Security vulnerabilities stories - Page 7

Coding Labs mechanisms allow developers to move from learning to applying secure coding knowledge more efficiently, leading to fewer code vulnerabilities.

The Vectra Protect team identified a post-exploitation opportunity in August, allowing malicious actors to steal valid user credentials from Microsoft Teams.

The Claroty research team (Team82) has found seven vulnerabilities in Dataprobe's iBoot-PDU, the company's intelligent power distribution unit product.

The most significant and most exploited cybersecurity vulnerability of any New Zealand organisation is its people.

Vulnerability disclosures impacting IoT devices increased by 57% in the first half of 2022 compared to the previous six months.

Check Point Software uncovers vulnerabilities in Xiaomi's mobile payment system, potentially affecting up to 1 billion users. Fixes have been provided.

Tenable has announced additions to Tenable Cloud Security that represent the next step in assessing threats related to cloud vulnerabilities.

The vulnerability disclosure landscape is highly volatile, with unreported vulnerabilities and inaccurate scoring, according to Flashpoint.

Report reveals heavy use of software vulnerabilities matching opportunistic behaviour of threat actors who search for weak points.

Claroty’s research arm (Team82) has uncovered and disclosed two critical vulnerabilities in FileWave’s Mobile Device Management (MDM) system.

Rapid7 enhances InsightCloudSec with layered context capabilities, providing security teams with a consolidated, real-time view of risk signals.

Sophos has revealed that the ransomware gang BlackCat has added Brute Ratel, a pentesting tool, to its arsenal of attack tools.

Hackers are exploiting security vulnerabilities faster than ever before, with the average time to exploitation down from 42 days to just 12 days.

New research from Secureworks reveals that Chinese threat group BRONZE STARLIGHT is using targeted ransomware as a smokescreen for cyber espionage.

Forescout’s Vedere Labs has disclosed OT: ICEFALL, naming 56 vulnerabilities affecting devices from 10 operational technology vendors.

Advent One has partnered with New York based vulnerability management company, Vicarius to accentuate cybersecurity detection and response capabilities.

Research finds that there has been a 36% increase in cyber attack dwell time, with a median intruder dwell time of 15 days in 2021 versus 11 days in 2020.

The new cloud-based solution gives insights into an organisation's risk posture along with the ability to use drag and drop workflows to orchestrate responses.

MicroFocus has launched Data Center Automation for SaaS delivery, providing cost-effective vulnerability risk and compliance management.

Armis' new solution for risk-based vulnerability management enables businesses to prioritise mitigation efforts across the entire asset attack surface.

BeyondTrust's 2022 Microsoft Vulnerabilities Report reveals that Elevation of Privilege is the top vulnerability category for the second year running.

New Relic has introduced New Relic Vulnerability Management to help organisations find and address security risks faster and with greater precision.

Nuspire's Q1 2022 Threat Report reveals surge in threat actor activity as new vulnerabilities emerge. Mirai, STRRAT and Emotet see a resurgence.

The new update is designed to enable organisations to fix asset misconfigurations, patch OS and third-party applications, and deploy custom software.