vulnerability
How the pandemic has accelerated existing risk trends
COVID-19 has reorganized the risk landscape for chief audit executives (CAEs), as CAEs have listed IT governance as the top risk for 2021, according to Gartner. Analysts said …
Drupal-based sites open to attack via double extension files (CVE-2020-13671)
Admins of sites running on Drupal are urged to plug a critical security hole (CVE-2020-13671) that may be exploited by attackers to take over vulnerable sites. They have also …
Companies rely on crowdsourced security to boost security efforts
61% of organizations perform attack surface discovery to offset frequently changing assets in their attack surface and attack surface expansion, yet 40% of companies perform …
VMware patches serious vulnerabilities in ESXi hypervisor, SD-WAN Orchestrator
VMware has patched critical vulnerabilities affecting its ESXi enterprise-class hypervisor and has released a security update for its SD-WAN Orchestrator, plugging a handful …
Cisco Webex vulnerabilities may enable attackers to covertly join meetings
Cisco has fixed three bugs in its Cisco Webex video conferencing offering that may allow attackers to: Join Webex meetings without appearing in the participant list …
The effectiveness of vulnerability disclosure and exploit development
New research into what happens after a new software vulnerability is discovered provides an unprecedented window into the outcomes and effectiveness of responsible …
Manufacturing industry overwhelmed by innovative threat actors
TrapX Security and Enterprise Strategy Group (ESG) have released findings of a research that surveyed 150 cyber and IT professionals directly involved in security strategy, …
CISOs say a distributed workforce has critically increased security concerns
73% of security and IT executives are concerned about new vulnerabilities and risks introduced by the distributed workforce, Skybox Security reveals. The report also uncovered …
Critical vulnerabilities in Cisco Security Manager fixed, researcher discloses PoCs
Cisco has patched two vulnerabilities in its Cisco Security Manager solution, both of which could allow unauthenticated, remote attackers to gain access to sensitive …
Healthcare organizations are sitting ducks for attacks and breaches
Seventy-three percent of health system, hospital and physician organizations report their infrastructures are unprepared to respond to attacks. The survey results estimated …
Stop thinking of cybersecurity as a problem: Think of it as a game
COVID-19 changed the rules of the game virtually overnight. The news has covered the broader impacts of the pandemic, particularly the hit to our healthcare, the drops in our …
New side-channel attacks allow access to sensitive data on Intel CPUs
An international team of security researchers is presenting new side-channel attacks (CVE-2020-8694 and CVE-2020-8695), which use fluctuations in software power consumption to …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?