vulnerability
Researcher releases PoC code for critical Atlassian Crowd RCE flaw
A researcher has released proof-of-concept code for a critical code execution vulnerability (CVE-2019-11580) in Atlassian Crowd, a centralized identity management solution …
CVSS 3.1: Refined and updated for easier adoption by the security community
The Forum of Incident Response and Security Teams (FIRST) has published an update of its internationally recognized Common Vulnerability Scoring System (CVSS). CVSS is a …
Small and mid-sized organizations remain especially vulnerable to persistent compromises
Despite sophisticated prevention security tools, small to mid-sized organizations continue to be especially vulnerable to long lasting breaches due to their inability to …
Citrix plugs critical Citrix SD-WAN flaws, patch ASAP!
Researchers have found critical vulnerabilities in Citrix SD-WAN, one of the most widely used SD-WAN solutions out there, and are urging administrators to patch them as soon …
Vulnerable GE anesthesia machines can be manipulated by attackers
A vulnerability affecting several anesthesia and respiratory devices manufactured by General Electric (GE) Healthcare could allow attackers to manipulate the devices’ …
July 2019 Patch Tuesday: Microsoft plugs two actively exploited zero-days
For July 2019 Patch Tuesday, Microsoft has pushed out patches for 78 CVE-numbered vulnerabilities (15 of them critical) and Adobe for three, but none of them in its most …
Most SMB devices run Windows versions that are expired or will expire by January 2020
There is a steady increase in attacks and changes in attack methods that target weaknesses in encryption, workload configuration, limited visibility into vulnerabilities and …
Experts weigh in on salient issues around emerging threats and security tech
RSA Conference unveiled expert insights into salient issues around emerging threats and security technologies. Based on industry observations and interactions with partners …
Medtronic recalls vulnerable MiniMed insulin pumps
Medtronic, the world’s largest medical device company, has issued a recall of some of its insulin pumps because they can be tampered with by attackers. About the …
Cisco plugs critical security holes in Data Center Network Manager
Cisco has plugged four security holes in its Data Center Network Manager, two of which critical (have a 9.8 CVSS score). About Cisco Data Center Network Manager Cisco Data …
Why poor visibility is hampering cybersecurity
Enterprises are challenged with security basics, according to Panaseer’s first Security Leader’s Peer Report. Data from an external survey of 200 enterprise …
Dell fixes high-risk vulnerability in pre-installed SupportAssist software
Dell pushed out fixes for a high-risk vulnerability in its pre-installed SupportAssist software and urges users who don’t have auto updating enabled to upgrade the …