News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: CVE

Scanners for Cloud Native Security
June 12, 2022
| No comments
| PR News

The Cloud Native Vulnerability and Risk Scanner now offers new capabilities that enable users to seamlessly integrate and scale cloud native security into their software development lifecycle (SDLC). Aqua Security, the leading pure-play cloud native security provider, today announced several updates to Aqua Trivy, making it the world's first unified cloud native security scanner. By consolidating multiple scanning tools into a single tool, Aqua Trivy is now the most comprehensive vulnerability and misconfiguration scanner for cloud native applications and infrastructure. Trivy…

Read more

Sonicwall firewalls with critical vulnerabilities 
3 April 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Sonicwall uses a vulnerability list on its Security Advisory information page to point out security gaps in various firewalls. Attackers could inject code with manipulated packets or even paralyze the firewall. Vulnerabilities exist in some Sonicwall firewalls, allowing remote attackers to even inject malicious code. as a result, devices can also be paralyzed by a DoS attack. The manufacturer Sonicwall already provides information on the security gap and patches. Many firewalls affected by vulnerabilities Administrators should close the gaps quickly, since the problem with the CVE-2022-22274 with a score of 9.4 as a critical...

Read more

Vulnerability Intelligence module enables CVE prioritization
15. February 2022
| No comments
| PR News
Vulnerability Intelligence module enables CVE prioritization

SearchLight with new Vulnerability Intelligence module. Monitoring solution from threat intelligence provider Digital Shadows enables CVEs to be prioritized for faster triage and mitigation. Cyber ​​threat intelligence provider Digital Shadows has added a new vulnerability analysis capability to its SearchLightTM solution. The Vulnerability Intelligence module enables security teams to identify relevant CVEs (Common Vulnerabilities and Exposures) more quickly and effectively prevent exploits. SOCs: Identify Relevant CVEs Faster The module in SearchLight is based on nine years of intensive research and analysis by Digital Shadows' forensic threat intelligence team. The analysts continuously monitor criminal forums, collect…

Read more

Zero-day exploit in Desktop Window Manager
28 April 2021
| No comments
| Kaspersky, Short news
Kaspersky_news

In the course of analyzing the known exploit CVE-2021-1732 by the APT group BITTER, the Kaspersky experts discovered another zero-day exploit in the Desktop Window Manager. So far, this cannot be associated with a known threat actor. Any code execution by cyber criminals on the victim's computer would be possible. Zero-day vulnerabilities are previously unknown software bugs. Until they are discovered, attackers can use them unnoticed for harmful activities and cause serious damage. Exploit analysis reveals reinforcement When analyzing the CVE-2021-1732 exploit, the Kaspersky experts found another zero-day exploit and reported it in the ...

Read more

Sophos is the CVE Numbering Authority
29 January 2021
| No comments
| Short news
SophosNews

With Sophos, the CVE program has recognized a new authorized participant as a (Common Vulnerability and Exposure) Numbering Authority. Sophos has been recognized as a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA) in the CVE program. The CVE is an international standard for identifying and naming cybersecurity vulnerabilities. With the inclusion, Sophos is entitled to issue internationally valid CVE IDs for security gaps in its products. The benefit is that security researchers can now work directly with Sophos to assign CVEs for the company's products. This facilitates the reporting processes as well as the assignment ...

Read more

Unsolved CVEs as exploit points of attack
28 October 2020
| No comments
| Short news
ivanti news

Ivanti assesses Patch Tuesday in October: Fewer resolved vulnerability problems and no further browser update from Microsoft promotes exploit development. Microsoft interrupted the series of 100 CVEs per month on Patch Tuesday in October, as only 87 CVEs were resolved this month. Six of them were announced publicly. Such a publication is like a kind of jumpstart for attackers in terms of research and development of exploits. To be on the safe side, special attention should therefore be paid to these CVEs. Open vulnerabilities invite exploit attackers The big news in October: Microsoft has the ...

Read more

Focus on major security vulnerabilities
27 October 2020
| No comments
| PR News
Network points, patch, vulnerabilities

Tenable Specialists: "Not all vulnerabilities are a threat - organizations should focus on the major vulnerabilities". The computer networks of organizations are constantly expanding: IT, cloud, IoT and OT form a complex computing landscape that represents the modern attack surface. This attack surface increases with every new device, connection or application. Add to this complexity a myriad of vulnerabilities that are discovered daily, and the challenges often seem insurmountable. However, the solution is relatively simple – security teams need visibility to understand the risks. More focus on acutely endangered vulnerabilities Independent…

Read more

Microsoft patch report
August 24, 2020
| No comments
| Short news
Tenable news

In August 2020, Microsoft again patched over 100 CVEs and repaired 120 CVEs, including 17 critical vulnerabilities. For the first time in three months, two vulnerabilities were reported that were exploited "in the wild". CVE-2020-1380 is a remote code execution vulnerability in Microsoft's scripting engine. It is caused by the way Internet Explorer's memory handles objects. To exploit this vulnerability, an attacker would have to induce a victim to visit a website with exploit code or to open a malicious document that contains an embedded ActiveX control. This would be the ...

Read more

© 2024 MedPressIT GbR
Cookie Settings