Vulnerabilities

Unlocking Near-Zero Downtime Patch Management With High Availability Clustering

Margaret Hoagland | April 18, 2025 | application downtime, Cybersecurity, failover, high availability, patch management, zero-day exploits

Using high availability (HA) clustering to test patches and updates more easily and to apply them in production environments with near-zero application downtime. ...

Security Boulevard

What’s happening with MITRE and the CVE program uncertainty

Brian Fox | April 16, 2025 | CVE, Cybersecurity, open source, Thought Leaders, Vulnerabilities

Yesterday's headlines have sent ripples through the cybersecurity and software supply chain communities: MITRE announced that U.S. government funding for the CVE (Common Vulnerabilities and Exposures) database was set to expire today ...

2024 Sonatype Blog

CVE Program Almost Unfunded

Bruce Schneier | April 16, 2025 | DHS, national security policy, Uncategorized

Mitre’s CVE’s program—which provides common naming and other informational resources about cybersecurity vulnerabilities—was about to be cancelled, as the US Department of Homeland Security failed to renew the contact. It was funded ...

Schneier on Security

In traditional Chinese writing, the word for “crisis” combines the characters for “danger” and “opportunity”

MITRE Crisis: CVE Cash Ends TODAY — CISA says ‘No Lapse’

These are “interesting” times: U.S. government funding for the Common Vulnerabilities and Exposures program expires April 16 ...

Security Boulevard

Prophylactic Cybersecurity for Healthcare

Billy Hoffman | April 15, 2025 | Attack Surface Management, third party attacks, threat exposure management, Vulnerability Management

How to Be Proactive in a Reactive World In healthcare, preventative medicine is always more effective, less costly, and has better outcomes than waiting until after a serious heart incident occurs. It’s ...

IONIX Blog: Cybersecurity Insights & News

Simultaneous Visions by Umberto Boccioni

Reasoning in the Age of Artificial Intelligence

Lately, I often hear people asking: “Will Artificial Intelligence replace my job?” Perhaps you’ve had this thought too. More than just a matter of the job market or salary expectations, this question ...

MICROHACKERS

Visual overview of the DICOM file format. The start of the file is the Preamble with multiple sections as discussed above.

ELFDICOM: PoC Malware Polyglot Exploiting Linux-Based Medical Devices

Harry Hayward | April 11, 2025 | Vulnerability Research

A high severity vulnerability in DICOM, the healthcare industry’s standard file protocol for medical imaging, has remained exploitable years after its initial disclosure. The flaw enables attackers to embed malicious code within ...

Security Blog | Praetorian

Navigating New Cyber-Physical System Security Regulations

John Gallagher | April 11, 2025 | Blog, Compliance, CPS, cyber, regulations, remediation, Vulnerabilities

Cyber-Physical Systems (CPS) are no longer the stuff of science fiction; they are woven into the fabric of our daily lives, organizations, and critical infrastructure. From smart grids managing our power to ...

Viakoo, Inc

How to Prove the ROI of Your Vulnerability Management Metrics to the Board?

Shubham Jha | April 11, 2025 | Vulnerability Management, vulnerability management metrics

The ROI of Vulnerability Management comes down to the metrics—these might sound boring, but they are the magic numbers that decide whether security spending should be considered a cost or... The post ...

Strobes Security

NIST CSF vulnerabilities ransomware backlog

NIST Deprioritizes Pre-2018 CVEs as Backlog Struggles Continue

Jeffrey Burt | April 9, 2025 | app vulnerabilities, NIST, NIST CVE Backlog, security flaw

NIST, which for more than a year has been struggling to address a backlog of CVEs in its database following budget cuts, is now putting pre-2018 vulnerabilities on the back burner to ...

Security Boulevard