vulnerability
The benefits of implementing continuous security in the development lifecycle
Wabbi published new research with IDG that finds companies utilizing continuous security have decreased vulnerabilities by 50%. The study focused on the integration of …
Attackers are exploiting recently patched RCE in Sophos Firewall (CVE-2022-1040)
A critical vulnerability (CVE-2022-1040) in Sophos Firewall is being exploited in the wild to target “a small set of specific organizations primarily in the South Asia …
The security gaps that can be exposed by cybersecurity asset management
Cybersecurity asset management does not come with the excitement following the metaverse, blockchain, or smokescreen detection technologies, but it is essential for the …
Subdomain takeover attacks on the rise and harder to monitor
A research from Detectify found that subdomain takeovers are on the rise but are also getting harder to monitor as domains now seem to have more vulnerabilities in them. In …
Three steps to secure an organization during mergers and acquisitions
Since 2000, there have been over 790,000 merger and acquisition (M&A) transactions announced globally, consisting of a value over 57 trillion dollars. While these …
Veeam fixes critical RCEs in backup solution (CVE-2022-26500, CVE-2022-26501)
Veeam Software has patched two critical vulnerabilities (CVE-2022-26500, CVE-2022-26501) affecting its popular Veeam Backup & Replication solution, which could be …
The massive impact of vulnerabilities in critical infrastructure
In this interview with Help Net Security, Michael Johnson, Board of Directors at Safe Security, talks about the importance of critical infrastructure security, why attacks on …
The importance of building in security during software development
Checkmarx released the UK findings of its report which found that 45% of organizations have suffered at least two security breaches as a direct result of a vulnerable …
Organizations taking nearly two months to remediate critical risk vulnerabilities
Edgescan announces the findings of a report which offers a comprehensive view of the state of vulnerability management globally. This year’s report takes a more granular …
Widely used UPS devices can be hijacked and destroyed remotely
Three vulnerabilities in ubiquitous APC Smart-UPS (uninterruptible power supply) devices could allow remote attackers to use them as an attack vector, disable or completely …
Easily exploitable Linux bug gives root access to attackers (CVE-2022-0847)
An easily exploitable vulnerability (CVE-2022-0847) in the Linux kernel can be used by local unprivileged users to gain root privileges on vulnerable systems by taking …
Security leaders want legal action for failing to patch for Log4j
The recently identified vulnerability in the Log4j Java logging package has created headaches for security professionals around the world. 61% of organizations responding to …