CISA launches US federal vulnerability disclosure platform
Bug hunters who want to help the US federal government secure their online assets can now source all the relevant information from a vulnerability disclosure policy (VDP) …
vulnerability disclosure
5G network slicing vulnerability leaves enterprises exposed to cyberattacks
AdaptiveMobile Security today publicly disclosed details of a major security flaw in the architecture of 5G network slicing and virtualized network functions. The fundamental …
2020 vulnerability disclosures on track to exceed those from 2019
2020 vulnerability disclosures are on track to exceed 2019 despite a sharp decrease of 19.2% observed earlier in the year, according to Risk Based Security. The team …
2020 to reach vulnerability disclosure levels similar to those in 2019
The number of vulnerability disclosures is back on track to reach or bypass 2019 as we head into 2021, according to Risk Based Security. The team aggregated 17,129 …
D-Link routers vulnerable to remotely exploitable root command injection flaw
The Digital Defense Vulnerability Research Team uncovered a previously undisclosed vulnerability affecting D-Link VPN routers. D-Link DSR-150, DSR-250, DSR-500 and DSR-1000AC …
Open source vulnerabilities go undetected for over four years
For its annual State of the Octoverse report, GitHub has analyzed over 45,000 active code directories to provide insight into open source security (vulnerabilities) and …
The effectiveness of vulnerability disclosure and exploit development
New research into what happens after a new software vulnerability is discovered provides an unprecedented window into the outcomes and effectiveness of responsible …
Google discloses actively exploited Windows zero-day (CVE-2020-17087)
Google researchers have made public a Windows kernel zero day vulnerability (CVE-2020-17087) that is being exploited in the wild in tandem with a Google Chrome flaw …
Vulnerability reporting is returning to normal
Vulnerability reporting, still impacted by COVID-19, is beginning to return to normal, Risk Based Security reveals. Out of 11,121 vulnerabilities aggregated during the first …
Most ICS vulnerabilities disclosed this year can be exploited remotely
More than 70% of ICS vulnerabilities disclosed in the first half of 2020 can be exploited remotely, highlighting the importance of protecting internet-facing ICS devices and …
2019 was a record year for OSS vulnerabilities
Total vulnerabilities in OSS more than doubled in 2019 from 421 Common Vulnerabilities and Exposures (CVEs) in 2018 to 968 last year, according to a RiskSense report. Top 10 …
Despite lower number of vulnerability disclosures, security teams have their work cut out for them
The number of vulnerabilities disclosed in Q1 2020 has decreased by 19.8% compared to Q1 2019, making this likely the only true dip observed within the last 10 years, Risk …
