CISA vulnerability cybersecurity Atlassian CISA

CISA Cites Modest Progress in Reducing CVEs

CISA highlighted advancements related to two Cybersecurity Performance Goals (CPGs) it first introduced in October 2022 ...
Security Boulevard

CACTUS Qlik Ransomware: Vulnerabilities Exploited

A cyberattack campaign dubbed the CACTUS Qlik Ransomware has become prominent in ransomware attacks on BI systems. Researchers have warned of threat actors exploiting three Qlik security vulnerabilities to target different organizations ...
Microsoft Colonial Pipeline, lessons, vulnerabilities pipedream supply chains CI/CD pipeline dev environment Linux

Microsoft Vulnerabilities Top CISA’s List of Ransomware-Linked CVEs

Microsoft products, including Windows and Exchange Server, are highly targeted, accounting for most CVEs used in ransomware attacks ...
Security Boulevard
cybersecurity insurance

Coalition Forecasts CVE Disclosure Spike in 2023

Coalition, a provider of cyberinsurance, today published a report that predicted a 13% increase in the average number of vulnerabilities disclosed per month in 2023. The report estimated more than 1,900 additional ...
Security Boulevard
ransomware landscape, defenders, cybersecurity ransomware

Report Surfaces Top Vulnerabilities of 2022

Rezilion, a vulnerability management platform provider, shared a list of the top vulnerabilities discovered in 2022. The report suggested that organizations should address these before the start of the New Year if ...
Security Boulevard
How to Comply With the US Government’s Strict Software Requirements

How to Comply With the US Government’s Strict Software Requirements

We break down H.R. 7900, a well-intentioned but perhaps unrealistic bill that requires companies working with the DoD to provide a software bill of materials (SBOM) and patch all known vulnerabilities. The ...
How to Comply With the DoD’s Newer and Stricter Software Requirements

How to Comply With the DoD’s Newer and Stricter Software Requirements

We break down H.R. 7900, a well-intentioned but perhaps unrealistic bill that requires companies working with the DoD to provide a software bill of materials (SBOM) and patch all known vulnerabilities. The ...
CVE/NVD Failed to Report and Detail 27.3% of Vulnerabilities in 2022 H1

CVE/NVD Failed to Report and Detail 27.3% of Vulnerabilities in 2022 H1

Today, Flashpoint releases the State of Vulnerability Intelligence: 2022 Midyear Edition, a report designed to help organizations understand and properly contextualize the vulnerability landscape. The post CVE/NVD Failed to Report and Detail ...
CVE/NVD Failed to Report and Detail 27.3% of Vulnerabilities in 2022 H1

CVE/NVD Failed to Report and Detail 27.3% of Vulnerabilities in 2022 H1

Today, Flashpoint releases the State of Vulnerability Intelligence: 2022 Midyear Edition, a report designed to help organizations understand and properly contextualize the vulnerability landscape. The post CVE/NVD Failed to Report and Detail ...
Imperva Protects from New Spring Framework Zero-Day Vulnerabilities

Imperva Protects from New Spring Framework Zero-Day Vulnerabilities

New zero-day Remote Code Execution (RCE) vulnerabilities were discovered in Spring Framework, an application development framework and inversion of control container for the Java platform. The vulnerability potentially leaves millions of applications ...