Please turn on your JavaScript for this page to function normally.

vulnerability management

Cybersecurity analysis exposes high-risk assets in power and healthcare sectors

Traditional approaches to vulnerability management result in a narrow focus of the enterprise attack surface area that overlooks a considerable amount of risk, according to …

Critical vulnerabilities take 4.5 months on average to remediate

Over a third of organizations had at least one known vulnerability in 2023, with nearly a quarter of those facing five or more, and 60% of vulnerabilities remained unaddressed …

CISA starts CVE “vulnrichment” program

The US Cybersecurity and Infrastructure Agency (CISA) has announced the creation of “Vulnrichment,” a new project that aims to fill the CVE enrichment gap created …

Regulators are coming for IoT device security

Cybersecurity is a relatively new challenge for many IoT device makers who have traditionally produced non-connected devices. These devices were less vulnerable to …

Why cloud vulnerabilities need CVEs

When considering vulnerability management’s purpose in a modern world, it’s imperative to recognize the huge transition to new technologies and how you manage risk …

Patch Tuesday
Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234)

On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn’t marked …

Ivanti vows to transform its security operating model, reveals new vulnerabilities

Ivanti has released patches for new DoS vulnerabilities affecting Ivanti Connect Secure (SSL VPN solution) and Ivanti Policy Secure (NAC solution), some of which could also …

NVD: NIST is working on longer-term solutions

The recent conspicuous faltering of the National Vulnerability Database (NVD) is “based on a variety of factors, including an increase in software and, therefore, …

NIST’s NVD has encountered a problem

Whether the cause is insurmountable technical debt, lack of funds, a third reason or all of them, NIST’s National Vulnerability Database (NVD) is struggling, and …

How new and old security threats keep persisting

Security leaders recognize that the pattern of buying new tech and the frantic state of find-fix vulnerability management is not working, according to Cymulate. Security …

Preparing for the NIS2 Directive

The EU’s NIS Directive (Directive on security of network and information systems) was established to create a higher level of cybersecurity and resilience within …

CVE count set to rise by 25% in 2024

The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 …

Don't miss

Cybersecurity news