew hammers on PrintNightmare bugs
PrintNightmare, the Microsoft print spooler flaws patched in July, is the favorite target for a new ransomware group known as Vice Society, according to Cisco Talos. Continue Reading
-
News
12 Aug 2021
Microsoft discloses new print spooler flaw without patch
The latest flaw in Windows print spooler software, which has yet to be patched, comes weeks after the PrintNightmare vulnerability and other related bugs. Continue Reading
-
Tip
11 Aug 2021
Cloud-native security benefits and use cases
'Cloud native' has described applications and services for years, but its place in security is less clear. Get insight into cloud-native security from expert Dave Shackleford. Continue Reading
-
Tip
10 Aug 2021
11 video conferencing security and privacy best practices
Video conferencing tools are a remote worker's lifeline. As such, it is essential to maintain their security. These 11 best practices will help ensure secure, private, video-enabled meetings. Continue Reading
-
News
05 Aug 2021
Mandiant: Microsoft 365 the 'Holy Grail' for nation-state hackers
Mandiant researchers discussed mailbox compromises, app registration abuse and new extensions of the Golden SAML attack technique against Microsoft 365 at Black Hat 2021. Continue Reading
-
Definition
30 Jul 2021
DOS (disk operating system)
A DOS, or disk operating system, is an operating system that runs from a disk drive. The term can also refer to a particular family of disk operating systems, most commonly MS-DOS, an acronym for Microsoft DOS. Continue Reading
-
Definition
28 Jul 2021
buffer overflow
A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than the buffer is allocated to hold. Continue Reading
-
News
27 Jul 2021
Open source web app projects hailed for quickly patching bugs
Nine vulnerabilities in three popular open source SMB tools were cleaned up within 24 hours after Rapid7 reported the flaws to their development teams. Continue Reading
-
News
21 Jul 2021
U.K. man arrested in connection with 2020 Twitter breach
A 22-year-old U.K. resident was arrested in Spain and will face extradition on charges related to a social engineering operation that netted big-name Twitter accounts. Continue Reading
-
News
21 Jul 2021
Hackers embrace 5-day workweeks, unpatched vulnerabilities
Bad guys are taking the weekends off too, according to Barracuda Networks, and old bugs that should have been patched months ago continue to be the most-targeted vulnerabilities. Continue Reading
-
Answer
15 Jul 2021
How to prevent software piracy
Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading
-
News
14 Jul 2021
Microsoft's 'PrintNightmare' lingers, requires new patches
July's Patch Tuesday update includes critical fixes, but one well-known remote code execution bug might remain open for those with specific registry key settings. Continue Reading
-
News
13 Jul 2021
Why patching vulnerabilities is still a problem, and how to fix it
Patching is still a struggle for many organizations, and challenges include limited resources, technical debt, decentralized infrastructure and much more. Continue Reading
-
Feature
30 Jun 2021
Common Linux vulnerabilities admins need to detect and fix
Server admins need to prepare for a variety of common Linux vulnerabilities, from software and hardware vulnerabilities to employee-created ones and even digital espionage. Continue Reading
-
Feature
30 Jun 2021
How to implement Linux security best practices
When setting up security for a company's infrastructure, admins need to focus on backups, patch management and regular vulnerability scans. Continue Reading
-
News
24 Jun 2021
Atlassian moves to lock down accounts from takeover bugs
Check Point Research uncovered a set of flaws that, if chained together, would have enabled attackers to hijack accounts with single sign-on enabled. Continue Reading
-
News
24 Jun 2021
Dell BIOSConnect flaws affect 30 million devices
Eclypsium researchers discovered vulnerabilities that, if exploited, can allow remote code execution in a pre-boot environment for 128 different Dell products. Continue Reading
-
Definition
23 Jun 2021
proxy firewall
A proxy firewall is a network security system that protects network resources by filtering messages at the application layer. Continue Reading
-
News
15 Jun 2021
Apple issues patches for two more WebKit zero-days
Apple said both WebKit zero-days, which affect older iOS devices, have reportedly been exploited in the wild, but further details about the threat activity are unknown. Continue Reading
-
Feature
27 May 2021
Apiiro wins RSA Conference Innovation Sandbox Contest
Apiiro's automated Code Risk Platform analyzes enterprise software for material changes that can lead to security vulnerabilities, data exposures and compliance risks. Continue Reading
-
Answer
13 May 2021
What's the difference between sandboxes vs. containers?
Understanding the differences between sandboxes vs. containers for security can help companies determine which best suits their particular use cases. Continue Reading
-
Tip
13 May 2021
Container vs. VM security: Which is better?
