Zephyrnet Logo

Tag: Vulnerability Database

Linux Distros Hit by RCE Vulnerability in Shim Bootloader

Linux shim, a small piece of code that many major Linux distros use during the secure boot process, has a remote code execution vulnerability...

Top News

ASUS warns router customers: Patch now, or block all inbound requests

by Paul Ducklin ASUS is a well-known maker of popular electronics products, ranging from laptops and phones to home routers...

Vulnerability in WordPress Google Analytics Plugin Hits +3 Million Websites

The National Vulnerability Database announced that a popular Google Analytics WordPress plugin installed in over 3 million was discovered to contain a Stored Cross-Site...

Machine Learning Improves Prediction of Exploited Vulnerabilities

A public effort to create a way of predicting the exploitation of vulnerabilities announced a new machine learning model that improves its prediction capabilities...

Majority of Ransomware Attacks Last Year Exploited Old Bugs

Many vulnerabilities that ransomware operators used in 2022 attacks were years old and paved the way for the attackers to establish persistence and move...

Snyk Gets Nod of Approval With ServiceNow Strategic Investment

Developers, security professionals, and investors all find something to like about Snyk and its developer security platform, which helps organizations mitigate their risk of...

Adobe, Apple, Cisco, Microsoft Flaws Make Up Half of KEV Catalog

Back in November 2021, the US Cybersecurity and Infrastructure Security Agency (CISA) published the Known Exploited Vulnerabilities (KEV) Catalog to help federal agencies and...

Google Launches Scanner to Uncover Open Source Vulnerabilities

Securing the software supply chain is an increasingly complex and time-consuming challenge for enterprises. To help developers find vulnerability data for open source components,...

How Naming Can Change the Game in Software Supply Chain Security

In many cases, once a high-risk security vulnerability has been identified in a product, a bigger challenge emerges: how to identify the affected component...

How Development Teams Should Respond to Text4Shell

A family moves into their dream home, only to be plagued by ominous letters, a strange tenant, and sinister threats. Sound familiar?It should. This...

WhiteSource Threat Report Reveals Massive Uptick In Cyberattacks Related To JavaScript npm

More than 1,300 malicious npm packages have been discovered for use in supply chain attacks, cryptojacking, data stealing, and more.

When Patching Security Flaws, Smarter Trumps Faster

Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.

The Evolution of Patch Management: How and When It Got So Complicated

In the wake of WannaCry and its ilk, the National Vulnerability Database arose to help security organizations track and prioritize vulnerabilities to patch. Part 1 of 3.

Latest Intelligence

spot_img
spot_img