Common Vulnerabilities and Exposures (CVE) stories - Page 8

We see 2024 shaping up to be the defining moment where AI may become the profound battleground in cybersecurity.

Armis's report shows cyber attacks globally doubled in 2023, with utilities and manufacturing sectors the hardest hit.

Less than 1% of security vulnerabilities created the highest risks to businesses in 2023, with 97 high-risk vulnerabilities exploited undetected, says Qualys Threat Research Unit report.

Suspected espionage group UNC5221 exploited two zero-day vulnerabilities in Ivanti VPN and security appliances, using multiple custom malware families for post-exploitation espionage.

Over 40% of firms struggle to tackle vulnerabilities in the rising complexity of software supply chains, despite sizeable resource allocation, says Slim.AI's recent Container Report.

Kaspersky's GReAT team has uncovered an undisclosed iPhone hardware feature used in Operation Triangulation attacks.

Efforts to mitigate the Log4j vulnerability involve updating to patched versions of Log4j, but the process continues to be complex.

Team82 at Claroty uncovers substantial cybersecurity vulnerabilities in Operational Technology protocol clients, showing potential for full system control.

With all the benefits the cloud has to offer, it also introduces a new set of challenges, particularly for industries where security and compliance are priorities.

OpenSSF introduces new members including Patchstack and SparkFabrik, and outlines secure software development principles.

Rising cybersecurity threats prompt a shift from traditional, vulnerable password methods to phishing-resistant authentication solutions.

Check Point's latest Global Threat Index exposes a surge in Remote Access Trojan NJRat and an AgentTesla campaign.

Action1 Corp. is releasing an enterprise IT security solution integrating automated vulnerability remediation workflows.

CAST has launched their autumn release of software intelligence product, CAST Highlight, designed to enhance cloud migration and optimisation.

Azul's inaugural State of Java survey highlights Java's vital role in global tech, with 98% of firms reporting usage.

BackBox launches Network Vulnerability Manager, a tool for automated risk assessment and efficient remediation.

Hackuity, the risk-based vulnerability management provider, has launched Version 2.0 of its platform with major enhancements to support risk prioritisation.

Security Journey unveils tailored secure coding courses aimed at enhancing software security and regulatory compliance.

Keeper Security, a leader in password management, has become the first company in its field to join the CVE programme as a CNA.

Major security flaw, 'Looney Tunables', detected in glibc, threatens Linux distributions, urgent patch recommended.