Common Vulnerabilities and Exposures – Page 2

CISA or CVSS: How Today’s Vulnerability Databases Work Together

Posted on August 22, 2022 by Mark Stone

In the cybersecurity field, large databases of known threats and vulnerabilities have often been an essential resource. These catalogs show you where to focus your efforts. They’re also a good tool for prioritizing patches to increase security and mitigate the risk of disaster. As a result, these databases need to be reliable and up-to-date and […]

The post CISA or CVSS: How Today’s Vulnerability Databases Work Together appeared first on Security Intelligence.

Continue reading CISA or CVSS: How Today’s Vulnerability Databases Work Together→

X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021

Posted on May 5, 2022 by Austin Zeizel

From 2020 to 2021, there was a 33% increase in the number of reported incidents caused by vulnerability exploitation, according to the 2022 X-Force Threat Intelligence Index. A large percentage of these exploited vulnerabilities were newly discovered; in fact, four out of the top five vulnerabilities in 2021 were newer vulnerabilities. Vulnerability exploitation was the […]

The post X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021 appeared first on Security Intelligence.

Continue reading X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021→

X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021

Posted on May 5, 2022 by Austin Zeizel

The post X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021 appeared first on Security Intelligence.

Continue reading X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021→

IOCs vs. IOAs — How to Effectively Leverage Indicators

Posted on March 16, 2022 by Shawn Hedrick

Cybersecurity teams are consistently tasked to identify cybersecurity attacks, adversarial behavior, advanced persistent threats and the dreaded zero-day vulnerability. Through this endeavor, there is a common struggle for cybersecurity practitioners and operational teams to appropriately leverage indicators of compromise (IOCs) and indicators of attack (IOAs) for an effective monitoring, detection and response strategy. Inexperienced security […]

The post IOCs vs. IOAs — How to Effectively Leverage Indicators appeared first on Security Intelligence.

Continue reading IOCs vs. IOAs — How to Effectively Leverage Indicators→

IOCs vs. IOAs — How to Effectively Leverage Indicators

Posted on March 16, 2022 by Shawn Hedrick

The post IOCs vs. IOAs — How to Effectively Leverage Indicators appeared first on Security Intelligence.

Continue reading IOCs vs. IOAs — How to Effectively Leverage Indicators→

Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them

Posted on December 18, 2021 by Dereck Stubbs

You’d have to look far and wide to find an IT professional who isn’t aware of (and probably responding to) the Log4Shell vulnerability. The Operational Technology (OT) sector is no exception, yet the exact exposure the vulnerability poses to OT technology is yet to be fully uncovered. The vulnerability was first made public earlier this […]

The post Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them appeared first on Security Intelligence.

Continue reading Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them→

How Log4j Vulnerability Could Impact You

Posted on December 11, 2021 by Nick Rossmann

If you hadn’t heard of Apache Log4j, chances are it’s on your radar now. In fact, you may have been using it for years. Log4j is a logging library. Imagine writing your daily activities into a notebook. That notebook is Log4j. Developers and programmers use it to take notes about what’s happening on applications and […]

The post How Log4j Vulnerability Could Impact You appeared first on Security Intelligence.

Continue reading How Log4j Vulnerability Could Impact You→

Call to Patch: Zero Day Discovered in Enterprise Help Desk Platform

Posted on November 16, 2021 by Mostafa Soliman

In an age where organizations have established a direct dependence on software to run critical business operations, it’s fundamental that they are evaluating their software development lifecycles and that of their extended environment — third-party partners — against the same standards. Concerns around vulnerability management are gaining more government attention around the world in order […]

The post Call to Patch: Zero Day Discovered in Enterprise Help Desk Platform appeared first on Security Intelligence.

Continue reading Call to Patch: Zero Day Discovered in Enterprise Help Desk Platform→

How to Deal With Unpatched Software Vulnerabilities Right Now

Posted on November 5, 2021 by Jonathan Reed

According to the 2021 X-Force Threat Intelligence Index, scanning for and exploiting vulnerabilities was the top infection vector of 2020. Up to one in three data breaches stemmed from unpatched software vulnerabilities. Take a look at this list of vulnerabilities or design flaws with no official Microsoft fix. In any case, one in three might […]

The post How to Deal With Unpatched Software Vulnerabilities Right Now appeared first on Security Intelligence.

Continue reading How to Deal With Unpatched Software Vulnerabilities Right Now→

Combating the Continuous Development of Vulnerable Software

Posted on November 13, 2019 by Stephen Gates

Most people in our industry know what the acronym CVE means. For those that may not, CVE stands for Common Vulnerabilities and Exposures. According to their website, CVE was launched in 1999 as a list of common identifiers for publicly-known cybersecur… Continue reading Combating the Continuous Development of Vulnerable Software→