Security professionals often compare containers vs. VMs when determining whether virtualization or containerization is better for their company's security strategy. Continue Reading
-
Definition
07 May 2021
session key
A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers. Continue Reading
-
News
06 May 2021
Popular mobile apps leaking AWS keys, exposing user data
Security researchers at CloudSek discovered approximately 40 popular mobile apps contained hardcoded API secret keys, putting both user information and corporate data at risk. Continue Reading
-
Feature
29 Apr 2021
Learn how to mitigate container security issues
The more companies embrace application containerization, the more they need to know about container security issues and attack prevention methods. Continue Reading
-
Feature
29 Apr 2021
Adopting containers and preventing container security risks
When it comes to container security risks, organizations often worry about container escapes, but as expert Liz Rice explains, they should focus on prevention and patching. Continue Reading
-
Feature
27 Apr 2021
Applying web application reconnaissance to offensive hacking
Learn how to apply web application reconnaissance fundamentals to improve both offensive and defensive hacking skills in an excerpt of 'Web Application Security' by Andrew Hoffman. Continue Reading
-
Feature
27 Apr 2021
Collaboration is key to a secure web application architecture
Author Andrew Hoffman explains the importance of a secure web application architecture and how to achieve it through collaboration between software and security engineers. Continue Reading
-
News
21 Apr 2021
Hackers exploit 3 SonicWall zero-day vulnerabilities
SonicWall patched the zero-day vulnerabilities earlier this month, but the security vendor didn't disclose they were being exploited until Tuesday. Continue Reading
-
News
13 Apr 2021
NSA finds new Exchange Server vulnerabilities
Microsoft said it has not seen the new Exchange Server vulnerabilities being used in attacks against customers, but customers are still advised to patch immediately. Continue Reading
-
News
13 Apr 2021
McAfee: PowerShell threats grew 208% in Q4 2020
McAfee's latest threat report showed a sharp increase in PowerShell threats between Q3 and Q4 2020, in part due to malware known as Donoff and a rise in ransomware detections. Continue Reading
- Definition 08 Apr 2021
-
News
25 Mar 2021
Black Kingdom ransomware foiled through Mega password change
The Black Kingdom ransomware targeting Exchange servers uses an unusual encryption key method that was foiled due to a password being changed at cloud storage service Mega. Continue Reading
-
News
23 Mar 2021
'Black Kingdom' ransomware impacting Exchange servers
Both ransomware and scareware variants of Black Kingdom have been reported in attacks against vulnerable Exchange servers, but the reason for this remains unclear. Continue Reading
-
News
16 Mar 2021
RiskIQ: 69,548 Microsoft Exchange servers still vulnerable
Security intelligence vendor RiskIQ found that 69,548 servers remained unpatched as of Sunday and are vulnerable to attacks, with nearly 17,000 servers located in the U.S. Continue Reading
-
News
08 Mar 2021
Microsoft releases tools as Exchange Server attacks increase
Microsoft said it's seen increased Exchange Server attacks, as well as more threat actors beyond the Chinese state-sponsored Hafnium group conducting attacks. Continue Reading
-
News
03 Mar 2021
Microsoft Exchange Server zero-days exploited in the wild
Both the Cybersecurity and Infrastructure Security Agency and National Security Agency advise patching the Exchange Server zero-days immediately. Continue Reading
-
Feature
22 Feb 2021
Why developers should consider automated threat modeling
Traditional threat modeling is hard. Can automated threat modeling make development and security teams' lives easier? Continue Reading
-
Feature
22 Feb 2021
Introducing development teams to threat modeling in SDLC
Enterprises can improve their security posture by educating development teams on threat modeling so they can work alongside security teams and everyone knows a common language. Continue Reading
-
News
10 Feb 2021
Researcher used open source supply chain to breach tech giants
Security researcher Alex Birsan breached several major tech companies, including Microsoft and Apple, through a novel technique that manipulated open source supply chains. Continue Reading
-
News
02 Feb 2021
How a social engineering campaign fooled infosec researchers
Impersonation tactics in social engineering attacks have become so elaborate that even highly aware members of the infosec community can fall victim to them. Continue Reading
-
Quiz
22 Dec 2020
Quiz: Web application security threats and vulnerabilities
Applications are still the biggest attack vector for malicious actors -- can you protect them? Test your knowledge with this web application security quiz. Continue Reading
-
Guest Post
08 Dec 2020
5 myths about putting security into CI/CD pipelines
