Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Researchers find critical vulnerabilities that can be exploited to take full control of D-Link routers. Serious flaws also discovered in Linksys routers [Read More]
Oracle’s October 2018 Critical Patch Update (CPU) includes 301 security fixes, bringing the total number of patches released this year to 1,119 [Read More]
VMware patches critical code execution vulnerability in the SVGA virtual graphics card used by its Workstation, ESXi and Fusion products [Read More]
A vulnerability in the software update process of certain Medtronic Programmer models has determined the company to block the functionality on some devices [Read More]
A patch released by Microsoft for a serious vulnerability affecting its JET Database Engine is incomplete [Read More]
Hundreds of millions of users may have been exposed to XSS attacks due to Branch.io flaws that impacted Tinder, Shopify, Yelp, Western Union, imgur, and many others [Read More]
Hackers exploit the Drupal vulnerability known as Drupalgeddon2 to install a backdoor on compromised servers [Read More]
Mozilla commissioned a security audit of the Firefox update system. No critical vulnerabilities were found and the high severity flaws were not easy to exploit [Read More]
Juniper Networks patches many critical and high severity vulnerabilities in Junos OS, including one that may have been triggered during malicious network probing [Read More]
SAP releases its October 2018 security patches, which include the first Hot News security note for SAP BusinessObjects in over five years [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Marc Solomon's picture
Recalculating and reevaluating priorities based on a continuous flow of new data, learnings and your risk profile, helps to ensure you’re staying focused on what matters in a highly dynamic environment.
Josh Lefkowitz's picture
Proper evaluation of business risk requires insight into the likelihood that a vulnerability will be exploited, and if exploited, how that vulnerability could impact the company on a macro level.
Torsten George's picture
Application Programming Interfaces (APIs) provide hackers with multiple venues to access an organization’s data and can even be used to cause massive business disruptions.
Torsten George's picture
Microservices and containers enable faster application delivery and improved IT efficiency. However, the adoption of these technologies has outpaced security.
Oliver Rochford's picture
We can’t rely on our own governments to practice responsible full disclosure. Full Disclosure is compromised. We can’t really blame them. Either everyone discloses, or no-one does.
Ashley Arbuckle's picture
By understanding and easing the cultural shift this entails, you can save time and money and sleep better at night with security occupying a seat at the DevOps table.
Travis Greene's picture
As DevOps and agile development methodologies take greater root in the enterprise, the traditional tools and approaches for eliminating vulnerabilities in code will no longer be able to keep pace.
Dan Cornell's picture
When planning a testing strategy for an application, it is important to evaluate the applicability and likely effectiveness of the various testing approach options.
David Holmes's picture
Several tech vendors have been added to the list of vendors vulnerable to a variation on the Bleichenbacher attack called the ROBOT attack.
Lance Cottrell's picture
Laws to support swift and automatic updates for all devices, and consequence to organizations that fail to ensure their IoT devices are secure, would be a big step forward for IoT security.