Americas

Asia

Europe

Oceania

  • Australia
Popular Topics

Topics

About

Policies

Our Network

More

HomeVulnerabilities

Vulnerabilities

Vulnerabilities | News, how-tos, features, reviews, and videos

Jump to
Latest Articles Events Resources Podcasts
feature
Image

3 ways to fix old, unsafe code that lingers from open-source and legacy programs

Code vulnerability is not only a risk of open-source code, with many legacy systems still in use — whether out of necessity or lack of visibility — the truth is that cybersecurity teams will inevitably need to address the problem.

By Maria Korolov
29 Nov 20239 mins
Security PracticesVulnerabilitiesSecurity
news
Image

Flaw in Citrix software led to the recent cyberattack on Boeing: Report

By Gagandeep Kaur
22 Nov 20233 mins
VulnerabilitiesSecurity
news
Image

MOVEit carnage continues with over 2600 organizations and 77M people impacted so far

By Gagandeep Kaur
21 Nov 20233 mins
Data BreachVulnerabilities
news analysis

Intel patches high-severity CPU privilege escalation flaw

By Lucian Constantin
15 Nov 20234 mins
Vulnerabilities
news analysis

Cisco patches serious flaws in Firepower and Identity Services Engine

By Lucian Constantin
06 Nov 20234 mins
Network SecurityVulnerabilities
feature

12 notable bug bounty programs launched in 2023

By Michael Hill
06 Nov 202312 mins
HackingSecurity PracticesVulnerabilities
news analysis

HelloKitty ransomware deployed via critical Apache ActiveMQ flaw

By Lucian Constantin
02 Nov 20234 mins
RansomwareMalwareNetwork Security
news

iLeakage updates Spectre for novel info-stealing side-channel attack

By Shweta Sharma
31 Oct 20236 mins
CyberattacksCyberattacksCybercrime
news

Failure to verify OAuth tokens enables account takeover on websites

By Lucian Constantin
27 Oct 20237 mins
AuthenticationAuthenticationAuthentication

Articles

news

Gitlab fixes bug that exploited internal policies to trigger hostile pipelines

It was possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies.

By Shweta Sharma
21 Sep 2023 3 mins
Vulnerabilities
feature

Key findings from the CISA 2022 Top Routinely Exploited Vulnerabilities report

CISA’s recommendations for vendors, developers, and end-users promote a more secure software ecosystem.

By Chris Hughes
21 Sep 2023 8 mins
Zero TrustThreat and Vulnerability ManagementSecurity Practices
news

Microsoft reveals memory corruption bugs in ‘ncurses’ library

The research reveals that the vulnerabilities can allow attackers to gain unauthorized access to systems and data by modifying a program’s memory.

By Shweta Sharma
18 Sep 2023 3 mins
Vulnerabilities
news analysis

Automotive supply chain vulnerable to attack as cybersecurity regulation looms

Almost two-thirds of automotive industry leaders believe their supply chain is vulnerable to cyberattacks, with many behind the curve on upcoming international regulation.

By Michael Hill
14 Sep 2023 5 mins
RegulationRegulationRegulation
news analysis

New Kubernetes vulnerability allows privilege escalation in Windows

Attackers can abuse YAML configuration files to execute malicious commands in Windows hosts.

By Lucian Constantin
13 Sep 2023 4 mins
DevSecOpsApplication SecurityVulnerabilities
news analysis

Severe Azure HDInsight flaws highlight dangers of cross-site scripting

Microsoft flagged the now-patched vulnerabilities as important, and they serve as a reminder to implement proper XSS defenses.

By Lucian Constantin
13 Sep 2023 5 mins
Internet SecurityVulnerabilities
feature

Emerging cyber threats in 2023 from AI to quantum to data poisoning

In cybersecurity’s never-ending cat-and-mouse game with hackers and grifters, the threats are always evolving. Here are some of the main attacks experts see as the biggest and baddest on the horizon.

By Mary K. Pratt
07 Sep 2023 10 mins
Advanced Persistent ThreatsAdvanced Persistent ThreatsAdvanced Persistent Threats
news

New research reveals most-attacked, most-vulnerable assets

While medical devices are the most susceptible to unpatched CVEs, operational technology assets are the most attacked.

