NIST Wants Help Digging Out of Its NVD Backlog
The National Vulnerability Database can't keep up, and the agency is calling for a public-private partnership to manage it going…
The National Vulnerability Database can't keep up, and the agency is calling for a public-private partnership to manage it going…
Had a Microsoft developer not spotted the malware when he did, the outcome could have been much worse.
Government proposes more modern and comprehensive cybersecurity regulations for businesses, government, and critical infrastructures providers Down Under.
NVD may be in peril, and while alternatives exist, enterprise security managers will need to plan accordingly to stay on…
Microsoft has disclosed fewer flaws and zero-days in the first three months of 2024 compared with the first quarter of…
The Water Hydra cyberattacker group is one adversary using the zero-days to get past built-in Windows protections.
Also in this issue: How the SEC's reporting rules are being weaponized, quishing attacks plaguing execs, and tabletop exercises making…
Both China-backed APTs and ordinary cyberattackers have seized on a pair of Ivanti VPN bugs for global exploitation.
Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local…
CVE-2023-7024, exploited in the wild prior to patching, is a Chrome vulnerability that allows remote code execution within the browser's…