vulnerability
Subdomain takeover attacks on the rise and harder to monitor
A research from Detectify found that subdomain takeovers are on the rise but are also getting harder to monitor as domains now seem to have more vulnerabilities in them. In …
Three steps to secure an organization during mergers and acquisitions
Since 2000, there have been over 790,000 merger and acquisition (M&A) transactions announced globally, consisting of a value over 57 trillion dollars. While these …
Veeam fixes critical RCEs in backup solution (CVE-2022-26500, CVE-2022-26501)
Veeam Software has patched two critical vulnerabilities (CVE-2022-26500, CVE-2022-26501) affecting its popular Veeam Backup & Replication solution, which could be …
The massive impact of vulnerabilities in critical infrastructure
In this interview with Help Net Security, Michael Johnson, Board of Directors at Safe Security, talks about the importance of critical infrastructure security, why attacks on …
The importance of building in security during software development
Checkmarx released the UK findings of its report which found that 45% of organizations have suffered at least two security breaches as a direct result of a vulnerable …
Organizations taking nearly two months to remediate critical risk vulnerabilities
Edgescan announces the findings of a report which offers a comprehensive view of the state of vulnerability management globally. This year’s report takes a more granular …
Widely used UPS devices can be hijacked and destroyed remotely
Three vulnerabilities in ubiquitous APC Smart-UPS (uninterruptible power supply) devices could allow remote attackers to use them as an attack vector, disable or completely …
Easily exploitable Linux bug gives root access to attackers (CVE-2022-0847)
An easily exploitable vulnerability (CVE-2022-0847) in the Linux kernel can be used by local unprivileged users to gain root privileges on vulnerable systems by taking …
Security leaders want legal action for failing to patch for Log4j
The recently identified vulnerability in the Log4j Java logging package has created headaches for security professionals around the world. 61% of organizations responding to …
How much do different generations trust their mobile devices’ security?
McAfee unveiled two survey reports which reveal the level of disconnect that exists between generations over how safe mobile devices are and how vulnerable consumers are to …
How Log4Shell remediation interfered with organizations’ cybersecurity readiness
(ISC)² published the results of an online poll examining the Log4j vulnerability and the human impact of the efforts to remediate it. Cybersecurity professionals from around …
Ransomware wreaked havoc last year, manufacturing was most targeted
IBM Security released its annual X-Force Threat Intelligence Index unveiling how ransomware and vulnerability exploitations together were able to “imprison” businesses in 2021 …