vulnerability
How secure are open source libraries?
Seven in 10 applications have a security flaw in an open source library, highlighting how use of open source can introduce flaws, increase risk, and add to security debt, a …
Vulnerability in Qmail mail transport agent allows RCE
Qualys researchers have found a way to exploit an previously known (and very old) vulnerability in Qmail, a secure mail transport agent, to achieve both remote code execution …
With the threat landscape continuously changing, businesses must be ready for anything
Despite efforts by organizations to layer up their cyber defenses, the threat landscape is changing, attackers are innovating and automating their attacks, NTT reveals. The …
Businesses vulnerable to emerging risks have a gap in their insurance coverage
The majority of business decision makers are insured against traditional cyber risks, such as breaches of personal information, but most were vulnerable to emerging risks, …
Fear the PrintDemon? Upgrade Windows to patch easily exploited flaw
Among the vulnerabilities patched by Microsoft on May 2020 Patch Tuesday is CVE-2020-1048, a “lowly” privilege escalation vulnerability in the Windows Print …
Eye-opening statistics about open source security, license compliance, and code quality risk
99% of commercial codebases contain at least one open source component, with open source comprising 70% of the code overall, according to Synopsys. Open source components and …
Have you patched these top 10 routinely exploited vulnerabilities?
The US Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations to patch a slew of old and new software vulnerabilities that are routinely exploited by …
May 2020 Patch Tuesday: Microsoft fixes 111 flaws, Adobe 36
For the May 2020 Patch Tuesday, Microsoft has fixed 111 CVE-numbered flaws and Adobe 36, but none are under active attack. Microsoft’s updates For the third time in the …
vBulletin fixes critical vulnerability, patch immediately!
If you’re using vBulletin to power your online forum(s), you should implement the newest security patches offered by the developers as soon as possible. The patches fix …
Have you updated SaltStack Salt? Attacks are underway!
Have you updated your SaltStack Salt “masters” and made them inaccessible over the internet – or at least restricted access to them? Even though F-Secure …
GitHub Code Scanning aims to prevent vulnerabilities in open source software
GitHub has made available two new security features for open and private repositories: code scanning (as a GitHub-native experience) and secret scanning (both still in beta). …
Software vulnerabilities sometimes first announced on social media
Software vulnerabilities are more likely to be discussed on social media before they’re revealed on a government reporting site, a practice that could pose a national …