Vulnerability Management is the cornerstone of information security programs. Cybersecurity practitioners leverage vulnerability management programs to identify, classify, prioritize, remediate, and mitigate vulnerabilities most often found in software and networks. Vulnerability assessments, while not mutually exclusive with vulnerability management, are generally part of a vulnerability management program in order to identify, quantify, and prioritize vulnerabilities in a system.

This blog was written by an independent guest blogger. Is your company at risk of a Denial of Service (DoS) attack? If so, which areas are particularly vulnerable? Think it’s a crazy question? Think again. In 2020, 16 DDoS attacks take place every minute. DoS attacks require fewer resources, and so pose an even greater threat. In this post, we’ll discuss what a DoS attack is and how it differs from a Distributed Denial of Service (DDoS) attack.

We love it when our teams and colleagues are sharing with us their personal projects and findings - this time, Android Apps Penetration Testing by our own Noy Pearl. If you are an android developer, pen-tester, researcher or just like most of us a security enthusiasts - this one is for you.

Digital fraudsters have seized upon coronavirus 2019 (COVID-19) as a lure for their new scams and attack campaigns. Together, these malicious operations constitute nothing short of a deluge. Barracuda revealed that it spotted 9,116 coronavirus-themed spear-phishing emails between March 1 and March 23, 2020—a 667% increase over the 1,188 attacks detected a month earlier. By comparison, the security firm spotted just 137 coronavirus-themed email campaigns in January.

At Redscan, we’ve set about shining light on some of these challenges by analysing how the crisis has affected online search behaviour in relation to cyber security and technology. The findings provide insight into how well-prepared businesses were for such an incident, the tools organisations are turning to support operations, and potential threats they are facing.

Chief information security officers (CISOs) face no shortage of challenges. Expanding attack surfaces and complex cloud security environments have given rise to new advanced threats. Compliance regulations have become more rigorous and punitive. And while digital transformation accelerates the pace of doing business, its impact is often limited by budget restrictions and security talent gaps. At Splunk we talk to hundreds of CISOs every year. Here's what they told us they care about in 2020.

As continuous software deployments grow and become the accepted standard, security measures gain even more importance. From development and all the way through to production, security requirements should be adopted by all teams in an organization. JFrog IDE integrations provide security and compliance intelligence to the developer right from within their IDE.

Why leveraging live environment simulations and putting ICS tools to the test is the best way to evaluate their fitness. Track and field was one of my favorite sports growing up. I didn’t begin competitively participating until I was a teenager, but I was instantly hooked once I started. Why? Because the clock didn’t lie. The tape measure didn’t lie. The fastest time always won, and the longest throw always won. I like to think of ICS security tools in a similar way.

Cybercriminals are taking advantage of the fear and uncertainty surrounding the current global health and economic situation as well as sudden shifts and exposures in IT environments to launch COVID-19 related attack campaigns. The bad guys are moving full-steam ahead in their efforts to lure victims by playing on their fears.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. In these strange times certain platforms have gained increased popularity, Zoom being one appears to have attracted a lot of attention and not just from it’s users. Both sides of infosec have taken a bite. The news appears to be changing rapidly as Zoom react and deal with it. What is really true about the claims?