Security Boulevard

Explore self-sovereign identity (SSI) in authentication systems, its benefits, technical components, and practical applications for enterprise SSO and CIAM solutions.

The post Defining Self-Sovereign Identity in Authentication Systems appeared first on Security Boulevard.

Explore different authentication provider types (social, passwordless, MFA) and learn best practices for choosing the right one to enhance security and user experience in your applications.

The post Authentication Provider Types: A Guide to Best Practices appeared first on Security Boulevard.

What do the Secure-by-Design and "Secure-by-Default" badges really mean?

The post “Secure-by-Design” and “Secure-by-Default” Badges from SecureIQLab — and Why They Matter in WAAP appeared first on SecureIQ Lab.

The post “Secure-by-Design” and “Secure-by-Default” Badges from SecureIQLab — and Why They Matter in WAAP appeared first on Security Boulevard.

The post Inside the Ingram Micro Ransomware Attack: Lessons in Zero Trust appeared first on Votiro.

The post Inside the Ingram Micro Ransomware Attack: Lessons in Zero Trust appeared first on Security Boulevard.

How Do Non-Human Identities Transform Cybersecurity Management? Where organizations increasingly pivot towards digital infrastructure, the management of Non-Human Identities (NHI) becomes paramount. These machine identities, comprising encrypted secrets like passwords, tokens, or keys, lay the foundation for secure cloud environments. But how are they reshaping cybersecurity management across various industries? The Growing Significance of NHI […]

The post Enhanced Support Systems for Effective NHI Management appeared first on Entro.

The post Enhanced Support Systems for Effective NHI Management appeared first on Security Boulevard.

How Do We Keep Non-Human Identities Safe from Unauthorized Access? Understanding Non-Human Identities (NHIs) is crucial. With the rise of cloud computing, the management of machine identities has become a central element of a robust security strategy. But how can organizations ensure these NHIs are protected from unauthorized access while maintaining operational efficiency? Reducing Security […]

The post Keeping NHIs Safe from Unauthorized Access appeared first on Entro.

The post Keeping NHIs Safe from Unauthorized Access appeared first on Security Boulevard.

The Crucial Role of Non-Human Identity Security in Today’s Cloud Environments Why are organizations increasingly focusing on the security of Non-Human Identities (NHIs) within their cybersecurity strategies? Where industries like financial services, healthcare, and travel become deeply integrated with digital technologies, managing NHIs is critical for safeguarding sensitive data and assets. This discussion highlights how […]

The post Stay Reassured with Consistent NHI Security Updates appeared first on Entro.

The post Stay Reassured with Consistent NHI Security Updates appeared first on Security Boulevard.

AI agents are reshaping online retail. Discover why bot management is essential infrastructure to control agentic commerce and drive growth.

The post From Bots to Buyers: With Agentic AI, Bot Management Becomes Core Infrastructure appeared first on Security Boulevard.

AttackIQ has released a new attack graph that emulates the behaviors exhibited by SideWinder, a threat actor with a long history of cyber espionage dating back to 2012. The group has primarily targeted government, military, and maritime sectors across South Asia and nearby regions through sophisticated spear-phishing campaigns, exploitation of Microsoft Office vulnerabilities, and the deployment of StealerBot, a memory-resident backdoor.

The post Emulating the Espionage-Oriented Group SideWinder appeared first on AttackIQ.

The post Emulating the Espionage-Oriented Group SideWinder appeared first on Security Boulevard.

“72% of organizations use AI in business functions — but only 13% feel ready to secure it.” That gap, between adoption and preparedness, explains why traditional AppSec approaches aren’t enough.  Modern AI systems aren’t just software systems that run code; they’re probabilistic, contextual, and capable of emergent behavior. In a traditional app, a query to […]

The post Why AI Red Teaming is different from traditional security appeared first on Security Boulevard.

SESSION
Session 2D: Android Security 1

Authors, Creators & Presenters: Mathias Oberhuber (Graz University of Technology), Martin Unterguggenberger (Graz University of Technology), Lukas Maar (Graz University of Technology), Andreas Kogler (Graz University of Technology), Stefan Mangard (Graz University of Technology)

