HackDig : Dig high-quality web security articles for hackers

The History of Common Vulnerabilities and Exposures (CVE)

During the late 1990s, security professionals were using information assurance tools in concert with vulnerability scanners to detect and remove vulnerabilities from the systems for which they are responsible.There’s just one problem – each security vendor has its own database with little to no crossover. Each vendor’s tool generates its own alert for detect
Publish At:2020-09-17 01:02 | Read:112 | Comments:0 | Tags:Featured Articles Vulnerability Management CVE Patch Managem

VERT Threat Alert: September 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s September 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-903 on Wednesday, September 9th.In-The-Wild & Disclosed CVEsThere were no in-the-wild or disclosed CVEs included in this month’s security guidance.CVE Breakdown by TagWhile historical Microsoft
Publish At:2020-09-08 23:35 | Read:175 | Comments:0 | Tags:Featured Articles VERT VERT News Vulnerability Management

Identifying the Most Dangerous Common Software and Hardware Weaknesses and Vulnerabilities – The CWE Top 25 (2020 Editio

So far, there has not been a perfect solution to ridding the world of software and hardware weaknesses. Keeping up-to-date with which weaknesses have are most common and impactful can be a daunting task. Thankfully, a list has been made to do just that the Common Weakness Enumeration Top 25 (CWE). The CWE Top 25 is a community-developed list of the most dang
Publish At:2020-09-08 17:36 | Read:143 | Comments:0 | Tags:Featured Articles Vulnerability Management CWE vulnerabiliti

New Ponemon Report: A Programmatic Approach to Vulnerability Management for Hybrid Multicloud

X-Force Red is unveiling a new research study, conducted by the Ponemon Institute, that highlights vulnerability management challenges for on-premises and cloud environments: in other words, hybrid multicloud. The report, “The State of Vulnerability Management in the Cloud and On-Premises,” is based on a global survey of 1,848 IT and IT security
Publish At:2020-08-17 07:03 | Read:259 | Comments:0 | Tags:Cloud Security Security Services Software & App Vulnerabilit

Shellshock In-Depth: Why This Old Vulnerability Won’t Go Away

Shellshock is a bug in the Bash command-line interface shell that has existed for 30 years and was discovered as a significant threat in 2014. Today, Shellshock still remains a threat to enterprise.   The threat is certainly less risky than in the year of discovery. However, in a year in which security priorities have recalibrated to keep up with the c
Publish At:2020-08-06 09:54 | Read:206 | Comments:0 | Tags:Software & App Vulnerabilities Patch Management Shellshock V

Effective Threat Intelligence Through Vulnerability Analysis

Vulnerabilities are weaknesses leveraged by adversaries to compromise the confidentiality, availability or integrity of a resource. The vulnerability ecosystem has matured considerably in the last few years. A significant amount of effort has been invested to capture, curate, taxonomize and communicate the vulnerabilities in terms of severity, impact and com
Publish At:2020-07-30 15:37 | Read:288 | Comments:0 | Tags:Vulnerability Management ENISA Report threat analysis vulner

What’s New in the 2020 Cost of a Data Breach Report

In a world of uncertainty and change, it’s a comfort that some things are consistent year after year. Now in its 15th year, the annual Cost of a Data Breach Report, with research by the Ponemon Institute and published by IBM Security, continues to provide a detailed view of the financial impacts security incidents can have on organizations, with histo
Publish At:2020-07-29 08:52 | Read:269 | Comments:0 | Tags:Data Protection Threat Intelligence Threat Research Cost of

I Have Antivirus; I’m Protected, Right? Mis-steps Customers Make with their Security and Vulnerability Tools

I’ve worked in the IT field for over 30 years. 20 of those years have been spent in the network security field, employed by some of the largest names in the industry. But to my family, I’m still just the guy who “works with computers”.Many of my family are not computer savvy, which is a nice way of saying I had to teach them where the power button is. Howeve
Publish At:2020-07-09 02:16 | Read:427 | Comments:0 | Tags:Featured Articles Vulnerability Management Security Tools vu

Climbing the Vulnerability Management Mountain: Reaching the Summit (VM Maturity Level 5)

Only the truly committed ever reach the summit of anything. This sentiment holds true for vulnerability management. An organization cannot reach the summit without a serious commitment to fund and staff the program appropriately across the organization.Reaching ML:5 means tying the program to the business. Everyone must be aligned with the metrics and be rea
Publish At:2020-05-26 04:17 | Read:662 | Comments:0 | Tags:Vulnerability Management VM Mountain vulnerability managemen

The 4 Stages to a Successful Vulnerability Management Program

Have you ever been around someone who is just better at something than you are? Like when you were in school and there was this person who was effortless at doing things correctly? They had great study habits, they arrived on time, they were prepared and confident in the materials that they studied in class, and they were a consistently high performer at eve
Publish At:2020-05-24 10:11 | Read:409 | Comments:0 | Tags:Vulnerability Management processes vulnerability management

Take a Bite Out of Sweyn

If you work in the healthcare industry, you may have heard about a family of vulnerabilities called “SweynTooth.” Researchers from Singapore first discovered the vulnerabilities in 2019. After waiting 90 days to announce them, which is part of the responsible disclosure process, they published a technical paper. If you are not familiar with the S
Publish At:2020-05-24 06:18 | Read:432 | Comments:0 | Tags:Application Security Healthcare Security Services Software &

5G Technology: How to Make Sure the Benefits Outweigh the Security Risks

It’s hard not to say that 5G technology brings a lot of benefits. 5G entails faster download speeds, and yes, if you have a 5G-enabled handset, you could hear and appreciate the speed increases for videos, gaming, etc. However, 5G provides added benefits that go way above those for the everyday user.Let’s take a look at the high speed and low latency of 5G.
Publish At:2020-04-19 23:42 | Read:664 | Comments:0 | Tags:Vulnerability Management cyberattack Network Security Techno

Mr and Mrs CISO: Security in the Age of the Lockdown

With so many of us frantically learning to juggle our roles as parents, workers and most recently teachers; is it just my wife and I who feel it necessary to monitor the online activity of our teenagers during this lockdown? Sure, there’s rich educational content out there, but it sits amongst social networks, streaming services, gaming consoles and a world
Publish At:2020-03-30 05:25 | Read:711 | Comments:0 | Tags:Featured Articles IT Security and Data Protection controls V

Do You Know Your Responsibilities When It Comes to Container Security?

As you migrate your enterprise to the public cloud or multicloud, you want to realize some of its inherent benefits regardless of what service model you utilize. Whether your goal is cost optimization, scalability or elasticity, the cloud can allow your enterprise to adopt newer, cutting-edge technologies to innovate your business without the burden of havin
Publish At:2020-03-24 07:55 | Read:717 | Comments:0 | Tags:Cloud Security Application Development Application Security

2020 Tax Fraud Trends: How to Protect Yourself at Home and Work

The tax season deadline in the U.S. is April 15, 2020, and that means scammers are officially on the prowl for unsuspecting tax fraud victims. Attackers are utilizing both time-tested and new techniques to collect tax information and personal data from victims and target individual and corporate accounts. No one is immune from tax season risks, and most of u
Publish At:2020-03-17 10:37 | Read:830 | Comments:0 | Tags:Fraud Protection Bank Fraud Email Fraud Fraud Schemes Identi

Tools

Tag Cloud