Articles Tagged with ''vulnerability assessment''

A security researcher published a blog outlining the details of common misconfigurations in Salesforce that can result in guest users, or hackers leveraging guest user access, gaining access to sensitive data in Salesforce.

Microsoft recently warned that more cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks.  Threat actor TA505, a financially motivated threat group that has been active since at least 2014, is now exploiting this vulnerability. 

The Cybersecurity and Information Security Agency (CISA) has released an infographic mapping analysis of 44 of its Risk and Vulnerability Assessments (RVAs) conducted in Fiscal Year 2019 to the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework.

The Cybersecurity and Infrastructure Security Agency (CISA) released the Guide to Vulnerability Reporting for America’s Election Administrators. The guide walks election officials through the steps of establishing a vulnerability disclosure program.

When we do a risk assessment, we evaluate the facility’s needs and identify any gaps in their physical security barriers and policies and procedures. Why should you integrate security early in the design process?

The Linux Foundation’s Core Infrastructure Initiative (CII) and the Laboratory for Innovation Science at Harvard (LISH), announced the release of ‘Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software.`

Google has announced that its Project Zero disclosure guidelines are changing for 2020. 

There were 16,738 newly-disclosed vulnerabilities during the first three quarters of 2019. 

A focus on the basic elementary principles of cybersecurity can go a long way in protecting your company from most attacks. Penetration testers are the frontline witnesses on cyber threats. They continue to see the same weaknesses and vulnerabilities within the enterprises they examine. Below, is a list of recommendations for you to be aware of in the year ahead.

With the barrage of information coming into a system, separating the noise from the genuine threats can be a difficult process. This is where AI can come in, to help you separate the real risks to your business from normal network noise.