Application Security - Security Boulevard https://securityboulevard.com/category/blogs/application-security/ The Home of the Security Bloggers Network Thu, 28 Mar 2024 16:19:20 +0000 en-US hourly 1 https://wordpress.org/?v=6.4.3 https://securityboulevard.com/wp-content/uploads/2021/10/android-chrome-256x256-1-32x32.png Application Security - Security Boulevard https://securityboulevard.com/category/blogs/application-security/ 32 32 133346385 Checkmarx Aligns With Wiz to Improve Application Security https://securityboulevard.com/2024/03/checkmarx-aligns-with-wiz-to-improve-application-security/ Thu, 28 Mar 2024 16:19:20 +0000 https://securityboulevard.com/?p=2013287 Checkmarx CNAPP cloud security palo alto networks Deloitte Broadcom report cloud security threat

Checkmarx has integrated its platform for securing application development environments with Wiz's CNAPP.

The post Checkmarx Aligns With Wiz to Improve Application Security appeared first on Security Boulevard.

]]> 2013287 SCCM Exploitation: Account Compromise Through Automatic Client Push & AD System Discovery  https://securityboulevard.com/2024/03/sccm-exploitation-account-compromise-through-automatic-client-push-ad-system-discovery/ https://securityboulevard.com/2024/03/sccm-exploitation-account-compromise-through-automatic-client-push-ad-system-discovery/#respond Thu, 28 Mar 2024 12:25:00 +0000 https://www.guidepointsecurity.com/?p=28183 Author: Marshall Price, Senior Security Consultant TL;DR: The following conditions can lead to compromise of the SCCM client push account […]

The post SCCM Exploitation: Account Compromise Through Automatic Client Push & AD System Discovery  appeared first on Security Boulevard.

]]> https://securityboulevard.com/2024/03/sccm-exploitation-account-compromise-through-automatic-client-push-ad-system-discovery/feed/ 0 2013366 Telegram Privacy Nightmare: Don’t Opt In to P2PL https://securityboulevard.com/2024/03/telegram-privacy-nightmare-p2pl-richixbw/ Tue, 26 Mar 2024 17:29:25 +0000 https://securityboulevard.com/?p=2012982 Scary skeletons

Scary SMS shenanigans: Avoid Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service.

The post Telegram Privacy Nightmare: Don’t Opt In to P2PL appeared first on Security Boulevard.

]]> 2012982 ChatGPT Plugin Security Vulnerabilities Exploited By Hackers https://securityboulevard.com/2024/03/chatgpt-plugin-security-vulnerabilities-exploited-by-hackers/ https://securityboulevard.com/2024/03/chatgpt-plugin-security-vulnerabilities-exploited-by-hackers/#respond Tue, 26 Mar 2024 07:00:46 +0000 https://tuxcare.com/?p=16728 In the realm of cybersecurity, constant vigilance is paramount as threat actors perpetually seek novel ways to exploit vulnerabilities. Recent research has shed light on a concerning trend: the potential misuse of third-party plugins associated with OpenAI’s ChatGPT platform. These ChatGPT plugin security vulnerabilities, intended to enhance user experience and functionality, have inadvertently become a […]

The post ChatGPT Plugin Security Vulnerabilities Exploited By Hackers appeared first on TuxCare.

The post ChatGPT Plugin Security Vulnerabilities Exploited By Hackers appeared first on Security Boulevard.

]]> https://securityboulevard.com/2024/03/chatgpt-plugin-security-vulnerabilities-exploited-by-hackers/feed/ 0 2013004 Linux Kernel 6.8 Released: New Features and Hardware Support https://securityboulevard.com/2024/03/linux-kernel-6-8-released-new-features-and-hardware-support/ https://securityboulevard.com/2024/03/linux-kernel-6-8-released-new-features-and-hardware-support/#respond Mon, 25 Mar 2024 09:00:46 +0000 https://tuxcare.com/?p=16766 Linus Torvalds recently announced the release of Linux kernel 6.8, the latest stable version of the Linux kernel. This update brings a plethora of new features and improvements, making it a significant upgrade for many users.   Key Highlights of Linux Kernel 6.8   Virtualization Enhancements: Kernel 6.8 introduces LAM (Linear Address Masking) virtualization on […]

The post Linux Kernel 6.8 Released: New Features and Hardware Support appeared first on TuxCare.

The post Linux Kernel 6.8 Released: New Features and Hardware Support appeared first on Security Boulevard.

]]> https://securityboulevard.com/2024/03/linux-kernel-6-8-released-new-features-and-hardware-support/feed/ 0 2012839 Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys https://securityboulevard.com/2024/03/apple-m-gofetch-richixbw/ Fri, 22 Mar 2024 18:56:32 +0000 https://securityboulevard.com/?p=2012710 A green worm on a juicy red apple

GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads.

The post Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys appeared first on Security Boulevard.

]]> 2012710 Application Security for Dummies: The Only Way Forward https://securityboulevard.com/2024/03/application-security-for-dummies-the-only-way-forward/ Fri, 22 Mar 2024 13:00:44 +0000 https://securityboulevard.com/?p=2012079 AppSec, AI, API app Google application security AppSec

To improve application security, we must make security so stupid that anyone can do it, and that applies up and down the stack.

The post Application Security for Dummies: The Only Way Forward appeared first on Security Boulevard.

]]> 2012079 Workshop “How to write custom security tests” – Main Takeaways https://securityboulevard.com/2024/03/workshop-how-to-write-custom-security-tests-main-takeaways/ https://securityboulevard.com/2024/03/workshop-how-to-write-custom-security-tests-main-takeaways/#respond Fri, 22 Mar 2024 11:10:43 +0000 http://securityboulevard.com/?guid=fae7e464254319935a4dfe8d242ececa Discover the main takeaways from our latest workshop on how to write custom security tests for API security.

The post Workshop “How to write custom security tests” – Main Takeaways appeared first on Security Boulevard.

]]> https://securityboulevard.com/2024/03/workshop-how-to-write-custom-security-tests-main-takeaways/feed/ 0 2012723 Why security engineers need a new approach to identify business logic flaws https://securityboulevard.com/2024/03/why-security-engineers-need-a-new-approach-to-identify-business-logic-flaws/ https://securityboulevard.com/2024/03/why-security-engineers-need-a-new-approach-to-identify-business-logic-flaws/#respond Fri, 22 Mar 2024 09:06:39 +0000 http://securityboulevard.com/?guid=40bb467f1c65c5ff7927ced42d4a20a5 Learn why security engineers need a new approach to identify business logic flaws.

The post Why security engineers need a new approach to identify business logic flaws appeared first on Security Boulevard.

]]> https://securityboulevard.com/2024/03/why-security-engineers-need-a-new-approach-to-identify-business-logic-flaws/feed/ 0 2012725 Sentry, GitHub Use AI to Help Fix Coding Errors https://securityboulevard.com/2024/03/sentry-github-use-ai-to-help-fixing-coding-errors/ Thu, 21 Mar 2024 15:43:14 +0000 https://securityboulevard.com/?p=2012606 AI code fixing

Developers are getting more help detecting and addressing bugs in their code through new AI-based tools that Sentry.io and GitHub each introduced this week. Sentry unveiled the beta of Autofix, a feature that uses company’s machine learning and AI capabilities and is aimed at debugging errors in production by leveraging what the vendor knows about..

The post Sentry, GitHub Use AI to Help Fix Coding Errors appeared first on Security Boulevard.

]]> 2012606