Home Tags Vulnerability Management

Tag: Vulnerability Management

Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. This practice generally refers to software vulnerabilities in computing systems.

Criminals Monetizing Attacks Against Unpatched WordPress Sites

Sites still vulnerable to a REST API endpoint flaw in WordPress are now being targeted by attackers trying to turn a profit.

Google Upspin Secure File-Sharing Released to Open Source

New file-sharing protocols and interfaces called Upspin have been released to open source.Built by Google, Upspin returns access control and data security to the...

Intermediate CA Caching Could Be Used to Fingerprint Firefox Users

The way Firefox caches intermediate CA certificates could allow for the fingerprinting of users and the leakage of browsing details, a researcher warns.

Data Stealing Malware TeamSpy Resurfaces in Spam Campaign

After a nearly four-year respite, the data-stealing TeamSpy malware has resurfaced in a spam campaign.

OpenSSL Update Fixes High-Severity DoS Vulnerability

US-CERT issues alert to server admins warning of a dangerous OpenSSL vulnerability and urges 1.1.0 users update to version 1.1.0e.

Google Discloses Unpatched Microsoft Vulnerability

Google Project Zero researchers are warning of an unpatched Microsoft vulnerability in the Windows' GDI library that allows attackers to steal sensitive data from...

Rook Security on Online Extortion

Mat Gangwer, CTO, and Tom Gorup, Security Operations Lead, at Rook Security talk to Mike Mimoso about the aggressive rise in online extortion and...

Windows Botnet Spreading Mirai Variant

A Windows-based botnet is spreading a Mirai variant that is also capable of spreading to Linux systems under certain conditions, Kaspersky Lab researchers said....

Squirrels, Not Hackers, Pose Biggest Threat to Electric Grid

According to Marcus Sachs, CSO with the North American Electric Reliability Corporation, doomsday fears of a cyberattack against the U.S. electric grid are overblown.

SMTP Strict Transport Security Coming Soon to Gmail, Other Webmail Providers

SMTP Strict Transport Security is coming to major webmail providers this year, a Google engineer said at RSA Conference

Divide Between Work, Personal Data on Android Breached

Researchers demonstrate how malicious apps can break into secure Android work containers on EMM managed phones.

Cris Thomas on Cyberwar Rhetoric

Cris Thomas of Tenable Networks, aka Space Rogue of the L0pht, talks to Mike Mimoso during RSA Conference about the rhetoric and hype surrounding...