vulnerability
57% of vulnerabilities in 2020 were classified as critical or high severity
NIST logged more than 18,000 vulnerabilities in 2020, over 10,000 of which were critical or high severity – an all-time high. Redscan’s analysis looks beyond severity scores, …
Cybersecurity risks connected to AI in autonomous vehicles
By removing the most common cause of traffic accidents – the human driver – autonomous vehicles are expected to reduce traffic accidents and fatalities. However, they may pose …
The cybersecurity issues of seismic monitoring devices
Seismic monitoring devices linked to the internet are vulnerable to cyberattacks that could disrupt data collection and processing, say researchers who have probed the devices …
Accellion to retire enterprise file-sharing product targeted in recent attacks
U.S.-based cloud solutions company Accellion will soon retire FTA, its legacy enterprise file-sharing solution, vulnerabilities in which have recently been exploited by …
mHealth apps consistently expose PII and PHI through APIs
All of the 30 popular mHealth apps that were tested are vulnerable to API attacks that can allow unauthorized access to full patient records including protected health …
2020 vulnerability disclosures on track to exceed those from 2019
2020 vulnerability disclosures are on track to exceed 2019 despite a sharp decrease of 19.2% observed earlier in the year, according to Risk Based Security. The team …
Vulnerabilities in widely used TCP/IP stacks open IoT, OT devices to attack
Forescout researchers have discovered nine vulnerabilities affecting nine different TCP/IP stacks widely used in IoT and OT devices. The vulnerabilities are due to weak …
When it comes to vulnerability triage, ditch CVSS and prioritize exploitability
When it comes to software security, one of the biggest challenges facing developers today is information overload. Thanks in part to the widespread proliferation and use of …
Number of ICS vulnerabilities disclosed in 2020 up significantly
Throughout the second half (2H) of 2020, 71% of industrial control system (ICS) vulnerabilities disclosed were remotely exploitable through network attack vectors, according …
Runtime data no longer has to be vulnerable data
Today, the security model utilized by nearly all organizations is so weak that the mere act of creating new data comes with the immutable assumption that such data will become …
NIST provides guidance to protect controlled unclassified information
Nations around the world are adding cyberwarfare to their arsenal, employing highly skilled teams to launch attacks against other countries. These adversaries are also called …
SolarWinds Orion exploited by another group of state-sponsored hackers
Another group of state-sponsored hackers has exploited the ubiquity of SolarWinds software to target US government agencies, Reuters reported on Tuesday. State-sponsored …
Featured news
Resources
Don't miss
- Security tooling pitfalls for small teams: Cost, complexity, and low ROI
- BloodHound 8.0 debuts with major upgrades in attack path management
- Back to basics webinar: The ecosystem of CIS Security best practices
- SonicWall firewalls targeted in ransomware attacks, possibly via zero-day
- AIBOMs are the new SBOMs: The missing link in AI risk management