Companies looking to introduce security testing earlier into software development must look past myths and understand what to realistically expect before creating their strategy. Continue Reading
-
News
08 Dec 2020
Forescout reports 33 new TCP/IP vulnerabilities
The lack of consistent updates (and the open source nature of the stacks) make the Amnesia:33 vulnerabilities difficult to fix as well as make it difficult to comprehend the full impact. Continue Reading
-
News
08 Dec 2020
Salesforce advised users to skip Chrome browser updates
Salesforce recommended users dealing with mixed content issues to skip Chrome upgrades or roll back to older versions of the browser, but the vendor later removed those steps. Continue Reading
-
Tip
24 Nov 2020
Weighing remote browser isolation benefits and drawbacks
Remote browser isolation benefits end-user experience and an organization's network security. Compare the pros, cons and cost challenges before investing in the zero-trust approach. Continue Reading
-
Tip
17 Nov 2020
Choosing between proxy vs. API CASB deployment modes
Curious how to choose the right CASB deployment mode for your organization? Before you buy, compare how proxy vs. API CASB architectures work to secure SaaS applications. Continue Reading
-
Feature
15 Oct 2020
The Ghidra Book interview with co-author Kara Nance
Ghidra has had a huge impact on the reverse-engineering community. Kara Nance, co-author of The Ghidra Book, discusses this impact as the open source tool has evolved. Continue Reading
-
Feature
29 Sep 2020
Oversee apps with these 3 application security testing tools
Unsecured applications can have dire consequences for enterprises. Discover how top app security testing tools on the market today protect apps and enhance developer productivity. Continue Reading
-
News
24 Sep 2020
Microsoft detects Netlogon vulnerability exploitation in the wild
While Microsoft released a patch last month for the Netlogon flaw, the company said it detected threat actors using exploits for the critical vulnerability. Continue Reading
-
Feature
18 Sep 2020
Security for SaaS applications starts with collaboration
Following established best practices helps enterprises facilitate collaboration and communication through SaaS applications while simultaneously ensuing secure SaaS use. Continue Reading
-
News
17 Sep 2020
Maze ransomware gang uses VMs to evade detection
A Sophos investigation into a Maze ransomware attack revealed that threat actors borrowed an attack technique pioneered by Ragnar Locker operators earlier this year. Continue Reading
-
Tip
15 Sep 2020
3 steps to secure codebase updates, prevent vulnerabilities
Codebase updates are critical, but what about when they introduce vulnerabilities? These three steps will help app developers secure codebase updates and keep their apps safe. Continue Reading
-
News
25 Aug 2020
'Meow' attacks top 25,000 exposed databases, services
One month after the notorious 'meow' attacks were first detected, the threat to misconfigured databases exposed on the internet shows little sign of slowing down. Continue Reading
-
News
18 Aug 2020
Apache Struts vulnerabilities allow remote code execution, DoS
The Apache Software Foundation issued security advisories last week for two Apache Struts vulnerabilities that were originally patched but not fully disclosed last fall. Continue Reading
-
Feature
18 Aug 2020
'Secure by Design' principles include failures, exceptions
Using design principles with built-in security, along with properly defining exceptions, can help developers not only build safe code, but do so while meeting deadlines. Continue Reading
-
Feature
18 Aug 2020
Exception handling best practices call for secure code design
Making software secure by design requires tremendous consideration about how failures are handled. Learn more from these exception handling examples. Continue Reading
-
News
12 Aug 2020
Kaspersky reveals 2 Windows zero-days from failed attack
Kaspersky prevented an attack against a South Korean company back in May that used two zero-day vulnerabilities. One, arguably the more dangerous, focused on Internet Explorer. Continue Reading
-
News
07 Aug 2020
10 years after Stuxnet, new zero-days discovered
A decade after Stuxnet, SafeBreach Labs researchers discovered new zero-day vulnerabilities connected to the threat, which they unveiled at Black Hat USA 2020. Continue Reading
-
News
07 Aug 2020
Not just politics: Disinformation campaigns hit enterprises, too
In her Black Hat USA 2020 keynote, Renée DiResta of the Stanford Internet Observatory explains how nation-state hackers have launched 'reputational attacks' against enterprises. Continue Reading
-
Opinion
03 Aug 2020
The case for cybersecurity by design in application software
Security must be part of IT from the start and then continue through the entire product lifecycle -- design, build, release and maintenance. Consumers now demand it. Continue Reading
-
Tip
03 Aug 2020
How to shift from DevOps to DevSecOps
A successful DevSecOps rollout requires software developers to be equipped with the proper security skills and tools. Learn how to transition smoothly from DevOps to DevSecOps. Continue Reading