Security News

Kenna Security, the enterprise leader in risk-based vulnerability management, announces the Exploit Prediction Scoring System (EPSS), a free, open model that uses 16 variables to predict the...

Security updates released by Apple this week for iOS 13 and macOS Catalina 10.15 address roughly 40 vulnerabilities, including issues that affect both operating systems. read more

Two critical authentication-related vulnerabilities have been found in a chiller made by Germany-based Rittal for cooling IT applications. Rittal, a subsidiary of German manufacturing and services...

A chain of vulnerabilities in MikroTik routers could allow an attacker to gain a backdoor. The chain starts with DNS poisoning, goes on to downgrading the installed version of MikroTik's RouterOS...

Slack informed bug bounty hunters on Monday that it has increased the minimum rewards for serious vulnerabilities found in its products and websites. read more

Although the total number of IaaS cloud vulnerabilities is still small and the technology relatively young, volumes are increasing year-over-year at a steady rate, an expected to hit 50-percent...

Google has patched three more serious Chrome vulnerabilities that can be exploited to escape the web browser’s sandbox, and awarded the researcher who reported them a total of $50,000. read more

IoT/ICS networks and unmanaged devices are soft targets for adversaries, increasing the risk of costly downtime, catastrophic safety and environmental incidents, and theft of sensitive...

Denim Group, the leading independent application security firm, announced an integration with Snyk, the leader in developer-first open source security. This integration allows customers to find...

WordPress 5.2.4, which WordPress developers released this week, patches six vulnerabilities, including cross-site scripting (XSS), unauthorized access, server-side request forgery (SSRF), and...