SolarWinds breach severity perception increasing over time
(ISC)² has published the results of an online survey of 303 cybersecurity professionals from around the globe in which respondents compared their perception of the severity of …
March 2021 Patch Tuesday forecast: Off to an early start
Microsoft got an early start on Patch Tuesday, releasing a series of out-of-band security updates this week to address four zero-day vulnerabilities in Exchange Server. …
Security starts with architecture
The battle against hackers and threats is an arms race against highly motivated opponents, and with the number of attacks and threats continually growing, it’s …
57% of vulnerabilities in 2020 were classified as critical or high severity
NIST logged more than 18,000 vulnerabilities in 2020, over 10,000 of which were critical or high severity – an all-time high. Redscan’s analysis looks beyond severity scores, …
Apple fixes three actively exploited iOS zero-days
Apple has release a new batch of security updates and has fixed three iOS zero-days that “may have been actively exploited” by attackers. The three zero-days Two …
Cisco re-patches wormable Jabber RCE flaw
In September 2020, Cisco patched four Jabber vulnerabilities (including one wormable RCE flaw), but as it turns out, three of four have not been sufficiently mitigated. The …
December 2020 Patch Tuesday forecast: Always consider the risk
The final Patch Tuesday of the year is upon us and what a year it has been. Forcing many changes this year, the pandemic has impacted the way we conduct both security and IT …
The effectiveness of vulnerability disclosure and exploit development
New research into what happens after a new software vulnerability is discovered provides an unprecedented window into the outcomes and effectiveness of responsible …
Critical flaw gives attackers control of vulnerable SAP business applications
SAP has issued patches to fix a critical vulnerability (CVE-2020-6287) that can lead to total compromise of vulnerable SAP installations by a remote, unauthenticated attacker. …
July 2020 Patch Tuesday forecast: Will the CVE trend continue?
Microsoft has averaged roughly 90 common vulnerabilities and exposures (CVE) fixes per month over the past five months. With everyone working from home and apparently focused …
June 2020 Patch Tuesday: Microsoft fixes record monthly number of CVEs
On this June 2020 Patch Tuesday, Microsoft has plugged 11 critical and 118 high-severity security holes, while Adobe has delivered security updates for Flash, Framemaker and …
Have you patched these top 10 routinely exploited vulnerabilities?
The US Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations to patch a slew of old and new software vulnerabilities that are routinely exploited by …
