vulnerability management
How new and old security threats keep persisting
Security leaders recognize that the pattern of buying new tech and the frantic state of find-fix vulnerability management is not working, according to Cymulate. Security …
Preparing for the NIS2 Directive
The EU’s NIS Directive (Directive on security of network and information systems) was established to create a higher level of cybersecurity and resilience within …
CVE count set to rise by 25% in 2024
The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 …
Does CVSS 4.0 solve the exploitability problem?
The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3 (released in 2015), as of November 2023 version 4.0 is …
The effect of omission bias on vulnerability management
Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has …
Creating a formula for effective vulnerability prioritization
In this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. Gorelik …
Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support
With its innovative feature for generating reliable Vulnerability Exploitability eXchange (VEX) documents, Kubescape became the first open-source project to provide this …
Organizations rethink cybersecurity investments to meet NIS Directive requirements
Despite a 25% increase of the cost of major cyber incidents in 2022 compared to 2021, the new report on cybersecurity investment from ENISA reveals a slight increase of 0,4% …
Mainframes are around to stay, it’s time to protect them
While many organizations run their core business applications on the mainframe, IT leaders lack confidence in the effectiveness of their mainframe security compliance, …
Vulnerability management metrics: How to measure success
Without the right metrics, vulnerability management is pretty pointless. If you’re not measuring, how do you know it’s working? So how do you know what to focus on? The list …
Scaling rapidly? Your application security strategies need to keep up
Modern application security strategies must support and enable modern software development, even as it rapidly scales, according to Mend.io. Just 52% of companies can …
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)
UPDATE (September 28, 2023, 03:15 a.m. ET): The CVE-2023-5129 ID has been either rejected or withdrawn by the CVE Numbering Authority (Google), since it’s a duplicate of …
Featured news
Sponsored
Don't miss
- Outsmarting cybercriminal innovation with strategies for enterprise resilience
- Lynis: Open-source security auditing tool
- Fujitsu finds malware on company systems, investigates possible data breach
- Nissan breach exposed data of 100,000 individuals
- 43 million workers potentially affected in France Travail data breach