Please turn on your JavaScript for this page to function normally.

vulnerability disclosure

Securities and Exchange Commission
A closer look at the SEC Cybersecurity Disclosure rule

In this Help Net Security video, James Turgal, VP of Cyber Risk, Strategy and Board Relations at Optiv, discusses the proposed new SEC Cybersecurity Disclosure rule. The …

Zyxel
Critical flaw in Zyxel firewalls grants access to corporate networks (CVE-2022-30525)

A critical vulnerability (CVE-2022-30525) affecting several models of Zyxel firewalls has been publicly revealed, along with a Metasploit module that exploits it. Discovered …

CVE
How to avoid headaches when publishing a CVE

You have discovered a vulnerability. Congratulations! So, what happens next? Finding a CVE (Common Vulnerabilities and Exposures) is the first step in a process which starts …

snake, threat
Strengthening the ability of public companies to combat cybersecurity threats

The National Association of Corporate Directors (NACD), SecurityScorecard and the Cyber Threat Alliance released a report that examines the U.S. Securities and Exchange …

lock
The state of coordinated vulnerability disclosure policies in EU

The European Union Agency for Cybersecurity (ENISA) publishes a map of national coordinated vulnerability disclosure (CVD) policies in the EU Member States and makes …

industry
ICS vulnerability disclosures surge 110% over the last four years

Industrial control system (ICS) vulnerability disclosures grew a staggering 110% over the last four years, with a 25% increase in the second half (2H) of 2021 compared to the …

hole
28,695 vulnerabilities were disclosed in 2021 – the highest number on record

A total of 28,695 vulnerabilities were disclosed in 2021, according to a report from Risk Based Security. That total is the highest number on record, and it puts the amount of …

Log4j
The Log4j debacle showed again that public disclosure of 0-days only helps attackers

On December 9, 2021, a (now deleted) tweet linking to a 0-day proof of concept (PoC) exploit (also now deleted) for the Log4Shell vulnerability on GitHub set the internet on …

CISA
CISA launches US federal vulnerability disclosure platform

Bug hunters who want to help the US federal government secure their online assets can now source all the relevant information from a vulnerability disclosure policy (VDP) …

5G
5G network slicing vulnerability leaves enterprises exposed to cyberattacks

AdaptiveMobile Security today publicly disclosed details of a major security flaw in the architecture of 5G network slicing and virtualized network functions. The fundamental …

Hand
2020 vulnerability disclosures on track to exceed those from 2019

2020 vulnerability disclosures are on track to exceed 2019 despite a sharp decrease of 19.2% observed earlier in the year, according to Risk Based Security. The team …

shark
2020 to reach vulnerability disclosure levels similar to those in 2019

The number of vulnerability disclosures is back on track to reach or bypass 2019 as we head into 2021, according to Risk Based Security. The team aggregated 17,129 …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools