Penetration Testing

FEBRUARY 17, 2024

A recently disclosed vulnerability in Dell EMC Enterprise SONiC (CVE-2023-32484) could have profound consequences for your data center network security.

Penetration Testing 109

Penetration Testing Risk Network Security 109

Penetration Testing

JANUARY 24, 2024

Dubbed CVE-2023-49657, this stored cross-site scripting (XSS) vulnerability has... The post CVE-2023-49657: Apache Superset Hit by High-Risk Stored XSS Vulnerability appeared first on Penetration Testing.

Penetration Testing 100

Penetration Testing Risk Software 100

Penetration Testing

JANUARY 28, 2024

Identified as CVE-2023-6200, with a considerable CVSS score of 7.5, this flaw exposes a critical race condition within the handling of ICMPv6... The post Critical Alert: CVE-2023-6200 Exploits Linux Kernel with Code Execution Risk appeared first on Penetration Testing.

Penetration Testing 102

Penetration Testing Risk 102

Security Boulevard

JUNE 2, 2023

The post 5G and Cybersecurity Risks in 2023 appeared first on Security Boulevard. Four years later, the number of people with 5G-enabled devices is still small in most countries. It’s uncertain if the reason behind the sluggish adoption is affordability, the lack of.

Risk 116

Risk Cybersecurity Telecommunications IoT 116

Heimadal Security

DECEMBER 18, 2023

An effective security strategy, therefore, needs to put managing risk at the heart of its approach. That’s where IT risk assessments […] The post How to Complete an IT Risk Assessment (2023) appeared first on Heimdal Security Blog.

Risk 78

Risk Cybersecurity 78

CSO Magazine

MARCH 1, 2023

Known vulnerabilities, compromise of legitimate package, and name confusion attacks are expected to be among the top ten open source software risks in 2023, according to a report by Endor Labs. To read this article in full, please click here

Software 113

Software Risk 113

Security Boulevard

JULY 6, 2023

It’s been about six months since we released our top eight predictions for 2023, which covered everything from. Read More The post Has 2023 been the year of risk? The post Has 2023 been the year of risk? Updates on our 8 predictions appeared first on Hyperproof.

Risk 98

Risk CISO Government Cybersecurity 98

Penetration Testing

JANUARY 3, 2024

” plugin, a staple in over 300,000 WordPress sites, has been hit by a formidable security flaw, identified as CVE-2023-6600. With a CVSS score of... The post CVE-2023-6600: Over 300,000 Sites at Risk from OMGF Plugin XSS Flaw appeared first on Penetration Testing.

Penetration Testing 87

Penetration Testing Risk 87

Security Boulevard

MARCH 1, 2023

The post Top 10 Open Source Software Risks of 2023 appeared first on Security Boulevard. This problem has come into focus as more vulnerabilities present themselves and attacks on open source software ecosystems become more.

Software 112

Software Risk Mobile Malware 112

Penetration Testing

JANUARY 21, 2024

This library is cherished for its powerful capabilities... The post Pillow’s Critical Flaw: CVE-2023-50447 Exposes Python Projects to Risk appeared first on Penetration Testing.

Penetration Testing 79

Penetration Testing Risk 79

The State of Security

AUGUST 2, 2022

Rising cybercrime affects everyone, but certain sectors are more at risk than others. In 2023, the auto industry could face particularly significant dangers. Reducing these risks will be crucial as more […]… Read More. Attacks in the automotive space can impact automakers, automotive fleets, and consumers alike.

Risk 104

Risk Cybercrime 104

Penetration Testing

JANUARY 25, 2024

This plugin, cherished for its ability to streamline the daunting task of... The post Over a Million Sites at Risk: Hackers are Exploiting CVE-2023-6933 Flaw in WordPress Plugin appeared first on Penetration Testing.

Penetration Testing 90

Penetration Testing Risk 90

Penetration Testing

NOVEMBER 13, 2023

These vulnerabilities could have allowed attackers to take control of affected systems... The post CVE-2023-5869: Unpatched PostgreSQL Servers at Risk of Arbitrary Code Execution Attacks appeared first on Penetration Testing. The PostgreSQL Global Development Group has released PostgreSQL 16.1,

Penetration Testing 85

Penetration Testing Risk 85

Security Boulevard

JUNE 7, 2023

As you know by now, the final version of the OWASP API Security Top-10 2023 has been released. At first blush, the final 2023 release seems to retain most of the changes in category naming, language and intent from the 2019 edition which we saw in the RC version. In this post, we are going [.]

Risk 67

Risk 67

IT Security Guru

AUGUST 17, 2023

The 2023 Edition of the National Risk Register predicts that, in the next two years, there is a 5 to 25% chance that a devastating attack will target critical infrastructure and cause physical harm. Meanwhile, cyberattacks are getting more sophisticated, increasing the risk of threats such as supply chain attacks and ransomware.

Risk 98

Risk Healthcare Passwords Government 98

The Last Watchdog

DECEMBER 14, 2023

Last Watchdog posed two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? GenAI holds immense potential to supercharge productivity, but if you forget basic security hygiene, you’re opening yourself up to significant risk.

Cybersecurity 234

Cybersecurity Marketing Encryption CISO 234

Anton on Security

JANUARY 10, 2024

So, what did we do differently in 2023? Here are AI our episodes aired in 2023 (we had AI episodes before , but only 3 of them): EP150 Taming the AI Beast: Threat Modeling for Modern AI Systems with Gary McGraw EP146 AI Security: Solving the Problems of the AI Era: A VC’s Insights EP144 LLMs: A Double-Edged Sword for Cloud Security?

Cloud Migration 130

Cloud Migration Government Network Security Risk 130

Security Boulevard

JANUARY 8, 2024

January 9, 2024 – NSFOCUS, a global provider of intelligent hybrid security solutions, today announced that NSFOCUS has been named a Major Player in the IDC MarketScape: Worldwide Risk-Based Vulnerability Management Platforms 2023 Vendor Assessment (doc #US50302323, November 2023). SANTA CLARA, Calif.,

Risk 67

Risk Cyber Attacks 67

Heimadal Security

NOVEMBER 21, 2023

A cybersecurity risk assessment is a process organizations go through to identify, categorize, and respond to security risks. The goal is to get an understanding of your overall risk threshold, so you can identify strategies and policies to help reduce it.

Risk 52

Risk Cybersecurity Phishing 52

Security Boulevard

FEBRUARY 17, 2023

in the FBI’s […] The post Threat Spotlight: Threat Intelligence & Geopolitical Risk in 2023 appeared first on Flare | Cyber Threat Intel | Digital Risk Protection. The post Threat Spotlight: Threat Intelligence & Geopolitical Risk in 2023 appeared first on Security Boulevard.

Risk 70

Risk Cyber threats 70

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. High-risk vulnerabilities can cause errors in applications and affect customers’ business. More than a third (39%) used the microservice architecture.

Passwords 100

Passwords Authentication Architecture Risk 100

The Last Watchdog

JULY 11, 2023

Boston, July 7, 2023 — CybSafe, the human risk management platform, has today announced CEO Oz Alashe MBE has been named as a SecurityInfoWatch.com , Security Business and Security Technology Executive magazines’ 2023 Security Industry Innovator Award winner. We are developing intelligent software to help them.”

Cyber Risk 178

Cyber Risk Cyber threats Risk Technology 178

Tech Republic Security

MAY 15, 2023

A new report from Proofpoint provides global insight into CISOs' challenges, expectations and priorities for 2023. The post Survey: Most CISOs feel their business is at risk for cyberattack appeared first on TechRepublic.

CISO 179

CISO Risk Big data Ransomware 179

Trend Micro

FEBRUARY 6, 2024

In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution.

Risk 104

Risk Cyber threats 104

Security Boulevard

JULY 13, 2023

Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel. Permalink The post BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty appeared first on Security Boulevard.

Education 75

Education Risk Architecture CISO 75

Security Boulevard

DECEMBER 15, 2023

Life comes at you fast, and that’s especially true for CISOs grappling with the many compliance risks in cybersecurity. From greater regulatory pressures and heightened privacy standards to increased personal liability, topped off with new rules for artificial intelligence — a lot happened in 2023.

Artificial Intelligence 109

Artificial Intelligence CISO Risk Cybersecurity 109

Security Boulevard

DECEMBER 11, 2023

The post The top cyber security news stories of 2023 appeared first on Click Armor. The post The top cyber security news stories of 2023 appeared first on Security Boulevard.

CISO 125

CISO Security Awareness Phishing Risk 125

Security Boulevard

DECEMBER 28, 2023

Transparency in vulnerability disclosure plays a crucial role in effective risk management, regardless of software development models. The The post 2023 Kubernetes vulnerability roundup appeared first on ARMO. The post 2023 Kubernetes vulnerability roundup appeared first on Security Boulevard.

Software 67

Software Risk 67

Tech Republic Security

DECEMBER 30, 2022

Does your company have a risk management strategy in place that addresses the possibility of a major supplier security failure? The post Don’t overlook supply chain security in your 2023 security plan appeared first on TechRepublic. Supply chain security concerns continue to grow.

Risk 147

Risk 147

InfoWorld on Security

FEBRUARY 28, 2024

Nearly three-quarters of codebases assessed for risk by Synopsis in 2023 contained open source components with high-risk vulnerabilities, according to a just-released report from the company, a provider of application security testing tools. To read this article in full, please click here

Risk 82

Risk 82

Security Boulevard

JULY 22, 2023

In early June 2023, OWASP released the final version of the OWASP API Security Top-10 list update. At that time we published a “hot take” on this final version and followed that up with an in-depth look at the new risk ratings for 2023. The post 2023 OWASP Top-10 Series: Introduction appeared first on Wallarm.

Risk 98

Risk 98

Security Affairs

SEPTEMBER 20, 2023

GitLab rolled out security patches to address a critical vulnerability, tracked as CVE-2023-5009, that can be exploited to run pipelines as another user. GitLab has released security patches to address a critical vulnerability, tracked as CVE-2023-5009 (CVSS score: 9.6), that allows an attacker to run pipelines as another user.

Hacking 115

Hacking Risk Information Security 115

Security Boulevard

DECEMBER 29, 2022

The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Hyperproof. The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Security Boulevard.

InfoSec 70

InfoSec Risk Cyber Attacks CISO 70

Penetration Testing

JANUARY 18, 2024

In a recent discovery, Varonis Threat Labs has unveiled three new ways that cyber attackers can exploit to access NTLM v2 hashed passwords, putting countless systems and user data at risk.

Passwords 110

Passwords Penetration Testing Cyber Attacks Risk 110

Security Boulevard

JUNE 1, 2023

The post Private APIs at Risk: Q1-2023 API ThreatStats™ Report appeared first on Wallarm. The post Private APIs at Risk: Q1-2023 API ThreatStats™ Report appeared first on Security Boulevard. And 90% of organizations use or are planning to use private APIs provided by partners – up from 68% in 2019.

Risk 52

Risk 52