Please turn on your JavaScript for this page to function normally.
patching
Enhancing security through proactive patch management

Despite its importance, patching can be challenging for organizations due to factors such as the sheer volume of patches released by software vendors, compatibility issues …

CVE
CVE count set to rise by 25% in 2024

The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 …

software
Unlocking sustainable security practices with secure coding education

Despite stringent regulations and calls for ‘security by design’, organizations are still failing to equip teams with the knowledge to secure code, according to Security …

vulnerability
The effect of omission bias on vulnerability management

Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has …

patch tuesday
November 2023 Patch Tuesday forecast: Year 21 begins

The October forecast for large numbers of CVEs addressed in Windows 10 and 11 and the recent record on the number fixed in Windows Server 2012 was spot on! Microsoft addressed …

Kubernetes
Organizations lack the skills and headcount to manage Kubernetes

The Kubernetes industry is undergoing rapid change and evolution due to the growth of edge computing, the acceleration of AI, and the pressing need to modernize Kubernetes …

patch
Why legacy system patching can’t wait

The persistent neglect of patching legacy systems is plaguing critical infrastructure and industries. The consequences of such neglect can be damaging to organizations, …

Curl
Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545)

Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older …

Curl
Be prepared to patch high-severity vulnerability in curl and libcurl

UPDATE (October 11, 2023, 07:15 a.m. ET): Curl v8.4.0 is out and fixes both CVE-2023-38545, a SOCKS5 heap buffer overflow vulnerability and CVE-2023-38546, a cookie injection …

danger
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

UPDATE (September 28, 2023, 03:15 a.m. ET): The CVE-2023-5129 ID has been either rejected or withdrawn by the CVE Numbering Authority (Google), since it’s a duplicate of …

BYOD
Baseline standards for BYOD access requirements

49% of enterprises across Europe currently have no formal Bring-Your-Own-Device (BYOD) policy in place, meaning they have no visibility into or control over if and how …

vulnerabilities
Old vulnerabilities are still a big problem

A recently flagged phishing campaign aimed at delivering the Agent Tesla RAT to unsuspecting users takes advantage of old vulnerabilities in Microsoft Office that allow remote …

Don't miss

Cybersecurity news