Applications

The latest security technology and best practices to secure software applications, vulnerabilities and code.

  • CISA Urges Exchange Online Authentication Update

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is recommending that government agencies and private organizations that use Microsoft’s Exchange cloud email platform migrate users and applications to Modern Auth before Basic Auth is deprecated in October. CISA noted that Basic authentication is simple and pretty convenient but unsecured by design. It’s relatively easy for… Read more

  • Kubernetes Security Issues: Nearly a Million Instances Exposed on Internet

    Cybersecurity researchers have found more than 900,000 instances of Kubernetes consoles exposed on the internet. Cyble researchers detected misconfigured Kubernetes instances that could expose hundreds of thousands of organizations. The researchers found a number of indicators of exposure in the open source container orchestration platform: KubernetesDashboard Kubernetes-master Kubernetes Kube K8 Favicon:2130463260, -1203021870 The threat-hunting exercise… Read more

  • Cybersecurity Agencies Release Guidance for PowerShell Security

    PowerShell is one of the most common tools used by hackers in “living off the land” attacks, when malicious actors use an organization’s own tools against itself. This week, U.S. cybersecurity agencies joined their counterparts in the UK and New Zealand to offer guidance so organizations can use PowerShell safely. PowerShell is a command line… Read more

  • Microsoft 365 Research Highlights Cloud Vulnerabilities

    In a sequence that suggests cloud services may be more vulnerable than many think, Proofpoint researchers have demonstrated how hackers could take over Microsoft 365 accounts to ransom files stored on SharePoint and OneDrive. Microsoft services are widely used in enterprises for cloud-based collaboration, and the Proofpoint research report revealed that cloud infrastructures are not… Read more

  • How to Prevent Software Supply Chain Attacks

    Software supply chain attacks present an increasingly worrying threat. According to a recent BlueVoyant study, an impressive 97 percent of companies surveyed have been negatively impacted by a security breach in their supply chain, and 38 percent said they have no way of knowing about any potential issues with a third-party supplier’s cybersecurity. Ankur Shah,… Read more

  • Millions of MySQL Servers are Publicly Exposed

    More than 3.6 million MySQL servers are publicly exposed on the internet, security researchers noted this week. Shadow Server Foundation researchers reported that they simply issued a MySQL connection request on default port 3306 to see if a server responded with a MySQL Server Greeting, rather than intrusive requests that pentesters use to break into… Read more

  • New Open-source Security Initiative Aimed at Supply Chain Attacks

    Open source software libraries are frequent targets of hackers, who see them as an attractive path for stealing credentials and distributing malware. Hundreds of thousands of software projects depend on these open source packages – and each of these dependencies has its own dependencies, a complex web that some call “dependency hell” – so hackers… Read more

  • Top SD-WAN Solutions for Enterprise Security

    The development of software-defined wide area networking (SD-WAN) has given enterprise administrators flexibility akin to virtualization to manage distributed networks and users globally. Wide area networks have come a long way over the decades, and the introduction of cloud, edge, and virtual workloads only adds to the complexity of managing modern networks. As organizations embrace… Read more

  • Log4j Vulnerability Puts Enterprise Data Lakes and AI at Risk

    The Apache Log4j Log4Shell bug is one of the most critical vulnerabilities in the history of cybersecurity. Hundreds of millions of devices use the Log4j component for various online services, among them government organizations, critical infrastructure, companies and individuals. Actually, pretty much all software uses this library written in Java, so it’s a very widespread… Read more

  • Software Supply Chain: A Risky Time for Dependencies

    The software supply chain is a critical element in the lifecycle of applications and websites. The interdependencies and components common in modern software development can increase the attack surface and sometimes allow hackers to bypass robust security layers you’ve added to your infrastructure. Indeed, only one flaw in the code base can be enough to… Read more

IT Security Resources

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis