vulnerability management

57% of vulnerabilities in 2020 were classified as critical or high severity
NIST logged more than 18,000 vulnerabilities in 2020, over 10,000 of which were critical or high severity – an all-time high. Redscan’s analysis looks beyond severity scores, …

Vulnerability management isn’t working for cloud security: Here’s how to do it right
Three things in life are seemingly guaranteed: death, taxes and high-profile cloud security breaches. But there is no reason why public cloud or hybrid cloud breaches must …

Transitioning from vulnerability management to vulnerability remediation
Like many people, I’m glad 2020 is almost over. I am, however, excited about 2021. Here are three trends I believe will impact how well (or not) companies will be able to …

Vulnerable TCP/IP stacks open millions of IoT and OT devices to attack
Forescout researchers have discovered 33 vulnerabilities affecting four open source TCP/IP (communications) stacks used in millions of connected devices worldwide. …

Companies rely on crowdsourced security to boost security efforts
61% of organizations perform attack surface discovery to offset frequently changing assets in their attack surface and attack surface expansion, yet 40% of companies perform …

November 2020 Patch Tuesday: Microsoft fixes actively exploited Windows Kernel flaw
On this November 2020 Patch Tuesday: Microsoft has plugged 112 security holes, including an actively exploited one Adobe has delivered security updates for Adobe Reader Mobile …

FTC orders Zoom to enhance security practices
Zoom Video Communications, the maker of the popular Zoom video conferencing solution, has agreed to settle allegations made by the US Federal Trade Commission (FTC) that it …

How important are vulnerability management investments for a cybersecurity posture?
Vulnerability management (VM) technology addresses the threat landscape, which is in a constant state of flux. The wider dispersal of endpoints across private and public cloud …

Critical infrastructure and industrial orgs can test Azure Defender for IoT for free
Azure Defender for IoT – Microsoft’s new security solution for discovering unmanaged IoT/OT assets and IoT/OT vulnerabilities – is now in public preview and …

Review: Practical Vulnerability Management: A Strategic Approach to Managing Cyber Risk
Andrew Magnusson started his information security career 20 years ago and he decided to offer the knowledge he accumulated through this book, to help the reader eliminate …

What are the most hack-resistant industries?
Government and financial service sectors globally are the most hack-resistant industries in 2020, according to Synack. Government and financial services scored 15 percent and …

September 2020 Patch Tuesday: Microsoft fixes over 110 CVEs again
On this September 2020 Patch Tuesday: Microsoft has plugged 129 security holes, including a critical RCE flaw that could be triggered by sending a specially crafted email to …