Big,Data.,Business,And,Digital,Technologies.,Data,Flow,In,A

Articles by Topic:

Vulnerability Management (VM)

Volt Typhoon Chinese advanced persistent threat
How Volt Typhoon Infiltrated a Small US Power Grid
March 25, 2025
The threat group Volt Typhoon (also known as VOLTZITE) has been known to be active since 2021, representing an advanced persistent threat (APT) primarily to organizations in the United States. Alleged to be a Chinese…
Read More >
Broadcom VMware vulnerability
Exploited Zero-Day Vulnerabilities in VMware Products
March 17, 2025
Global tech leader Broadcom published a critical security advisory on March 4th, 2025, regarding three new zero-day vulnerabilities in VMware ESXi, Workstation, Fusion, and other products. With varying levels of severity, the vulnerabilities can enable…
Read More >
Salt Typhoon
Salt Typhoon Exploits Seven-Year-Old Flaw to Breach Major U.S. Telecoms
March 13, 2025
In late 2024, it was confirmed that a cyber espionage campaign perpetrated by a highly sophisticated Chinese-based threat actor infiltrated at least eight major telecommunications companies. The attacks gained access to Call Detail Records used…
Read More >
rsync vulnerabilities
Critical rsync Vulnerabilities Exposed: Over 660,000 Systems at Risk
February 12, 2025
On January 14, Google Cloud and other independent security researchers announced the discovery of six vulnerabilities in rsync, a widely used file synchronization tool. The most severe, CVE-2024-12084, is a buffer overflow flaw in the…
Read More >
VSPC Veeam vulnerabilities
Critical Flaws in Veeam Service Provider Console Demand Urgent Action
January 17, 2025
Veeam, a provider of data replication and protection software, released critical security patches to fix severe vulnerabilities affecting its Service Provider Console (VSPC). One of the vulnerabilities is rated as critical (9.9/10 on the CVSS…
Read More >
CISA CWE Top 25 vulnerabilities
Breaking Down the 2024 CWE Top 25: Addressing the Most Dangerous Software Weaknesses
January 10, 2025
A new year is a time for reflection. Looking at what happened in the prior year and setting goals for the future year. This applies to all activities, including software weaknesses. The Cybersecurity and Infrastructure…
Read More >
CVE-2014-2120 Cisco ASA vulnerability
Cisco ASA Vulnerability Resurfaces as Active Threat
January 07, 2025
A security vulnerability from ten years ago has recently been exploited in the wild again: CVE-2014-2120, first recognized in March 2014, is a vulnerability in Cisco Adaptive Security Appliance’s (ASA) WebVPN login page. In November…
Read More >
needrestart Ubuntu Linux
Decade-Old Vulnerabilities in Ubuntu's 'needrestart' Utility Exposed
December 29, 2024
“How did I not see that?” is the refrain when something new is discovered after the fifth watching of a movie. Software security vulnerability researchers also have those moments. For over a decade, five critical…
Read More >
security debt application security financial
Mounting Security Debt Is Putting Financial Services at Risk
November 22, 2024
Many financial institutions have a debt problem. Not a monetarily but a software security one. Veracode’s State of Software Security 2024 study reports that over three out of four (76%) financial organizations have security debt,…
Read More >
Mandiant exploitation time cybersecurity
Cybercriminals Shave Exploitation Times to Record Lows: Can Organizations Keep Pace?
November 06, 2024
The amount of time it takes for a vulnerability to be exploited after discovery, or time-to-exploit (TTE), is on the decline as cybercriminals are always honing their techniques and adapting their attacks for optimal efficiency…
Read More >
Featured Image For Cyber Teams Say They Can’t Keep Up With Attack Volumes.
Cyber Teams Say They Can’t Keep Up with Attack Volumes
October 01, 2024
Cybersecurity teams are struggling to keep up with the increasing volume of cyberattacks, according to a new report. Many teams feel overwhelmed by the sheer number of threats, which continue to grow in complexity and…
Read More >
Featured Image For Ahead Of Mandatory Rules, CISA Unveils New Cyber Incident Reporting Portal.
Ahead of Mandatory Rules, CISA Unveils New Cyber Incident Reporting Portal
August 29, 2024
Take a look at CISA's launch of a new cyber incident reporting portal ahead of mandatory rules for organizations. The portal aims to streamline the process of reporting cyber incidents, helping CISA to more effectively…
Read More >
Ai Generated 8362816 1280
Chinese Hackers Exploited Bug to Compromise Internet Companies, Cybersecurity Firm Says
August 28, 2024
Chinese hackers exploited a vulnerability to compromise several internet companies, according to a cybersecurity firm's report. The attack leveraged a previously unknown bug to infiltrate systems and potentially access sensitive data, raising concerns about the…
Read More >
Technology 8813211 1280
Research Reveals Security Professionals Believe That Non-IT Leaders Don’t Understand Vulnerability Management
July 16, 2024
New research from Ivanti reveals a concerning gap in understanding between IT security professionals and non-IT leaders, with 55% of security experts believing that leadership doesn't grasp the importance of vulnerability management. This disconnect poses…
Read More >
Subscribe for the Latest News
Webinars
The $5M Blind Spot: What Happens When You Can’t Tell Good Bots from Bad
Register Now
Defining Cyber Resilience with Francis Odum
Register Now
The New Era of Cyber Resilience: Mastering Autonomous M365 Recovery and Rubrik Agent Cloud
Register Now