vulnerability
End-to-end encrypted communication mitigates enterprise security risk and ensures compliance
It is a mathematical certainty that data is more protected by communication products that provide end-to-end encryption (E2EE). Yet, many CISOs are required to prioritize …
Quantum computers: How to prepare for this great threat to information security
The race is on to build the world’s first reliable and truly useful quantum computer, and the finish line is closer than you might think – we might even reach it this …
Git LFS vulnerability allows attackers to compromise targets’ Windows systems (CVE-2020-27955)
A critical vulnerability (CVE-2020-27955) in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, allows attackers to achieve remote code …
Google fixes two actively exploited Chrome zero-days (CVE-2020-16009, CVE-2020-16010)
For the third time in two weeks, Google has patched Chrome zero-day vulnerabilities that are being actively exploited in the wild: CVE-2020-16009 is present in the desktop …
Google discloses actively exploited Windows zero-day (CVE-2020-17087)
Google researchers have made public a Windows kernel zero day vulnerability (CVE-2020-17087) that is being exploited in the wild in tandem with a Google Chrome flaw …
Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)
A critical and easily exploitable remote code execution vulnerability (CVE-2020-14882) in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned. Oracle …
Most companies have high-risk vulnerabilities on their network perimeter
Positive Technologies performed instrumental scanning of the network perimeter of selected corporate information systems. A total of 3,514 hosts were scanned, including …
How important are vulnerability management investments for a cybersecurity posture?
Vulnerability management (VM) technology addresses the threat landscape, which is in a constant state of flux. The wider dispersal of endpoints across private and public cloud …
Organizations struggle to obtain quality threat data to guide key security decisions
Organizations are often forced to make critical security decisions based on threat data that is not accurate, relevant and fresh, a Neustar report reveals. Just 60% of …
Exploring the prolific threats influencing the cyber landscape
Some of the world’s most skilled nation-state cyber adversaries and notorious ransomware gangs are deploying an arsenal of new open-sourced tools, actively exploiting …
Safari, other mobile browsers affected by address bar spoofing flaws
Security researcher Rafay Baloch has discovered address bar spoofing vulnerabilities in several mobile browsers, which could allow attackers to trick users into sharing …
25 vulnerabilities exploited by Chinese state-sponsored hackers
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a list of 25 vulnerabilities Chinese state-sponsored hackers have been recently scanning for or …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?