Vulnerability Management

Most Recent

Related events

Related Videos

A 3D-Illustration of the word Linux on metallic cubes

Vulnerability Management

Linux kernel flaw added to CISA’s exploited vulnerabilities list

Steve ZurierFebruary 6, 2025

Flaw could let attackers escalate privileges on popular Google Android and Pixel devices.

Vulnerability Management

CISA: Actively exploited Linux kernel flaw requires immediate remediation

SC StaffFebruary 6, 2025

Such a vulnerability — which stems from a USB Video Class driver out-of-bounds write issue that could be exploited for privilege escalation — may have been used by forensic data extraction tools, according to the GrapheneOS development team.

Critical Veeam updater bug patched. (Adobe Stock)

Vulnerability Management

Veeam Updater receives update for critical RCE flaw

Laura FrenchFebruary 5, 2025

The vulnerability affects Veeam Backup for Salesforce, AWS, Microsoft Azure, Google Cloud and more.

Vulnerability Management

Build a vulnerability management program with internet exposure in mind

Aaron Unterberger February 5, 2025

Teams need to adapt their vulnerability management programs to the reality that most of their business today runs on the internet.

Network Security

Actively exploited Zyxel router bugs require immediate model upgrades

SC StaffFebruary 5, 2025

Included in the affected CPE Series router models were VMG1312-B10A, VMG1312-B10B, VMG1312-B10E, VMG3312-B10A, VMG3313-B10A, VMG3926-B10B, VMG4325-B10A, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, SBG3300, and SBG3500, according to Zyxel.

AI/ML

Microsoft fixes CVSS 9.9 vulnerability in Azure AI Face service

Laura FrenchFebruary 4, 2025

The flaw enabled authentication bypass by spoofing, with a proof-of-concept exploit available.

North Korea flag with circuitry and fingerprint

Vulnerability Management

FlexibleFerret malware targets the macOS via North Korea job campaign

Steve ZurierFebruary 4, 2025

New malware strain a continuation of the North Korean Contagious Interview job lure campaign first described last December.

Application security

Threat Modeling That Helps the Business – Sandy Carielli, Akira Brand – ASW #316

February 4, 2025

Threat modeling has been in the appsec toolbox for decades. But it hasn't always been used and it hasn't always been useful. Sandy Carielli shares what she's learned from talking to orgs about what's been successful, and what's failed, when they've approached this practice. Akira Brand joins to talk about her direct experience with building threat ...

Vulnerability Management

Related events

Exposure management: How organizations can use it to build cyber resilience

CISO Perspectives to Improve/Optimize Vulnerability Management

Balancing Act: Prioritizing Vulnerabilities and Misconfigurations in Vulnerability Management

Related Videos

Transform cybersecurity with process mining

Security for the modern workforce

Log4j vulnerability response for banks: ‘This is not a quick process’

Linux kernel flaw added to CISA’s exploited vulnerabilities list

CISA: Actively exploited Linux kernel flaw requires immediate remediation

Veeam Updater receives update for critical RCE flaw

Build a vulnerability management program with internet exposure in mind

Actively exploited Zyxel router bugs require immediate model upgrades

Microsoft fixes CVSS 9.9 vulnerability in Azure AI Face service

FlexibleFerret malware targets the macOS via North Korea job campaign

Threat Modeling That Helps the Business – Sandy Carielli, Akira Brand – ASW #316