Security vulnerabilities news stories
Secureworks reveals new information on BRONZE STARLIGHT threat group
New research from Secureworks has uncovered new information on the Chinese threat group BRONZE STARLIGHT and how they are using targeted ransomware to initiate complicated attacks.
Forescout reveals top vulnerabilities impacting OT vendors
Forescout’s Vedere Labs has disclosed OT: ICEFALL, naming 56 vulnerabilities affecting devices from 10 operational technology vendors.
Advent One partners with US vulnerability management company
Advent One has partnered with New York based vulnerability management company, Vicarius to accentuate cybersecurity detection and response capabilities
Sophos uncovers latest cyber attack trends in Playbook report
Research finds that there has been a 36% increase in cyber attack dwell time, with a median intruder dwell time of 15 days in 2021 versus 11 days in 2020.
New Qualys solution enables better vulnerability management
The new cloud-based solution gives insights into an organisation's risk posture along with the ability to use drag and drop workflows to orchestrate responses.
Robotic Process Automation / RPA
Micro Focus unveils Data Center Automation for SaaS delivery
MicroFocus has released Data Center Automation (DCA) for software-as-a-service (SaaS) delivery, offering more cost-effective vulnerability risk and IT compliance management.
Armis risk management solution hones in on entire attack surface
Armis' new solution for risk-based vulnerability management enables businesses to prioritise mitigation efforts across the entire asset attack surface.
Elevation of Privilege the top 2021 Microsoft vulnerability
BeyondTrust has released its 2022 Microsoft Vulnerabilities Report, finding that Elevation of Privilege is the top vulnerability category for the second consecutive year.
New Relic launches vulnerability management platform
New Relic has introduced New Relic Vulnerability Management to help organisations find and address security risks faster and with greater precision.
New vulnerabilities found in Nuspire’s Q1 2022 Threat Report
“Threat actors are quickly adjusting their tactics and these exploits tend to get industry attention, but the threat posed by older and attacks still persists."
Qualys updates Cloud Platform solution with rapid remediation
The new update is designed to enable organisations to fix asset misconfigurations, patch OS and third-party applications, and deploy custom software.
How zero trust and SD-WANs can support productive remote working
The way people connect with applications and data has changed, users are remotely accessing resources that could be stored anywhere from a corporate data center to the cloud.
Developments in phishing and how to protect your business
Phishing, the practice of sending malicious emails to encourage users to perform actions that benefit an attacker, is a key security concern for modern businesses due to its prevalence and impact.
NCSC, international partners issue cyber security advisory
The National Cyber Security Centre (NCSC) has issued a cyber security advisory in collaboration with its international partners detailing common vulnerabilities and exposures.
Attacks on critical infrastructure continue - Trellix report
“We’re at a critical juncture in cybersecurity and observing increasingly hostile behaviour across an ever-expanding attack surface."
Vulnerabilities on the rise - public sector at risk
New Invicti Research has found that vulnerabilities are rising, and that government and education sectors are particularly at risk.
Widespread threats increase by 38% in 2021 - Rapid7 report
Rapid7 has released its latest Vulnerability Intelligence Report detailing the most significant security vulnerabilities and cyber attacks in 2021.
Four ways to secure cloud workloads and your crown jewels
Organisations need to understand what makes cloud workloads so vulnerable, how attacks play out and why adopting runtime protection is the best practice approach.
The patch management challenge
We all know that patching is important, so why is the physical process for updating systems across the enterprise still so difficult?
New report shows increase of ICS vulnerabilities in critical infrastructure
The amount of Industrial Control System (ICS) vulnerabilities in critical infrastructure sectors have been found to have increased by 110% over the last four years, according to a new report by Claroty.
Five cyber threat trends and what they mean to your business
The recent Russia-Ukraine crisis has unearthed the worrying possibilities of widespread cybersecurity threats, further highlighting the importance of the role threat intelligence plays in protecting infrastructure.
Kaspersky uncovers multiple vulnerabilities in wearable tracking technology
Kaspersky's researchers have found 33 vulnerabilities in the most commonly used protocol for transferring data from wearable devices worn by patients for remote monitoring.
Qualys adds advanced remediation capabilities to Cloud Platform
The new update enables organisations to fix asset misconfigurations, patch OS and third-party applications, and deploy custom software.
Nucleus Security teams up with Mandiant to enhance vulnerability management programs with threat intelligence
Nucleus Security has entered into a strategic partnership with Mandiant, the leader in dynamic cyber defense and response.