Displaying items by tag: CVE

GUEST RESEARCH: White-hat researchers, including Claroty’s Team82, have made relatively quick work of finding vulnerabilities in the software, firmware, and communication protocols governing devices that keep shop floors running, the lights on, the water clean, and fuel pumped from refineries to homes around the world.

Zscaler, the leader in cloud security, today announced the release of Exposed, the industry's first global report on the state of corporate attack surfaces. Based on data sourced between February 2020 and April 2021, the report provides a first-ever look at the impact of attack surface exposure during the COVID-19 pandemic. In the report, Zscaler notes that as businesses began offering more remote work options, their attack surfaces grew concurrently with their dispersed workforce.

Company News: Radware has reported a series of new zero-day exploits in Microsoft Exchange Servers discovered late last year has evolved into a global hacking spree now impacting hundreds of thousands of organisations worldwide.

Security vendor Sophos is now a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA).

A security researcher says a fix for a new vulnerability in Intel processors is likely to require changes to the core operating system and would probably need "a ton of work to mitigate (mostly app recompile)".

Despite its recent claims to be focusing on security, the number of vulnerabilities in Microsoft products grew from 703 in 2015 to 729 in 2016, according to VulnDB statistics released by Risk Based Security, a company that sells analytics and user-friendly dashboards designed to identify security risks by industry.

The US 60 Minutes program engaged a German company to ‘hack’ an iPhone. The result has been nearly a million media articles to date sensationally reporting the ‘hack’ and more than a little public hysteria, especially in the US.