Browsing: Application Security

From AI hype to operational reality: A practitioner’s framework for securing agentic systems

Art PoghosyanJune 5, 20267 Mins Read

Most organizations already have AI governance discussions underway. They have policies, working groups, acceptable-use guidance, and long lists of principles…

Artificial intelligence and elections: When an election is annulled because of TikTok

Theofanis KasimisJune 1, 20268 Mins Read

On 6 December 2024, the Constitutional Court of Romania took an unprecedented step: it annulled the first round of the…

Threat Actors Deploy Tiflux RMM for Persistent Remote Access

Kirsten DoyleMay 29, 20263 Mins Read

Threat actors are abusing legitimate RMM tools as a means of creating persistence inside victims’ systems, using the Tiflux RMM…

How EM is boosting the career trajectory of VM analysts

Katrina ThompsonMay 19, 20266 Mins Read

As organizations shift from vulnerability management (VM) to exposure management (EM), the role of the VM analyst must evolve or…

OpenAI rotates certificates after TanStack supply chain attack hits employee devices

Kirsten DoyleMay 18, 20264 Mins Read

OpenAI has confirmed that two employee devices were compromised in the recent TanStack npm supply chain attack, prompting the company to rotate code-signing certificates…

Microsoft discloses Exchange zero-day with no patch yet available

Kirsten DoyleMay 18, 20263 Mins Read

Microsoft has disclosed a zero-day vulnerability that affects Exchange Server 2016, 2019, and Subscription Edition. This vulnerability would give bad actors an opportunity to…

What to do when your AI’s guardrails fail

Tim FreestoneMay 14, 20266 Mins Read

I want to talk about the Microsoft 365 Copilot bug. Not because it was exceptional, but because what it exposed…

Investigating the aftermath: understanding digital forensics after a cyber incident

Nazy FouladiradMay 7, 20265 Mins Read

Successfully recovering your business from a cyberattack often requires much more than just loading up backups. Although your first instinct…

Microsoft Edge Found Holding Saved Credentials in Plaintext Memory

Kirsten DoyleMay 6, 20263 Mins Read

Security researcher Tom Jøran Sønstebyseter Rønning, posting as @L1v1ng0ffTh3L4N, has revealed that Microsoft Edge decrypts every saved password at startup and holds all of them in…

Visual data is the blind spot in enterprise security: that’s about to change

Danielle KingMay 4, 20267 Mins Read

Most enterprise security teams can tell you exactly how their databases are encrypted. They know who has access to their…