Applications

Stay up-to-date with the latest security technologies and best practices to secure software applications, identify vulnerabilities, and protect your code from potential threats. As software development accelerates, robust application security is essential to safeguard against exploits and breaches.

  • Millions of MySQL Servers are Publicly Exposed

    More than 3.6 million MySQL servers are publicly exposed on the internet, security researchers noted this week. Shadow Server Foundation researchers reported that they simply issued a MySQL connection request on default port 3306 to see if a server responded with a MySQL Server Greeting, rather than intrusive requests that pentesters use to break into…

  • New Open-source Security Initiative Aimed at Supply Chain Attacks

    Open source software libraries are frequent targets of hackers, who see them as an attractive path for stealing credentials and distributing malware. Hundreds of thousands of software projects depend on these open source packages – and each of these dependencies has its own dependencies, a complex web that some call “dependency hell” – so hackers…

  • Top SD-WAN Solutions for Enterprise Security

    The development of software-defined wide area networking (SD-WAN) has given enterprise administrators flexibility akin to virtualization to manage distributed networks and users globally. Wide area networks have come a long way over the decades, and the introduction of cloud, edge, and virtual workloads only adds to the complexity of managing modern networks. As organizations embrace…

  • Log4j Vulnerability Puts Enterprise Data Lakes and AI at Risk

    The Apache Log4j Log4Shell bug is one of the most critical vulnerabilities in the history of cybersecurity. Hundreds of millions of devices use the Log4j component for various online services, among them government organizations, critical infrastructure, companies and individuals. Actually, pretty much all software uses this library written in Java, so it’s a very widespread…

  • Software Supply Chain: A Risky Time for Dependencies

    The software supply chain is a critical element in the lifecycle of applications and websites. The interdependencies and components common in modern software development can increase the attack surface and sometimes allow hackers to bypass robust security layers you’ve added to your infrastructure. Indeed, only one flaw in the code base can be enough to…

  • Palo Alto Unveils Zero Trust 2.0, Says Current Solutions Inadequate

    Palo Alto Networks says current zero trust solutions don’t go far enough, so today the cybersecurity leader urged the industry to transition to what it’s calling Zero Trust Network Access 2.0 (ZTNA 2.0), an approach that involves continuously reassessing user trust and network traffic. The massive shift to remote work brought on by the pandemic…

  • Getting Started with the Burp Suite: A Pentesting Tutorial

    Burp is one of the top-rated security suites for pentesting and ethical hacking. While there are paid professional and enterprise editions, you can install the community edition for free and even use it directly from Kali Linux. The Burp suite is widely used by security professionals to perform advanced scans and various traffic interceptions (e.g.,…

  • Security Researchers Find Nearly 400,000 Exposed Databases

    Databases contain some of the most critical data in enterprises, so vulnerabilities in them are serious issues. Researchers at Singapore-based cybersecurity company Group-IB recently discovered thousands of databases exposed to the internet that could have been exploited when they were left unprotected. The Attack Surface Management team at Group-IB said it constantly scans the IPv4…

  • MFA Advantages and Weaknesses

    Not everyone adopts multi-factor authentication (MFA) to secure their accounts. Many stick with simple username and password combinations despite the weaknesses of this authentication method. Yet if someone wanted to enable MFA, which option should they use? Each MFA option suffers vulnerabilities and creates user friction, so IT managers need to select the MFA option…

  • Protecting Against the Spring4Shell Vulnerability

    Spring4Shell (CVE-2022-22965) is a remote code execution (RCE) vulnerability that affects Spring Core, a comprehensive framework for Java-based enterprise applications. Spring4Shell gets its name from the Log4Shell vulnerability, one of the most critical zero-day threats ever, which affected a Java software component called Log4j and allowed hackers to take control of web servers and networks.…

Get the free newsletter

Subscribe to Cybersecurity Insider for top news, trends & analysis

This field is required This field is required

IT Security Resources

Top Cybersecurity Companies

See Full List