Today, we look at risks endured due to an over-reliance on the NIST CVSS ranking system.  While it has its uses, it was not designed to be predictive of threats to vulnerabilities.

Last week it was reported that two RCE vulnerabilities were found to be exposed on a DoD server.  These were apparently exposed for about a year.  

At the end of last week, ZD Net reported that the University of Utah paid $457,000 to malicious hackers who threatened to disclose university information following a ransomware attack...

Last week, on July 14, 2020, security researchers at BishopFox Labs (BFL) disclosed new vulnerabilities in the electronic health record (EHR) system LibreHealth EHR 2.0 that they had discovered in..

There is growing, general dissatisfaction with Web Application Firewalls (WAFs) as highlighted in a recent study by Neustar and subsequent article by DarkReading.

For CISO’s responsible for a portfolio of companies – whether at a private equity firm, holding company, or even just a large firm with multiple business units, understanding cyber threats that..

Last year, I had the good fortune to sit down and talk with Ed Amoroso, CEO of TAG Cyber, a top-notch cybersecurity research firm. 

Ever since we started CYR3CON, we are continually surprised at the hype cycle surrounding the application of machine learning.

Today’s video discusses the basics on vulnerability prioritization.  In it we discuss how mounting vulnerability disclosures – which averaged over 1,000 per month last year lead to a difficult..

CYR3CON CEO discusses AI and cybersecurity with former AT&T CISO Ed Amoroso, who now leads TAG Cyber.  Learn more about how AI can be properly leveraged in cybersecurity.