Vulnerabilities | News, how-tos, features, reviews, and videos
Introduced in 2021, the US government’s vulnerability disclosure policy platform has racked up 12,000 bug reports and saved the government millions in remediation costs.
The malware has added exploits for more web applications and devices to its arsenal and some of them seem to be inherited from an older botnet called Mozi.
Critical flaw affects URWB access points used in outdoor and industrial environments.
Kaspersky Labs claims to have blocked over 11k info-stealing attempts that used the BYOVD technique.
Most organizations are still immature when it comes to identifying open-source dependencies that can usher in a host of problems when dealing with vulnerabilities.
Okta’s AD/LDAP authentication flaw allows an attacker to login without a password.
Microsoft SharePoint makes it simpler for enterprises to help employees discover documents on their internal network — but a recently exploited vulnerability is making easier for attackers to get inside the corporate network too.
Admins need to block access to external Windows file shares and NTLM traffic.
Operational technology threats aren’t just for industrial CISOs anymore, as enterprises from nearly every vertical increasingly connect OT devices to their IT networks.
Almost all 22,000 vulnerable CyberPanel devices identified on LeakIX were encrypted by PSAUX within hours.