lemmydev2

New PCI DSS Rules Raise the Bar, Make App Security a MandatePCI DSS 4.0.1 raises the stakes for retailers and e-commerce providers, turning app security best practices into hard requirements. With sophisticated threats on the rise, businesses must adopt integrated solutions to protect digital experiences end-to-end.

Alphabet Inc.’s YouTube will soon begin using artificial intelligence to determine whether viewers in the US are under the age of 18, following increased pressure on the biggest tech companies to strengthen online safety for children.

Recent activity targeting telecom infrastructure is assessed with high confidence to overlap with Liminal Panda activity. The actors used custom tools, tunneling and OPSEC tactics for stealth. The post The Covert Operator's Playbook: Infiltration of Global Telecom Networks appeared first on Unit 42.

The telecom giant, one of the largest in the world with customers in Europe and Africa, said customers are experiencing ongoing disruption to its services due to an unspecified hack.

We have reached a stage where ransomware isn’t simply a cybercrime issue: it is now clearly a business disruptor, a threat to societal trust, and increasingly, a national security crisis. As James Babbage, Director General (Threats) at the UK’s National Crime Agency (NCA), recently noted, ransomware is “a national security threat in its own right, both here and throughout the world.” Alarmingly, despite years of targeted operations, global strategy papers, and industry guidance, ransomware groups … More → The post Ransomware will thrive until we change our strategy appeared first on Help Net Security.

Rising SaaS security threats are being overlooked, new research shows

"This step is necessary to prove I'm not a bot," wrote the bot as it passed an anti-AI screening step.

Plus, 60% don't have enough analysts to make sense of it Too many threats, too much data, and too few skilled security analysts are making companies more vulnerable to cyberattacks, according to the IT and security leaders tasked with protecting these organizations from digital threats.…

Despite knowing the risks, most organizations are still shipping insecure software. That’s one of the stark findings from Cypress Data Defense’s 2025 State of Application Security report, which reveals a worsening crisis in software security. According to the report, 62% of organizations knowingly deploy vulnerable code to meet delivery deadlines. As cyber threats intensify, security teams are struggling with burnout, resource shortages, and a widening disconnect between where budgets go and where the real risks … More → The post Inside the application security crisis no one wants to talk about appeared first on Help Net Security.

The video game’s photo mode is being used to outsmart age verification systems on popular platforms like Discord and Reddit in the UK.

The more than one million messages obtained by 404 Media are as recent as last week, discuss incredibly sensitive topics, and make it trivial to unmask some anonymous Tea users.

The Tea app data breach has grown into an even larger leak, with the stolen data now shared on hacking forums and a second database discovered that allegedly contains 1.1 million private messages exchanged between the app's members. [...]