By Michael Hill
05 Sep 2023 4 mins
Critical InfrastructureNetwork SecurityVulnerabilities
news

Expect SQL Server failures as Microsoft disables old TLS in Windows

Microsoft has decided to pull back support for Transport Layer Security versions 1.0 and 1.1 in upcoming Windows rollouts.

By Shweta Sharma
05 Sep 2023 3 mins
Windows SecurityVulnerabilities
feature

How attackers exploit QR codes and how to mitigate the risk

Attackers are taking advantage of the increased use of QR codes to steal sensitive information or conduct phishing campaigns. Here's what security teams and employees need to know.

By Bob Violino
05 Sep 2023 8 mins
Mobile SecurityMobile SecurityMobile Security
news analysis

Chinese hackers deploy new malware to hinder Barracuda ESG remediation efforts

The fast response to mitigation attempts shows a high level of sophistication to extend what is likely a cyberespionage campaign.

By Lucian Constantin
30 Aug 2023 7 mins
Advanced Persistent ThreatsMalwareVulnerabilities
news analysis

Recently patched Juniper firewall flaws allow remote code execution

Researchers have chained two medium severity vulnerabilities to execute "world ending" remote code execution, and a real-world exploit has been found.

By Lucian Constantin
29 Aug 2023 6 mins
Remote Access SecurityNetwork SecurityVulnerabilities
View all

Resources

whitepaper

Test & Learn - The ultimate guide to delivering high quality, high impact products

This year, the Progressive Delivery and Experimentation Summit,
brought together nearly 1500 professionals. Leaders from Product, Engineering,
and Data presented frameworks for adapting software development and delivery
practices

The post Test & Learn – The ultimate guide to delivering high quality, high impact products appeared first on Whitepaper Repository.

By Optimizely
18 Sep 2023
Business OperationsFinance and Accounting SystemsMarketing Software
Image
whitepaper

Modernize and Scale on AWS

By Koan
22 Aug 2023
Amazon Web ServicesCloud ManagementIT Management
Image
whitepaper

The Total Economic Impact(TM) Of Optimizely Digital Experience Platform

By Optimizely
06 Aug 2023
Business OperationsFinance and Accounting SystemsMarketing Software
Image
View all

Video on demand

video

Printers: The overlooked security threat in your enterprise | TECHtalk

Printers, often a forgotten target in the enterprise, are vulnerable to all the usual cyberattacks. Watch as IDG TECH(talk) hosts Ken Mingis and Juliet Beauchamp and CSO Online's J.M. Porup discuss the threats to these devices, plus how to secure them and protect your network.

07 Nov 2019 20 mins
HackingPrintersVulnerabilities
See all videos

Explore a topic

Show me more

news

UK CSO 30 Awards 2023 winners announced

By Romy Tuin
05 Dec 20234 mins
CSO and CISO
Image
news analysis

Deepfakes emerge as a top security threat ahead of the 2024 US election

By Cynthia Brumfield
05 Dec 20237 mins
Election HackingGovernmentSecurity Practices
Image
feature

How cybersecurity teams should prepare for geopolitical crisis spillover

By Christopher Whyte
05 Dec 202312 mins
Advanced Persistent ThreatsThreat and Vulnerability ManagementRisk Management
Image
podcast

CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison

20 Nov 202315 mins
CSO and CISO
Image
podcast

CSO Executive Sessions Australia with Robbie Whittome, CISO at Curtin University

16 Oct 202315 mins
CSO and CISO
Image
podcast

CSO Executive Sessions / ASEAN: Cisco's Anthony Grieco on opportunities in Southeast Asia's cybersecurity landscape

10 Oct 202316 mins
CSO and CISO
Image
video

CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison

20 Nov 202315 mins
CSO and CISO
Image
video

AI and Cybersecurity: Speed Bumps, Training, and Communication

06 Nov 202317 mins
CyberattacksGenerative AI
Image
video

CSO Executive Sessions Australia with Robbie Whittome

16 Oct 202315 mins
CSO and CISO
Image