vulnerability
Large vendor ecosystems and low visibility increase third-party cyber risk
80% of organizations experienced a cybersecurity breach that originated from vulnerabilities in their vendor ecosystem in the past 12 months, and the average organization had …
Only 44% of healthcare providers conform to protocols outlined by the NIST CSF
Only 44% of healthcare providers, including hospital and health systems, conformed to protocols outlined by the NIST CSF – with scores in some cases trending backwards …
CISA orders federal agencies to implement Zerologon fix by Monday
If you had any doubts about the criticality of the Zerologon vulnerability (CVE-2020-1472) affecting Windows Server, here is a confirmation: the US Cybersecurity and …
What’s causing uncertainty about election security?
Confidence levels in securing the election are low, and declining, according to an ISACA survey of more than 3,000 IT governance, risk, security and audit professionals in the …
Mobile messengers expose billions of users to privacy attacks
Popular mobile messengers expose personal data via discovery services that allow users to find contacts based on phone numbers from their address book, according to …
What are the most vulnerable departments and sectors to phishing attacks?
While cyber attackers chase down system vulnerabilities and valuable data each passing day, the business world has taken the measures against them. The latest trends and …
Are your domain controllers safe from Zerologon attacks?
CVE-2020-1472, a privilege elevation vulnerability in the Netlogon Remote Protocol (MS-NRPC) for which Microsoft released a patch in August, has just become a huge liability …
Vulnerabilities discovered in PAN-OS, which powers Palo Alto Networks’ firewalls
Palo Alto Networks remediated vulnerabilities in PAN-OS (operating systems version 8.1 or later). Attackers can use these vulnerabilities to gain access to sensitive data or …
Recommendations to enhance subscriber privacy in 5G
There are clear benefits of 5G SIM capabilities to protect the most prominent personal data involved in mobile communications, according to the Trusted Connectivity Alliance. …
Cisco patches critical, wormable RCE flaw in Cisco Jabber
Cisco has patched four vulnerabilities in its Jabber client for Windows, the most critical of which (CVE-2020-3495) could allow attackers to achieve remote code execution by …
Most security leaders feel their programs are mature, but data reveals otherwise
84% of security and IT leaders feel their enterprise programs are mature, but a deeper dive reveals a major disconnect between perception and reality, Vulcan Cyber reveals. …
Vulnerability reporting is returning to normal
Vulnerability reporting, still impacted by COVID-19, is beginning to return to normal, Risk Based Security reveals. Out of 11,121 vulnerabilities aggregated during the first …