Articles Tagged with ''security vulnerabilities''

The vulnerabilities of open-source software can have dire consequences and require all hands on deck.

With multi-million-dollar ransoms and threats to public safety, the stakes are high. Security leaders can no longer afford to leave vulnerabilities unaddressed for five months or five years.

Financial services companies experienced a 185% increase in high-risk critical vulnerabilities.

The Federal Trade Commission (FTC) has issued a warning that it will pursue any company that fails to protect its customers’ data against ongoing Log4j attacks. 

Microsoft warns the security community that the Log4j vulnerabilities still represent a complex and high risk for companies across the globe, as this open-source component is widely used across many suppliers' software and services. 

Blumira research team has discovered an alternative attack vector in the Log4j vulnerability that relies on a basic Javascript WebSocket connection to trigger the RCE locally via drive-by compromise.

The US-CERT Vulnerability database has recorded 18376 vulnerabilities as of December 8, 2021, which exceeds the 2020 record of 18351.

Salt Security released new API threat research from Salt Labs that highlights a GraphQL API authorization vulnerability in a B2B financial technology (FinTech) platform.

Ethical hackers prevented 27 billion dollars worth of cybercrime from May 1, 2020 to August 31, 2021, according to Bugcrowd.

The Biden administration issued a broad new order — Binding Operational Directive 22-01 - Reducing the Significant Risk of Known Exploited Vulnerabilities — requiring nearly all federal agencies to patch hundreds of cybersecurity flaws considered major vulnerabilities for damaging intrusions into government computer systems.