New Google vulnerability: Learn about zero-day CVE-2022-3075 in Chorme web browser  | Fix now >> 

The CyberRisk Summit on-demand: Watch the latest #CRS anytime, anywhere | Watch now  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

8 common cloud misconfiguration types (and how to avoid them)

Cloud misconfiguration refers to any errors, glitches, or gaps in the cloud environment that could pose a risk to valuable information and assets. It occurs when the cloud-based system is not correctly configured by the organization, leading to cyber exposures, security breaches, insider threats, or external hackers. These cloud-threat actors exploit vulnerabilities to gain access… Continue reading 8 common cloud misconfiguration types (and how to avoid them)

The MITRE ATT&CK framework and more – introducing Voyager18

Spend any time in cyber security, and you’ll know how deep the vulnerability rabbit hole goes. Log4j. Spring4shell. Follina. The list goes on and on and on. Security researchers and bug bounty hunters trawl the sprawling wild west of application, network, and cloud environments, in search of the critical openings that might let an attacker… Continue reading The MITRE ATT&CK framework and more – introducing Voyager18

The most common CVEs (and how to fix them)

Every year, MITRE adds thousands of new entries to their Common Vulnerabilities and Exposures (CVE) list. With only a few exceptions, the number of vulnerabilities posted to the list has gone up almost every year, with over four thousand posted already in 2022.  That’s not to say that all CVEs are going to lead to… Continue reading The most common CVEs (and how to fix them)

Most risk-based vulnerability management programs are ineffective

Latest research shows IT security teams are not doing enough to correlate vulnerability data with actual business risk leaving organizations exposed. TEL AVIV, Israel — December 16, 2021 — According to a Vulcan Cyber survey of more than 200 enterprise IT and security executives conducted by Pulse, 86% of respondents rely on third-party vulnerability severity… Continue reading Most risk-based vulnerability management programs are ineffective