Security Boulevard

JUNE 2, 2023

The post 5G and Cybersecurity Risks in 2023 appeared first on Security Boulevard. Four years later, the number of people with 5G-enabled devices is still small in most countries. It’s uncertain if the reason behind the sluggish adoption is affordability, the lack of.

Risk 118

Risk Cybersecurity Telecommunications IoT 118

Penetration Testing

JANUARY 28, 2024

Identified as CVE-2023-6200, with a considerable CVSS score of 7.5, this flaw exposes a critical race condition within the handling of ICMPv6... The post Critical Alert: CVE-2023-6200 Exploits Linux Kernel with Code Execution Risk appeared first on Penetration Testing.

Penetration Testing 111

Penetration Testing Risk 111

Penetration Testing

JANUARY 24, 2024

Dubbed CVE-2023-49657, this stored cross-site scripting (XSS) vulnerability has... The post CVE-2023-49657: Apache Superset Hit by High-Risk Stored XSS Vulnerability appeared first on Penetration Testing.

Penetration Testing 109

Penetration Testing Risk Software 109

Penetration Testing

FEBRUARY 17, 2024

A recently disclosed vulnerability in Dell EMC Enterprise SONiC (CVE-2023-32484) could have profound consequences for your data center network security.

Penetration Testing 111

Penetration Testing Risk Network Security 111

CSO Magazine

MARCH 1, 2023

Known vulnerabilities, compromise of legitimate package, and name confusion attacks are expected to be among the top ten open source software risks in 2023, according to a report by Endor Labs. To read this article in full, please click here

Software 113

Software Risk 113

Security Boulevard

JULY 6, 2023

It’s been about six months since we released our top eight predictions for 2023, which covered everything from. Read More The post Has 2023 been the year of risk? The post Has 2023 been the year of risk? Updates on our 8 predictions appeared first on Hyperproof.

Risk 98

Risk CISO Government Cybersecurity 98

Heimadal Security

DECEMBER 18, 2023

An effective security strategy, therefore, needs to put managing risk at the heart of its approach. That’s where IT risk assessments […] The post How to Complete an IT Risk Assessment (2023) appeared first on Heimdal Security Blog.

Risk 81

Risk Cybersecurity 81

Krebs on Security

AUGUST 8, 2023

They were assigned a single placeholder designation of CVE-2023-36884. Satnam Narang , senior staff research engineer at Tenable, said the August patch batch addresses CVE-2023-36884 , which involves bypassing the Windows Search Security feature. out of a possible 10, even though Microsoft rates it as an important flaw, not critical.

Engineering 194

Engineering Accountability Passwords Software 194

Security Boulevard

MARCH 1, 2023

The post Top 10 Open Source Software Risks of 2023 appeared first on Security Boulevard. This problem has come into focus as more vulnerabilities present themselves and attacks on open source software ecosystems become more.

Software 115

Software Risk Mobile Malware 115

Penetration Testing

JANUARY 21, 2024

This library is cherished for its powerful capabilities... The post Pillow’s Critical Flaw: CVE-2023-50447 Exposes Python Projects to Risk appeared first on Penetration Testing.

Penetration Testing 99

Penetration Testing Risk 99

Penetration Testing

JANUARY 3, 2024

” plugin, a staple in over 300,000 WordPress sites, has been hit by a formidable security flaw, identified as CVE-2023-6600. With a CVSS score of... The post CVE-2023-6600: Over 300,000 Sites at Risk from OMGF Plugin XSS Flaw appeared first on Penetration Testing.

Penetration Testing 95

Penetration Testing Risk 95

The State of Security

AUGUST 2, 2022

Rising cybercrime affects everyone, but certain sectors are more at risk than others. In 2023, the auto industry could face particularly significant dangers. Reducing these risks will be crucial as more […]… Read More. Attacks in the automotive space can impact automakers, automotive fleets, and consumers alike.

Risk 104

Risk Cybercrime 104

Penetration Testing

JANUARY 25, 2024

This plugin, cherished for its ability to streamline the daunting task of... The post Over a Million Sites at Risk: Hackers are Exploiting CVE-2023-6933 Flaw in WordPress Plugin appeared first on Penetration Testing.

Penetration Testing 108

Penetration Testing Risk 108

Penetration Testing

NOVEMBER 13, 2023

These vulnerabilities could have allowed attackers to take control of affected systems... The post CVE-2023-5869: Unpatched PostgreSQL Servers at Risk of Arbitrary Code Execution Attacks appeared first on Penetration Testing. The PostgreSQL Global Development Group has released PostgreSQL 16.1,

Penetration Testing 96

Penetration Testing Risk 96

Security Boulevard

JUNE 7, 2023

As you know by now, the final version of the OWASP API Security Top-10 2023 has been released. At first blush, the final 2023 release seems to retain most of the changes in category naming, language and intent from the 2019 edition which we saw in the RC version. In this post, we are going [.]

Risk 69

Risk 69

Security Boulevard

FEBRUARY 17, 2023

in the FBI’s […] The post Threat Spotlight: Threat Intelligence & Geopolitical Risk in 2023 appeared first on Flare | Cyber Threat Intel | Digital Risk Protection. The post Threat Spotlight: Threat Intelligence & Geopolitical Risk in 2023 appeared first on Security Boulevard.

Risk 72

Risk Cyber threats 72

IT Security Guru

AUGUST 17, 2023

The 2023 Edition of the National Risk Register predicts that, in the next two years, there is a 5 to 25% chance that a devastating attack will target critical infrastructure and cause physical harm. Meanwhile, cyberattacks are getting more sophisticated, increasing the risk of threats such as supply chain attacks and ransomware.

