Vulnerability reporting is returning to normal
Vulnerability reporting, still impacted by COVID-19, is beginning to return to normal, Risk Based Security reveals. Out of 11,121 vulnerabilities aggregated during the first …
Most ICS vulnerabilities disclosed this year can be exploited remotely
More than 70% of ICS vulnerabilities disclosed in the first half of 2020 can be exploited remotely, highlighting the importance of protecting internet-facing ICS devices and …
2019 was a record year for OSS vulnerabilities
Total vulnerabilities in OSS more than doubled in 2019 from 421 Common Vulnerabilities and Exposures (CVEs) in 2018 to 968 last year, according to a RiskSense report. Top 10 …
Despite lower number of vulnerability disclosures, security teams have their work cut out for them
The number of vulnerabilities disclosed in Q1 2020 has decreased by 19.8% compared to Q1 2019, making this likely the only true dip observed within the last 10 years, Risk …
How secure are open source libraries?
Seven in 10 applications have a security flaw in an open source library, highlighting how use of open source can introduce flaws, increase risk, and add to security debt, a …
2020 cybersecurity risks: Insecure security tools, supply chains, abandonware
Considerable time and money are invested into looking for dangerous vulnerabilities in the most commonly used elements of IT infrastructure. Popular operating systems, …
For timely vulnerability information, unofficial sources are a better bet
From over 12,500 disclosed Common Vulnerabilities and Exposures (CVEs), more than 75% were publicly reported online before they were published to the NIST’s centralized …
MITRE offers temporary solution to the CVE assignment problem
MITRE’s short-term solution to the problem of slow CVE assignment is to set up an experimental system for issuing federated CVE IDs using a new format. “(…) …
Infosec pros point at problem with CVE system, offer alternative
For the last 17 years, the American not-for-profit MITRE Corporation has been editing and maintaining the list of Common Vulnerabilities and Exposures (CVEs). Researchers who …