Home Tags Vulnerability Management

Tag: Vulnerability Management

Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. This practice generally refers to software vulnerabilities in computing systems.

Synaptics said reports that hundreds of HP laptops contained a secret keylogger that traced back to debugger software made by the company are inaccurate.
A permissions flaw in Microsoft’s Azure AD Connect software could allow a rogue admin to escalate account privileges and gain unauthorized universal access within a company’s internal network. 
New research shows how an old vulnerability called ROBOT can be exploited using an adaptive chosen-ciphertext attack to reveal the plaintext for a given TLS session.
Microsoft patched 34 vulnerabilities in all on Tuesday with most of the bugs impacting Microsoft Edge, Microsoft Office and Microsoft’s Scripting Engine.
On December 12, 2017, a research paper with the title Return of Bleichenbacher's Oracle Threat was made publicly available.

This paper describes how some Transport Layer Security (TLS) stacks are vulnerable to variations of the classic Bleichenbac...
A ransomware campaign targeting the Balkans comes with a 96-hour deadline and includes a link to a video that assures victims payments can be made easily.
Researchers are warning of a default-configuration vulnerability in the enterprise-class keyless entry products made by AMAG Technology.
HP released an update that fixes debugger code that could allow an attacker to use a Synaptics Touchpad driver as a keylogger.
An Android vulnerability called Janus allows attackers to inject malicious code into signed Android apps.
Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers.
Using a free tool called Spinner, researchers identified certificate pinning vulnerabilities in mobile banking apps that left customers vulnerable to man-in-the-middle attacks.
As part of its December Android and Pixel/Nexus security updates, Google has issued patches addressing a bevy of flaws, 11 of which are rated critical.