PAPER
Power-Related Side-Channel Attacks using the Android Sensor Framework

Software-based power side-channel attacks are a significant security threat to modern computer systems, enabling adversaries to extract confidential information. Existing attacks typically exploit direct power signals from dedicated interfaces, as demonstrated in the PLATYPUS attack, or power-dependent timing variations, as in the case of the Hertzbleed attack. As access to direct power signals is meanwhile restricted on more and more platforms, an important question is whether other exploitable power-related signals exist beyond timing proxies. In this paper, we show that Android mobile devices expose numerous power-related signals that allow power side-channel attacks. We systematically analyze unprivileged sensors provided by the Android sensor framework on multiple devices and show that these sensors expose parasitic influences of the power consumption. Our results include new insights into Android sensor leakage, particularly a novel leakage primitive: the rotation dependent power leakage of the geomagnetic rotation vector sensor. We extensively evaluate the exposed sensors for different information leakage types. We compare them with the corresponding ground truth, achieving correlations greater than 0.9 for some of our tested sensors. In extreme cases, we observe not only statistical results but also, e.g., changes in a compass app's needle by approximately 30° due to CPU stress. Additionally, we evaluate the capabilities of our identified leakage primitives in two case studies: As a remote attacker via the Google Chrome web browser and as a local attacker running inside an installed app. In particular, we present an end-to-end pixel-stealing attack on different Android devices that effectively circumvents the browser's cross-origin isolation with a leakage rate of 5 - 10 s per pixel. Lastly, we demonstrate a proof-of-concept AES attack, leaking individual key bytes using our newly discovered leakage primitive.

ABOUT NDSS The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.

Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the organization’s’ YouTube channel.

Permalink

The post NDSS 2025 – Power-Related Side-Channel Attacks Using The Android Sensor Framework appeared first on Security Boulevard.

Security leaders are under increasing pressure to prove that their defenses actually work. Board members and stakeholders want to see measurable progress, yet most metrics available to CISOs today don’t quite fit that need. 

The post Metrics Every CISO Needs for Threat-Led Defense Success appeared first on Security Boulevard.

As organizations rush to deploy AI, enterprise defenses are struggling to keep up. This blog explores the emerging AI exposure gap — the widening divide between innovation and protection — and what security leaders can do to close it.

Key takeaways:

1. The AI exposure gap is widening as most organizations adopt AI faster than they can secure it, creating a gap between innovation and security.
    
2. Many organizations are aligning with frameworks like the EU AI Act and NIST AI RMF and adopting best practices, but few are translating those efforts into real protection — with only a small share encrypting AI data, testing AI systems, or enforcing identity controls.
    
3. Tenable’s latest Insight Brief, AI Adoption Outpaces Security: The AI Exposure Gap, explains how proactive defense and continuous visibility can help organizations secure AI pipelines and reduce exposure.

AI isn’t just reshaping how organizations innovate, it is rewriting the rules of risk.

As businesses rush to adopt AI tools and integrate them into operations, the pace of innovation has outstripped the pace of protection. The result? A growing AI exposure gap that’s leaving critical systems and data vulnerable.

AI’s rapid integration into everyday business tools like productivity apps, browsers, and cloud services creates invisible pathways for attack. As AI becomes embedded into enterprise ecosystems, these same connection points between systems, models, and data expand the attack surface, exposing new risks beyond the models themselves.

This blog takes a closer look at findings from Tenable’s new Insight Brief, AI Adoption Outpaces Security: The AI Exposure Gap, which builds on The State of Cloud and AI Security 2025 report, developed in collaboration with the Cloud Security Alliance (CSA). While the report mapped the broad landscape of cloud and AI security, this brief dives deeper into one urgent theme: the widening divide between AI innovation and enterprise readiness — and what security leaders can do about it.

Nearly nine in ten organizations (89%) have adopted AI in some form. More than half (55%) of organizations are running AI in production, and another 34% are in pilot phases. Yet, one in three (34%) have already suffered an AI-related breach.

Two of the three top causes of these breaches — exploited vulnerabilities (21%) and insider threats (18%) — are hardly unique to AI, a reminder of the importance of proactive exposure management and cybersecurity best practices.

Top Causes of AI Workload Breaches: Exploited Vulnerabilities and Security Flaws

Source: State of Cloud and AI Security 2025, commissioned by Tenable and developed in collaboration with the Cloud Security Alliance.

 

Each new AI model, dataset, and integration expands the attack surface, particularly across hybrid and multi-cloud environments where visibility is fragmented and risk assessments lag behind adoption. 

The lesson: AI exposure is now a measurable enterprise risk — amplified by weak identity controls and limited visibility across hybrid and multi-cloud environments.

Compliance ≠ security

Organizations are making meaningful progress by aligning with frameworks like the EU AI Act and NIST AI RMF. While 51% follow these frameworks, only 22% encrypt AI data and 26% conduct AI-specific security testing, such as red-teaming.

The result: Organizations may check the box on compliance while leaving critical data and AI pipelines vulnerable. Compliance and security often overlap, but they serve different goals.

