Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) – How to Detect and Remediate

Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) – How to Detect and Remediate

Today, Microsoft released patch for CVE-2020-0601, a vulnerability in windows “crypt32.dll” component that could allow attackers to perform spoofing attacks. This was discovered and reported by National Security Agency (NSA) Researchers. The ...
Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)

Citrix released a security advisory (CVE-2019-19781) for a remote code execution vulnerability in Citrix Application Delivery Controller (ADC) and Citrix Gateway products. The vulnerability allows an unauthenticated remote attacker to execute arbitrary ...

Vulnerability Management Program Best Practices

An enterprise vulnerability management program can reach its full potential when it is built on well-established foundational goals that address the information needs of all stakeholders, when its output is tied back ...
Methuselah small

Climbing the Vulnerability Management Mountain: Reaching Maturity Level 1

The time at ML:0 can be eye-opening form many organizations. There are generally a lot of assets discovered that are new or had been forgotten about. Almost every organization discovers their own ...
Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability – (CVE-2019-12643)

Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability – (CVE-2019-12643)

Cisco published an update for Cisco IOS XE operating system to patch a critical vulnerability that could allow a remote attacker to bypass authentication on devices running an outdated version of Cisco ...

How to Build a Mature Vulnerability Management Program

The evolution of the cyber threat landscape highlights the emerging need for organizations to strengthen their ability to identify, analyze and evaluate cyber risks before they evolve into full-fledged security incidents. When ...

4 Fundamentals That Make Your Vulnerability Management (VM) Program Less Effective

If you are a security practitioner, then you may have noticed that much of the security industry exists because of vulnerabilities. Regardless of what job position you occupy, vulnerabilities are oftentimes the ...
More than 1 in 4 have been breached

Unpatched Vulnerabilities Caused Breaches in 27% of Orgs, Finds Study

In May 2019, Verizon Enterprise released the 12th edition of its Data Breach Investigations Report (DBIR). Researchers analyzed a total of 41,686 security incidents, of which there were 2,013 data breaches, for ...

To Agent or Not to Agent: That Is the Vulnerability Management Question

With the evolution of technology comes new approaches to solving problems. Sometimes a new approach fixes the problem; sometimes it creates new ones. The good thing is as folks who work in ...

Is Your Vulnerability Management Program Efficient and Successful?

Be organized and efficient. It’s a simple rule of life that makes things run a whole lot smoother. This is something especially important when running your vulnerability management program. There are only ...