Articles about vulnerabilities

So far this year, vulnerabilities have risen by 11 percent and the availability of publicly known exploits has increased by six percent.

The latest Cyber Threat Intelligence Index from Flashpoint reveals 17,518 newly disclosed vulnerabilities in the first half of the year. Also, over 45 percent of all vulnerabilities disclosed in H1 2024 are rated high to critical in CVSSv3.

Continue reading →

A new report from security testing platform Synack shows a rise in critical-severity vulnerabilities in 2023 compared to 2022.

On a positive note though, despite mounting pressures on security teams, organizations have reduced their mean time to remediation for critical-severity vulnerabilities by 24 days and high-severity vulnerabilities by 18 days, down to 56 and 74 days, respectively.

Continue reading →

macOS and iOS have showed an increased exploitation rate of seven percent and eight percent, respectively. Although macOS reduced its total vulnerability by 29 percent from 2023 to 2022, exploited vulnerabilities have increased by over 30 percent.

This is among the findings of the Software Vulnerability Ratings Report from Action1 Corporation which offers insights into vulnerability trends within commonly used enterprise software categories, focusing on exploitation rate and Remote Code Execution (RCE) vulnerabilities.

Continue reading →

Patching is something that we all know we have to do. But it is easier said than done. In reality, patching can be hard due to problems around application compatibility, having adequate downtime windows, or more pressing business risks to manage. This can lead to some very serious software problems being left open and vulnerable to exploitation.

Here are three examples of common software vulnerabilities that existed for years with updates available, yet are still regularly targeted by threat actors.

Continue reading →

According to new research 82 percent of companies report an increase in the gap between the number of vulnerabilities/exposures in their environment and their ability to remediate them.

The 2024 State of Security Posture Survey from XM Cyber is based on a survey of 300 CISOs and security decision-makers from large organizations in the US and UK, and shows 62 percent of security and IT teams actively engage in the remediation of exposures or vulnerabilities, handling an average of 12 per week.

Continue reading →