Application Security

iOS 17.1.2, macOS Sonoma 14.1.2 and Safari 17.1.2 updates resolve the vulnerabilities.

Ethical hackers at AppOmni claimed a $5,000 bug bounty for discovering the Zoom Rooms vulnerability, disclosed at a conference last summer.

The guidelines from the U.S. and UK's cybersecurity agencies are endorsed by 18 countries and emphasize “secure-by-design” principles.

This year we've talked about vulns, clouds, breaches, presentations, and all the variations of Dev, Sec, and Ops. As we end the year, let's talk about starting things -- like starting an appsec program or an appsec career. But is there still a need for an appsec team? Or has it turned into specializations for areas like cloud security and bug bount...

Weak randomness in old JavaScript crypto, lack of encryption in purported end-to-end encryption, a platform engineering maturity model, PyPI's first security audit, vision for a Rust specification, and more!

Study around Black Friday and Cyber Monday finds that too many web sites still lack basic security, putting PII at risk as online shoppers are set to surge.

All roads in the FNF case lead to a ransomware incident, but there’s still no confirmation which group executed the attack or if a ransom was paid.

Researchers finally detail Netflix screencast bug that opened smart TVs to a video hijacking attacks.

Firmware security is complex and continues to be an industry challenge. In this podcast we'll talk about the reasons firmware security remains a challenge and some best practices around platform security. Segment Resources: https://www.helpnetsecurity.com/2020/04/27/firmware-blind-spots/ https://www.helpnetsecurity.com/2020/09/28/hardware-securi...