vulnerability
Mapping ATT&CK techniques to CVEs should make risk assessment easier
Vulnerability reporters should start using MITRE ATT&CK technique references to describe what the attacker is trying to achieve by exploiting a given CVE-numbered …
Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …
Financial services need to prioritize API security to protect their customers
Noname Security and Alissa Knight, Partner at Knight Ink and recovering hacker, announced a research which unveils a number of vulnerabilities in the banking, cryptocurrency …
API attacks are both underdetected and underreported
Akamai released a research into the evolving threat landscape for application programming interfaces (APIs), which according to Gartner will be the most frequent online attack …
Organizations making security trade-offs in the push to innovate
The vast majority of organizations are increasing their investment in application security this year, but they continue to struggle to fully embrace secure innovation. A …
Increased risk tolerances are making digital transformation programs vulnerable
Digital transformation programs could be vulnerable to cyber attacks due to increased risk tolerances and ongoing cybersecurity challenges, according to a global research of …
Siloed security data hamper the ability to achieve collective defense
Cyware revealed a research detailing the challenges affecting modern security operations teams and the negative business impact of siloed security operations. According to the …
Organizations losing business due to connected product security concerns
59% of executives with cybersecurity decision-making responsibility at large and mid-sized companies say that their organizations have lost business due to product security …
Storage systems vulnerabilities: Act now to avoid disasters
Continuity issued a research report which provided an analysis of the vulnerabilities and misconfigurations of enterprise storage systems. The findings revealed that storage …
Worldwide supply chains vulnerable as businesses lack visibility into suppliers
BlueVoyant released the findings of its second annual global survey into third-party cyber risk management. The study reveals that 97% of firms surveyed have been negatively …
Apache OpenOffice users should upgrade to newest security release!
The Apache Software Foundation (ASF) has released Apache OpenOffice 4.1.11, which fixes a handful of security vulnerabilities, including CVE-2021-33035, a recently revealed …
AWS ransomware attacks: Not a question of if, but when
Ermetic announced the results of a study about the security posture of AWS environments and their vulnerability to ransomware attacks. In virtually all of the participating …
Featured news
Resources
Don't miss
- Cyber valuations climb as capital concentrates, AI security expands
- Microsoft adds domain libraries and Copilot integration to the quantum development kit
- Airline brands become launchpads for phishing, crypto fraud
- Self-spreading npm malware targets developers in new supply chain attack
- Microsoft extends security patching for three Windows products at a price