US-CERT
Runtime Application Security: Made to Protect Against LOG4J2 Attacks
A recently discovered vulnerability in LOG4J2 (also referred to as LOG4SHELL) is being widely reported as one of the most dangerous vulnerabilities in application software to date. There is already news that ...
Fifth Record Year in a Row for Vulnerabilities
On December 8, 2021 we just hit another milestone with the number of vulnerabilities recorded in the US CERT Vulnerability Database (so far in 2021) exceeding the total count in 2020, marking ...
The Security Implications of Application Proliferation
The proliferation of applications in the wake of COVID and more employees than ever working from home should not be a surprise to anyone. The worry though, is whether organizations have taken ...
Historic scientific notation bug foils WAF defenses
A new article in the Daily Swig discloses that security researchers have discovered that a historic vulnerability affecting both MySQL and MariaDB databases caused serious flaws for security technologies, specifically Web Application ...
On Track for Fifth Record Year in a Row for Vulnerabilities
Last year, K2 Cyber Security reported that the US-CERT Vulnerability Database hit a record number of vulnerabilities recorded for the fourth year in a row on December 15, 2020. As of last ...
U.S., UK and Australia Issue Joint Cybersecurity Advisory
As vulnerabilities are discovered, advisories are issued, remedies and mitigations are shared and then the onus is on the end user and/or company to do what’s necessary to close the window into ...
2020’s Record Numbers of Vulnerabilities
The final numbers for reported vulnerabilities in 2020 are published. We covered the news when the number of vulnerabilities recorded hit a record for the fourth year in a row. The US-CERT ...
Fourth Record Year in a Row for Vulnerabilities
On December 15, 2020 we just hit another milestone with the number of vulnerabilities recorded in the US CERT Vulnerability Database (so far in 2020) exceeding the total count in 2019, marking ...
U.S. Infrastructure Vulnerable to Russia (and Others)?
The U.S. Cyber Emergency Response Team (US-CERT) issued an alert March 15, “Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors” – Alert TA18-074A. It wasn’t necessarily an ah-ha moment ...
The Implications of US-CERT’s Concerns of Russia Targeting Critical Infrastructure
A US-CERT warning about Russian government activity targeting energy companies and other organizations has elevated concerns about the vulnerability of U.S. critical infrastructure sectors to damaging cyber attacks. Many see the alert as ...
