Vulnerabilities/Threats

Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.

Using blockchain, multifactor authentication, or signatures can help boost authentication security and reduce fraud.

"WhisperGate" malware was used to overwrite Master Boot Record and other files to render systems inoperable at several organizations in Ukraine, Microsoft says.

VirusTotal can be used to collect large amounts of credentials without infecting an organization or buying them online, researchers found.

CISA issues alert for senior leadership of US organizations amid rising tensions between Russia and Ukraine.

Cross-site scripting and broken access controls continued to be the top classes of vulnerabilities researchers discovered, according to Bugcrowd's annual vulnerability report.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Consistent acquisition of key technologies and talent is a proven strategy for growth.

Timing of the move has evoked at least some skepticism from security experts about the country's true motives.

An attack discovered on Dec. 4, 2021 forced the Maryland Department of Health to take some of its systems offline.

The Log4j vulnerability is only the latest security flaw to have global impact, prompting the Biden administration and software developers to pledge to produce more secure software.

The next five years will bring the widespread use of hyperautomation in patch management. Part 3 of 3.

A series of attacks against small and medium-sized businesses has led to major cryptocurrency losses for the victims.

Major cloud providers are vulnerable to exploitation because a single flaw can be turned into a global attack using trusted core services.

The reward is always front of mind, while the potential harm of giving out a phone number doesn't immediately reveal itself.