Skip to content

Vulnerability Assessment

Risk management news.

Rigging the Whack-a-Vulnerability Game in Your Favor

Rigging the Whack-a-Vulnerability Game in Your Favor

Vulnerability management is often compared to a game of Whack-a-Mole, with new vulnerabilities constantly popping up and no end in sight. What if there was a way to rig this Whack-a-Vulnerability game in your favor? Whack-a-Mole: “A situation in which repeated efforts to resolve a problem are frustrated by the

Log4j Repos: An Unprecedented Event on Github

Log4j Repos: An Unprecedented Event on Github

The Log4j vulnerability is the topic on everyone’s lips, and Github is no exception. At 223 repos and counting, threat actors don’t need to look far to find the exploits they need. CVE-2021-44228, also known as Log4Shell, is a remote code execution vulnerability in the Apache Log4j library.

Shopping Seasons and Scamming Sites

Shopping Seasons and Scamming Sites

Cybercriminals prepare long in advance for the holiday season - but they won’t need any wrapping paper for what they have in store. ‘Tis the season for phishing, and you’d better watch out. Wouldn’t it be nice if threat actors could give us a break for the

Forrester TEI: Cybersixgill can deliver 311% ROI, enabling enterprises to scale dark web threat intelligence while closing the knowledge gaps

Forrester TEI: Cybersixgill can deliver 311% ROI, enabling enterprises to scale dark web threat intelligence while closing the knowledge gaps

A recent Total Economic Impact (TEI) conducted by independent consulting firm Forrester has affirmed: organizations employing Cybersixgill products experienced benefits of almost $1.57, and a 311% return on investment. Effective cybersecurity programs are becoming more reliant on threat intelligence sourced from the deep and dark web. Understanding the return

The Apache Avalanche: Log4j2 Zero-Day Vulnerability

The Apache Avalanche: Log4j2 Zero-Day Vulnerability

The Log4j2 Zero-Day vulnerability lit up the internet like an overachieving neighbor decorating their house for Christmas. Only days within its discovery, CVE-2021-44228 catapulted to the top of the CVE board, scoring the dreaded 10/10 CVSS rating. Apache Log4j2 is an open-source logging framework integrated into many Java-based applications

CVE Publishing - a Double-Edged Sword?

CVE Publishing - a Double-Edged Sword?

CVE (Common Vulnerabilities and Exposures) is a list of publicly known cybersecurity vulnerabilities and exposures. Its purpose is to facilitate the sharing of data and to alert users of required actions to mitigate potential threats in the cyber world. Although the practice of alerting the public with new CVEs is

The Vulnerability of the Health Care Industry to Cyber Attacks

The Vulnerability of the Health Care Industry to Cyber Attacks

Similar to other verticals, the health care industry is vulnerable to cyberattacks that can cause tremendous damage, both to the medical organizations themselves and to their patients. The Medicare Case and stolen cards details Just looking at the after-effects of the recent Medicare breach in Australia and other recent data