Today, we look at risks endured due to an over-reliance on the NIST CVSS ranking system.  While it has its uses, it was not designed to be predictive of threats to vulnerabilities.

Guest post from Jaquar Harris, Director of Intelligence Services at Global Resilience Federation.

The year 2020 has changed what “going to work” entails for professionals with many employees..

Last week it was reported that two RCE vulnerabilities were found to be exposed on a DoD server.  These were apparently exposed for about a year.  

At the end of last week, ZD Net reported that the University of Utah paid $457,000 to malicious hackers who threatened to disclose university information following a ransomware attack...

CyRating® is a risk measurement representing the current real-world threat to a vulnerability. 

Patch What Matters: Strategic Partnership Brings Predictive Threat Intelligence to GRF Member Organizations 

Last week, on July 14, 2020, security researchers at BishopFox Labs (BFL) disclosed new vulnerabilities in the electronic health record (EHR) system LibreHealth EHR 2.0 that they had discovered in..

The Russian hacker group Cozy Bear or APT29 (aka the Dukes, Office Monkeys, CozyCar) is targeting organizations involved in COVID-19 vaccine research according to key government cyber..

There is growing, general dissatisfaction with Web Application Firewalls (WAFs) as highlighted in a recent study by Neustar and subsequent article by DarkReading.

For CISO’s responsible for a portfolio of companies – whether at a private equity firm, holding company, or even just a large firm with multiple business units, understanding cyber threats that..