vulnerability assessment

OWASP Nettacker: Open-source scanner for recon and vulnerability assessment
OWASP Nettacker is a free, open-source tool designed for network scanning, information gathering, and basic vulnerability assessment. Built and maintained by the OWASP …

NIST proposes new metric to gauge exploited vulnerabilities
NIST has introduced a new way to estimate which software vulnerabilities have likely been exploited, and it’s calling on the cybersecurity community to help improve and …

Critical vulnerabilities persist in high-risk sectors
Finance and insurance sectors found to have the highest number of critical vulnerabilities, according to Black Duck. Finance and insurance industry faces highest …

NIST is chipping away at NVD backlog
The National Institute of Standards and Technology (NIST) is clearing the backlog of unprocessed CVE-numbered vulnerabilities in the National Vulnerability Database (NVD), but …

Nuclei: Open-source vulnerability scanner
Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform …

OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware
Forescout has published a new report examining the current state of the software supply chain in OT/IoT routers. The study uncovered that OT and IoT cellular routers and those …

NIST says NVD will be back on track by September 2024
The National Institute of Standards and Technology (NIST) has awarded a contract for an unnamed company/organization to help them process incoming Common Vulnerabilities and …

CISA starts CVE “vulnrichment” program
The US Cybersecurity and Infrastructure Agency (CISA) has announced the creation of “Vulnrichment,” a new project that aims to fill the CVE enrichment gap created …

5 free vulnerability scanners you should check out
Vulnerability scanners delve into systems to uncover security gaps. The primary mission? To fortify organizations against breaches and shield sensitive data from exposure. …

Enterprises persist with outdated authentication strategies
Despite authentication being a cornerstone of cybersecurity, risk mitigation strategies remain outdated, according to new research from Enzoic. With the attack surface …

A closer look at the new TSA oil and gas pipeline regulations
The TSA has announced updates to its Security Directive (SD) to strengthen the operational resilience of oil and natural gas pipeline owners and operators against …

SCARF cipher sets new standards in protecting sensitive data
A group of international researchers has achieved a breakthrough in computer security by developing a new and efficient cipher for cache randomization. The cipher, designed by …
Featured news
Resources
Don't miss
- Windows 10: How to get security updates for free until 2026
- XBOW’s AI reached the top ranks on HackerOne, and now it has $75M to scale up
- Why the SOC needs its “Moneyball” moment
- From posture to prioritization: The shift toward unified runtime platforms
- Why should companies or organizations convert to FIDO security keys?