Source: State of Cloud and AI Security 2025, commissioned by Tenable and developed in collaboration with the Cloud Security Alliance.

Other steps organizations are taking, beyond compliance, include adopting industry best practices, conducting regular audits of AI model integration protections, and implementing AI-specific identity and access controls, all of which play a role in reducing risk.

How to close the AI exposure gap

To bridge the gap between AI innovation and security, organizations should:

• Treat AI as a dynamic attack surface and continuously monitor for anomalous activity.
• Strengthen foundational controls like encryption, access management, and model integrity validation.
• Integrate AI exposures into unified, proactive risk management strategies across cloud and hybrid environments.

Security teams need unified visibility to manage this new layer of risk effectively, moving beyond compliance checklists to real-world resilience.

How Tenable can help

Tenable provides unified exposure management that brings together cloud, identity and AI risk insights into a single view. Tenable AI Exposure, available in the Tenable One Exposure Management Platform, gives you visibility into how your teams use AI platforms and where that usage could put your data, users, and defenses at risk. Together with Tenable AI Aware, which uncovers AI tools across your environment, Tenable now provides one of the first end-to-end solutions to both discover and secure AI platform usage as part of your exposure management program.

Learn more

• Download The State of Cloud and AI Security 2025
• View the Insight Brief: AI Adoption Outpaces Security: The AI Exposure Gap

The post How Rapid AI Adoption Is Creating an Exposure Gap appeared first on Security Boulevard.

If you’ve been in the security universe for the last few decades, you’ve heard of the OWASP Top Ten. It’s a list of 10 security problems that we move around every year and never really solve. Oh sure, there are a few things we’ve made less bad, but fundamentally the list shows how our use […]

The post Supply Chain Security made the OWASP Top Ten, this changes nothing appeared first on Anchore.

The post Supply Chain Security made the OWASP Top Ten, this changes nothing appeared first on Security Boulevard.

The Business of Secrets: Adventures in Selling Encryption Around the World by Fred Kinch (May 24, 2004)

From the vantage point of today, it’s surreal reading about the commercial cryptography business in the 1970s. Nobody knew anything. The manufacturers didn’t know whether the cryptography they sold was any good. The customers didn’t know whether the crypto they bought was any good. Everyone pretended to know, thought they knew, or knew better than to even try to know.

The Business of Secrets is the self-published memoirs of Fred Kinch. He was founder and vice president of—mostly sales—at a US cryptographic hardware company called Datotek, from company’s founding in 1969 until 1982. It’s mostly a disjointed collection of stories about the difficulties of selling to governments worldwide, along with descriptions of the highs and (mostly) lows of foreign airlines, foreign hotels, and foreign travel in general. But it’s also about encryption...

The post Book Review: The Business of Secrets appeared first on Security Boulevard.

Every teacher runs their classroom a little differently. Some thrive on structure, others on flexibility, and most land somewhere in between. These differences form what educators call classroom management styles. Understanding what your style is as a dedicated teacher can make every lesson feel smoother, calmer, and more effective for both you and your students. ...

The post Understanding Classroom Management Styles and How To Find the Right One for Your Students appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post Understanding Classroom Management Styles and How To Find the Right One for Your Students appeared first on Security Boulevard.

Over the past few years, API security has gone from a relatively niche concern to a headline issue. A slew of high-profile breaches and compliance mandates like PCI DSS 4.0 have woken security teams up to the reality that APIs are the front door to their data, infrastructure, and revenue streams. OWASP recently published its [...]

The post OWASP Top 10 Business Logic Abuse: What You Need to Know appeared first on Wallarm.

The post OWASP Top 10 Business Logic Abuse: What You Need to Know appeared first on Security Boulevard.

Since its original release in 2009, checksec has become widely used in the software security community, proving useful in CTF challenges, security posturing, and general binary analysis. The tool inspects executables to determine which exploit mitigations (e.g., ASLR, DEP, stack canaries, etc.) are enabled, rapidly gauging a program’s defensive hardening. This success inspired numerous spinoffs: a contemporary Go implementation, Trail of Bits’ Winchecksec for PE binaries, and various scripts targeting Apple’s Mach-O binary format. However, this created an unwieldy ecosystem where security professionals must juggle multiple tools, each with different interfaces, dependencies, and feature sets.

During my summer internship at Trail of Bits, I built Checksec Anywhere to consolidate this fragmented ecosystem into a consistent and accessible platform. Checksec Anywhere brings ELF, PE, and Mach-O analysis directly to your browser. It runs completely locally: no accounts, no uploads, no downloads. It is fast (analyzes thousands of binaries in seconds) and private, and lets you share results with a simple URL.

