What Is the Difference Between Security and Resilience?

Resilience shifts the focus toward eliminating the probable impact of the full attack chain.

Consumers Share Security Fears as Risky Behaviors Persist

While most US adults know they aren't sufficiently protecting their data online, many find security time-consuming or don't know the steps they should take.

TangleBot Campaign Underscores SMS Threat

The attack targets Android devices and starts with a malicious SMS message that aims to bring malware onto compromised devices.

Apple needs to act against fake app-privacy promises

Apple will need to become more aggressive in how it polices the privacy promises developers make when selling apps in the App Store. What can enterprise users do to protect themselves and their users in the meantime?

What’s the problem?

Some developers continue to abuse the spirit of Apple’s App Store Privacy rules. This extends to posting misleading information on App Privacy Labels, along with outright violation of promises not to track devices. Some developers continue to ignore do-not-track requests to exfiltrate device-tracking information.

To read this article in full, please click here

Contrast Application Security Platform Scales to Support OWASP Risks

Contrast's platform detects and prevents against OWASP Top Ten risks from development to production with out-of-the-box policy rules and automated compliance reporting.

Our Eye Is on the SPARROW

How unauthorized users can exploit wireless infrastructures for covert communication.

Endpoint Still a Prime Target for Attack

A vast majority of security professionals surveyed think any exploit will start with the endpoint.

Google Spots New Technique to Sneak Malware Past Detection Tools

The operator behind OpenSUpdater is using a new way to sneak adware and other malware past security tools.

Primer: Microsoft Active Directory Security for AD Admins

Nearly all AD environments are vulnerable to identity attack paths -- a powerful, widespread, and difficult-to-detect attack technique. But we didn't say impossible. Here's how admins can stop them.

FamousSparrow APT Group Flocks to Hotels, Governments, Businesses

The cyber espionage group has a custom backdoor and has added the ProxyLogon Microsoft Exchange flaw to its toolkit.