Survey: AppSec Maturity Hindered by Staffing, Budgets, Vulnerabilities
Report highlights the challenges impeding the applications industry from achieving AppSec maturity.
November 2023
‘Elektra-Leak’ Attackers Harvest AWS Cloud Keys in GitHub Campaign
Cyber adversaries are scanning public GitHub repositories in real-time, evading Amazon quarantine controls, and harvesting AWS keys.
20 Years Later, Is Patch Tuesday Enough?
Microsoft's longstanding practice isn't enough to handle its vulnerability problem.
New Index Finds AI Models Are Murky, Not Transparent At All
Despite the growing demand for AI transparency, 10 of the better-known models did not score very highly on Stanford's new…
Google Dynamic Search Ads Abused to Unleash Malware ‘Deluge’
An advanced feature of Google targeted ads can allow a rarely precedented flood of malware infections, rendering machines completely useless.
What the Bionic Acquisition Can Bring to CrowdStrike
CrowdStrike is moving deeper into application security with its agreement to acquire Bionic, whose ASPM technology proactively scans software in…
Budget Cuts at CISA Could Affect Enterprise Cybersecurity
Politicians are suggesting massive cuts to CISA's budget, threatening its missions to secure federal networks and help critical infrastructure operators…
Biden’s Artificial Intelligence Executive Order Covers Broad Concerns
The executive order is ambitious and seeks to protect a variety of different groups that are most at risk from…
Boeing Breached by Ransomware, LockBit Gang Claims
LockBit gives Boeing a Nov. 2 deadline to pay the ransom or have its sensitive documents leaked to the public,…
UAE Cyber Council Warns of Google Chrome Vulnerability
The country has issued a recommendation to update after a high-risk vulnerability was disclosed last week in the browser.