The most common exploit paths enterprises leave open for attackers
Exposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takover, exposed Amazon S3 buckets, and Microsoft Exchange Server …
patching
Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)
On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and …
Windows Autopatch: Managed enterprise patching for Windows and Office
While IT administrators are mentally preparing themselves for yet another Patch Tuesday, Microsoft has announced Windows Autopatch: a new service that aims make the second …
Log4Shell exploitation: Which applications may be targeted next?
Spring4Shell (CVE-2022-22965) has dominated the information security news these last six days, but Log4Shell (CVE-2021-44228) continues to demand attention and action from …
Organizations taking nearly two months to remediate critical risk vulnerabilities
Edgescan announces the findings of a report which offers a comprehensive view of the state of vulnerability management globally. This year’s report takes a more granular …
The most common cyber gaps threatening supply chain security
Panorays has identified the top five most common cyber gaps among third-party organizations over 2021. Analyzing data gathered from cyber posture evaluations of tens of …
Exposed records exceeded 40 billion in 2021
According to a research by Tenable, at least 40,417,167,937 records were exposed worldwide in 2021, calculated by the analysis of 1,825 breach data incidents publicly …
Patching takes 2.5 times longer when endpoints are remote
Action1 released a report based on the feedback from 491 IT professionals worldwide. The study explores how organizations patch and manage their remote and office-based …
Vulnerabilities associated with ransomware increased 4.5% in Q3 2021
Ransomware groups are continuing to grow in sophistication, boldness, and volume, with numbers up across the board since Q2 2021, a report by Ivanti, Cyber Security Works and …
Software development: Why security and constant vigilance are everyone’s responsibilities
An report from May 2021 has found that 81% of developers admit to knowingly releasing vulnerable apps, and 76% experienced pressure to sacrifice mobile security for …
Patch management complexity increased by remote work is putting organizations at risk
71% of IT and security professionals found patching to be overly complex, cumbersome, and time consuming, an Ivanti survey reveals. In fact, 57% of respondents stated that …
The complexities of vulnerability remediation and proactive patching
In this interview with Help Net Security, Eran Livne, Director, Product Management, Endpoint Remediation at Qualys, discusses vulnerability remediation complexity, the …