Using Checksec Anywhere

To use Checksec Anywhere, just drag and drop a file or folder directly into the browser. Results are instantly displayed with color-coded messages reflecting finding severity. All processing happens locally in your browser; at no point is data sent to Trail of Bits or anyone else.

Figure 1: Uploading 746 files from /usr/bin to Checksec Anywhere

Key features of Checksec Anywhere Multi-format analysis

Checksec Anywhere performs comprehensive binary analysis across ELF, PE, and Mach-O formats from a single interface, providing analysis tailored to each platform’s unique security mechanisms. This includes traditional checks like stack canaries and PIE for ELF binaries, GS cookies and Control Flow Guard for PE files, and ARC and code signing for Mach-O executables. For users familiar with the traditional checksec family of tools, Checksec Anywhere reports maintain consistency with prior reporting nomenclature.

Privacy-first

Unlike many browser-accessible tools that simply provide a web interface to server-side processing, Checksec Anywhere ensures that your binaries never leave your machine by performing all analysis directly in the browser. Report generation also happens locally, and shareable links do not reveal binary content.

Performance by design

From browser upload to complete security report, Checksec Anywhere is designed to rapidly process multiple files. Since Checksec Anywhere runs locally, the exact performance depends on your machine… but it’s fast. On a modern MacBook Pro it can analyze thousands of files in mere seconds.

Enhanced accessibility

Checksec Anywhere eliminates installation barriers by offering an entirely browser-based interface and features designed to provide accessibility:

• Shareable results: Generate static URLs for any report view, enabling secure collaboration without exposing binaries.

• SARIF export: Generate reports in SARIF format for integration with CI/CD pipelines and other security tools. These reports are also generated entirely on your local machine.

• Simple batch processing: Drag and drop entire directories for simple bulk analysis.

• Tabbed interface: Manage multiple analyses simultaneously with an intuitive UI.

  Figure 2: Tabbed interface for managing multiple analyses

Technical architecture

Checksec Anywhere leverages modern web technologies to deliver native-tool performance in the browser:

• Rust core: Checksec Anywhere is built on the checksec.rs foundation, using well-established crates like Goblin for binary parsing and iced_x86 for disassembly.
• WebAssembly bridge: The Rust code is compiled to Wasm using wasm-pack, exposing low-level functionality through a clean JavaScript API.
• Extensible design: Per-format processing architecture allows easy addition of new binary types and security checks.
• Advanced analysis: Checksec Anywhere performs disassembly to enable deeper introspection (like to detect stack protection in PE binaries).

See the open-source codebase to dig further into its architecture.

Future work

With an established infrastructure for cross-platform binary analysis and reporting, we can easily add new features and extensions. If you have pull requests, we’d love to review and merge them.

Additional formats

A current major blind spot is lack of support for mobile binary formats like Android APK and iOS IPA. Adding analysis for these formats would address the expanding mobile threat landscape. Similarly, specialized handling of firmware binaries and bootloaders would extend coverage to critical system-level components in mobile and embedded devices.

Additional security properties

Checksec Anywhere is designed to add new checks as researchers discover new attack methods. For example, recent research has uncovered multiple mechanisms by which compiler optimizations violate constant-time execution guarantees, prompting significant discussion within the compiler community (see this LLVM discourse thread, for example). As these issues are addressed, constant-time security checks can be integrated into Checksec Anywhere, providing immediate feedback on whether a given binary is resistant to timing attacks.

Try it out

Checksec Anywhere eliminates the overhead of managing format-specific security analysis tools while providing immediate access to comprehensive binary security reports. No installation, no dependencies, no compromises on privacy or performance. Visit checksec-anywhere.com and try it now!

I’d like to extend a special thank you to my mentors William Woodruff and Bradley Swain for their guidance and support throughout my summer here at Trail of Bits!

The post Building checksec without boundaries with Checksec Anywhere appeared first on Security Boulevard.

Fractional CISO services are essential for growing B2B companies to win enterprise customers and grow with confidence. In this article we look at what is fractional CISO, how it works and associated costs.

The post What is a Fractional CISO and How Can It Help European B2B Companies? appeared first on Security Boulevard.

With AI phishing attacks rising 1,760% and achieving a 60% success rate, learn how attackers use AI, deepfakes and automation — and discover proven, multi-layered defense strategies to protect your organization in 2025.

The post How AI-Generated Content is Fueling Next-Gen Phishing and BEC Attacks: Detection and Defense Strategies  appeared first on Security Boulevard.