During the late 1990s, security professionals were using information assurance tools in concert with vulnerability scanners to detect and remove vulnerabilities from the systems for which they are responsible.There’s just one problem – each security vendor has its own database with little to no crossover. Each vendor’s tool generates its own alert for detect

Today’s VERT Alert addresses Microsoft’s September 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-903 on Wednesday, September 9th.In-The-Wild & Disclosed CVEsThere were no in-the-wild or disclosed CVEs included in this month’s security guidance.CVE Breakdown by TagWhile historical Microsoft

So far, there has not been a perfect solution to ridding the world of software and hardware weaknesses. Keeping up-to-date with which weaknesses have are most common and impactful can be a daunting task. Thankfully, a list has been made to do just that the Common Weakness Enumeration Top 25 (CWE). The CWE Top 25 is a community-developed list of the most dang

X-Force Red is unveiling a new research study, conducted by the Ponemon Institute, that highlights vulnerability management challenges for on-premises and cloud environments: in other words, hybrid multicloud. The report, “The State of Vulnerability Management in the Cloud and On-Premises,” is based on a global survey of 1,848 IT and IT security

Shellshock is a bug in the Bash command-line interface shell that has existed for 30 years and was discovered as a significant threat in 2014. Today, Shellshock still remains a threat to enterprise.   The threat is certainly less risky than in the year of discovery. However, in a year in which security priorities have recalibrated to keep up with the c

Vulnerabilities are weaknesses leveraged by adversaries to compromise the confidentiality, availability or integrity of a resource. The vulnerability ecosystem has matured considerably in the last few years. A significant amount of effort has been invested to capture, curate, taxonomize and communicate the vulnerabilities in terms of severity, impact and com

In a world of uncertainty and change, it’s a comfort that some things are consistent year after year. Now in its 15th year, the annual Cost of a Data Breach Report, with research by the Ponemon Institute and published by IBM Security, continues to provide a detailed view of the financial impacts security incidents can have on organizations, with histo

I’ve worked in the IT field for over 30 years. 20 of those years have been spent in the network security field, employed by some of the largest names in the industry. But to my family, I’m still just the guy who “works with computers”.Many of my family are not computer savvy, which is a nice way of saying I had to teach them where the power button is. Howeve

Only the truly committed ever reach the summit of anything. This sentiment holds true for vulnerability management. An organization cannot reach the summit without a serious commitment to fund and staff the program appropriately across the organization.Reaching ML:5 means tying the program to the business. Everyone must be aligned with the metrics and be rea

Have you ever been around someone who is just better at something than you are? Like when you were in school and there was this person who was effortless at doing things correctly? They had great study habits, they arrived on time, they were prepared and confident in the materials that they studied in class, and they were a consistently high performer at eve

If you work in the healthcare industry, you may have heard about a family of vulnerabilities called “SweynTooth.” Researchers from Singapore first discovered the vulnerabilities in 2019. After waiting 90 days to announce them, which is part of the responsible disclosure process, they published a technical paper. If you are not familiar with the S

It’s hard not to say that 5G technology brings a lot of benefits. 5G entails faster download speeds, and yes, if you have a 5G-enabled handset, you could hear and appreciate the speed increases for videos, gaming, etc. However, 5G provides added benefits that go way above those for the everyday user.Let’s take a look at the high speed and low latency of 5G.

With so many of us frantically learning to juggle our roles as parents, workers and most recently teachers; is it just my wife and I who feel it necessary to monitor the online activity of our teenagers during this lockdown? Sure, there’s rich educational content out there, but it sits amongst social networks, streaming services, gaming consoles and a world

As you migrate your enterprise to the public cloud or multicloud, you want to realize some of its inherent benefits regardless of what service model you utilize. Whether your goal is cost optimization, scalability or elasticity, the cloud can allow your enterprise to adopt newer, cutting-edge technologies to innovate your business without the burden of havin

The tax season deadline in the U.S. is April 15, 2020, and that means scammers are officially on the prowl for unsuspecting tax fraud victims. Attackers are utilizing both time-tested and new techniques to collect tax information and personal data from victims and target individual and corporate accounts. No one is immune from tax season risks, and most of u