Risk 98

Risk Healthcare Passwords Government 98

Veracode Security

SEPTEMBER 30, 2024

The latest, OWASP API Security Top 10 2023, gives our security and engineering teams a glimpse of attack vectors that are becoming more common. In the 2023 list, the categories in some cases are a bit broader… The OWASP Top Ten lists have been the cornerstone for application security best practices for over two decades.

Risk 52

Risk Architecture Technology Engineering 52

Tech Republic Security

MAY 15, 2023

A new report from Proofpoint provides global insight into CISOs' challenges, expectations and priorities for 2023. The post Survey: Most CISOs feel their business is at risk for cyberattack appeared first on TechRepublic.

CISO 190

CISO Risk Big data Ransomware 190

Security Affairs

JULY 5, 2024

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported. Intelligence and cybersecurity experts have different opinions on AI development.

Artificial Intelligence 144

Artificial Intelligence Technology Risk Hacking 144

SecureList

MAY 14, 2024

Incident response analyst report 2023 As an information security company, our services include incident response and investigation, and malware analysis. Our annual Incident Response Report presents anonymized statistics on the cyberattacks we investigated in 2023. This attack vector was among the three most frequently seen in 2023.

Ransomware 106

Ransomware Authentication Passwords Government 106

Heimadal Security

NOVEMBER 21, 2023

A cybersecurity risk assessment is a process organizations go through to identify, categorize, and respond to security risks. The goal is to get an understanding of your overall risk threshold, so you can identify strategies and policies to help reduce it.

Risk 52

Risk Cybersecurity Phishing 52

Security Boulevard

JULY 13, 2023

Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel. Permalink The post BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty appeared first on Security Boulevard.

Education 75

Education Risk Architecture CISO 75

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. High-risk vulnerabilities can cause errors in applications and affect customers’ business. More than a third (39%) used the microservice architecture.

Passwords 119

Passwords Authentication Architecture Risk 119

Security Boulevard

JANUARY 8, 2024

January 9, 2024 – NSFOCUS, a global provider of intelligent hybrid security solutions, today announced that NSFOCUS has been named a Major Player in the IDC MarketScape: Worldwide Risk-Based Vulnerability Management Platforms 2023 Vendor Assessment (doc #US50302323, November 2023). SANTA CLARA, Calif.,

Risk 69

Risk Cyber Attacks 69

Tech Republic Security

DECEMBER 30, 2022

Does your company have a risk management strategy in place that addresses the possibility of a major supplier security failure? The post Don’t overlook supply chain security in your 2023 security plan appeared first on TechRepublic. Supply chain security concerns continue to grow.

Risk 157

Risk 157

Trend Micro

FEBRUARY 6, 2024

In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution.

Risk 108

Risk Cyber threats 108

SecureList

MAY 6, 2024

Amid the current threat landscape, Kaspersky has conducted a comprehensive analysis of the financial risks, pinpointing key trends and providing recommendations to effectively mitigate risks and enhance security posture. Cryptocurrency phishing saw a 16% year-on-year increase in 2023, with 5.84 million detections compared to 5.04

Phishing 112

Phishing Banking Mobile Scams 112

Security Affairs

SEPTEMBER 20, 2023

GitLab rolled out security patches to address a critical vulnerability, tracked as CVE-2023-5009, that can be exploited to run pipelines as another user. GitLab has released security patches to address a critical vulnerability, tracked as CVE-2023-5009 (CVSS score: 9.6), that allows an attacker to run pipelines as another user.

Hacking 133

Hacking Risk Information Security 133

Security Boulevard

DECEMBER 29, 2022

The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Hyperproof. The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Security Boulevard.

InfoSec 72

InfoSec Risk Cyber Attacks CISO 72

Security Boulevard

DECEMBER 15, 2023

Life comes at you fast, and that’s especially true for CISOs grappling with the many compliance risks in cybersecurity. From greater regulatory pressures and heightened privacy standards to increased personal liability, topped off with new rules for artificial intelligence — a lot happened in 2023.

Artificial Intelligence 111

Artificial Intelligence CISO Risk Cybersecurity 111

Security Boulevard

JULY 22, 2023

In early June 2023, OWASP released the final version of the OWASP API Security Top-10 list update. At that time we published a “hot take” on this final version and followed that up with an in-depth look at the new risk ratings for 2023. The post 2023 OWASP Top-10 Series: Introduction appeared first on Wallarm.

Risk 98

Risk 98

Security Boulevard

DECEMBER 11, 2023

The post The top cyber security news stories of 2023 appeared first on Click Armor. The post The top cyber security news stories of 2023 appeared first on Security Boulevard.

CISO 126

CISO Security Awareness Phishing Risk 126

Security Boulevard

DECEMBER 28, 2023

Transparency in vulnerability disclosure plays a crucial role in effective risk management, regardless of software development models. The The post 2023 Kubernetes vulnerability roundup appeared first on ARMO. The post 2023 Kubernetes vulnerability roundup appeared first on Security Boulevard.

Software 69

Software Risk 69

Security Boulevard

JUNE 1, 2023

The post Private APIs at Risk: Q1-2023 API ThreatStats™ Report appeared first on Wallarm. The post Private APIs at Risk: Q1-2023 API ThreatStats™ Report appeared first on Security Boulevard. And 90% of organizations use or are planning to use private APIs provided by partners – up from 68% in 2019.

Risk 52

Risk 52