More than 600 new Internet security vulnerabilities were discovered during the first quarter of 2005, according to the SANS Institute and a team of experts from industry and government. The new report provides a quarterly update to the SANS Top 20 Internet Security Vulnerabilities list published annually in October. The most important vulnerabilities from Q1 2005 can be seen at the following link.
The past week, during Infosecurity Europe 2005, we met up with Gerhard Eschelbeck, CTO of Qualys, and got his comment on the latest news on the SANS Top 20 list. In the team behind this Quarterly Vulnerability Update, Mr. Eschelbeck is representing the vulnerability management expert community.
The audio session is 2:30 minutes long and is streamed in Flash format. If you can't see the controls below, download Flash here.
Posted on 22 October 2014. | A new Windows zero-day vulnerability is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.
Posted on 21 October 2014. | Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.
Posted on 15 October 2014. | Lynis unearths vulnerabilities, configuration errors, and provides tips for system hardening. It is written in shell script, installation is not required and can be performed with a privileged or non-privileged account.
Posted on 14 October 2014. | Enabling employees and contractors to bring their own devices to work has become a way of life for many organizations. Many understand that traditional perimeter security defenses are not effective at identifying attacks on mobile devices.