Vulnerability Management News, Articles and Updates

Intelligent defence in the era of global distributed cyber-crime

In the fight against cyber-crime, automation and centralisation enable vulnerability management and incident response teams to dedicate even more resources to acting on intelligence rather than gathering and analysing it.

Getting smarter vulnerability management by applying some intelligence

Brian Chappell explains how technology can help us make sure we are focusing on the right things that will deliver the biggest bang for our buck, after all, only a small percentage of the vulnerabilities we have are easy to exploit.

RSA: Thousands of Android apps found to be vulnerable

Vulnerability testing by CERT found tens of thousands of Androd apps are vulnerable and no full register exists as they don't all get CVE assigned.

EU regulations - Always expect the worst as it's already happening

A pessimistic approach to future threats is advised by Chris McIntosh as the necessary attitude to minimise the extent to which they happen, and bolster our preparedness to cope if and when they do.

Real threats start with humans, not technology

When the two IPs meet (intellectual property and internet protocol) the value of the business becomes vulnerable says Dave King, with IT often just providing a sticking plaster to hide C-suite ignorance.

Microsoft to fix eight bugs, two critical, on Patch Tuesday

Microsoft's upcoming Patch Tuesday will address remote code execution vulnerabilities, elevation of privileges, a security feature bypass and a denial-of-service issue across various platforms.

UK firms urged to patch IGX industrial control systems

Major manufacturers and industrial companies in the UK, US and over 30 other countries are being urged to adopt a rapidly-released fix to their IntegraXor (IGX) industrial control software.

Bitcoin's value surges amid spate of ransomware attacks

The risk of ransomware attacks is surging as virtual currency Bitcoin's value rockets.

Secunia apologises over vulnerabilty disclosure on mailing list

Vulnerability management firm Secunia has apologised after an undisclosed vulnerability was sent to a public emailing list.

Dell SecureWorks adds cloud-based vulnerability management and web application scanning services

Dell SecureWorks has introduced vulnerability management and web application scanning services for the cloud.

Microsoft to deliver 13 security patches for 26 bugs

After a quiet January Patch Tuesday that saw only one security update, Microsoft is back with a vengeance this month.

IIS issue not a new vulnerability, says Microsoft

Microsoft has shot down reports that its Internet Information Services (IIS) suffers from a vulnerability, saying that customers only need to worry if they are running a nondefault configuration of the web server.