scanning Archives - Help Net Security

scanning

When it comes to vulnerability triage, ditch CVSS and prioritize exploitability

February 10, 2021

When it comes to software security, one of the biggest challenges facing developers today is information overload. Thanks in part to the widespread proliferation and use of …

Vulnerability management isn’t working for cloud security: Here’s how to do it right

January 18, 2021

Three things in life are seemingly guaranteed: death, taxes and high-profile cloud security breaches. But there is no reason why public cloud or hybrid cloud breaches must …

Addressing the lack of knowledge around pen testing

January 12, 2021

The vast majority of attackers are opportunist criminals looking for easy targets to maximize their profits. If defenses are sufficiently fortified, finding a way through will …

Most companies have high-risk vulnerabilities on their network perimeter

October 29, 2020

Positive Technologies performed instrumental scanning of the network perimeter of selected corporate information systems. A total of 3,514 hosts were scanned, including …

Theory and practice of web application security efforts in organizations worldwide

October 15, 2020

75% of executives believe their organization scans all web applications for security vulnerabilities, while nearly 50% of security staff say they don’t, a Netsparker …

GitHub envisions a world with fewer software vulnerabilities

October 13, 2020

After five months in beta, the GitHub Code Scanning security feature has been made generally available to all users: for free for public repositories, as a paid option for …

Nmap 7.90 released: New fingerprints, NSE scripts, and Npcap 1.0.0

October 5, 2020

Over a year has passed since Nmap had last been updated, but this weekend Gordon “Fyodor” Lyon announced Nmap 7.90. About Nmap Nmap is a widely used free and …

Google offers high-risk Chrome users additional scanning of risky files

September 18, 2020

Google is providing a new “risky files” scanning feature to Chrome users enrolled in its Advanced Protection Program (APP). About the Advanced Protection Program …

Study of global hackers and the economics of security research

June 25, 2020

Human ingenuity supported by actionable intelligence were found to be critical ingredients to maintaining a resilient infrastructure, Bugcrowd reveals. In fact, 78% of hackers …

UPnP vulnerability lets attackers steal data, scan internal networks

June 9, 2020

A vulnerability (CVE-2020-12695) in Universal Plug and Play (UPnP), which is implemented in billions of networked and IoT devices – personal computers, printers, mobile …

Healthcare industry at greatest risk of data breach

February 26, 2020

The healthcare industry has significantly more exposed attack surfaces than any other industry surveyed, according to Censys’s research findings of cloud risks and cloud …

IoC Scanner shows if Citrix appliances have been compromised via CVE-2019-19781

January 23, 2020

Citrix and FireEye have teamed up to provide sysadmins with an IoC scanner that shows whether a Citrix ADC, Gateway or SD-WAN WANOP appliance has been compromised via …

scanning

When it comes to vulnerability triage, ditch CVSS and prioritize exploitability

Vulnerability management isn’t working for cloud security: Here’s how to do it right

Addressing the lack of knowledge around pen testing

Most companies have high-risk vulnerabilities on their network perimeter

Theory and practice of web application security efforts in organizations worldwide

GitHub envisions a world with fewer software vulnerabilities

Nmap 7.90 released: New fingerprints, NSE scripts, and Npcap 1.0.0

Google offers high-risk Chrome users additional scanning of risky files

Study of global hackers and the economics of security research

UPnP vulnerability lets attackers steal data, scan internal networks

Healthcare industry at greatest risk of data breach

IoC Scanner shows if Citrix appliances have been compromised via CVE-2019-19781

Don't miss

Why enterprises need rugged devices with integrated endpoint management systems

Five factors driving investment in IDV

CNAME-based tracking increasingly used to bypass browsers’ anti-tracking defenses

2021 will be the year of hybrid working: How can CTOs keep staff secure and productive?

Third-party risk management programs still largely a checkbox exercise