Federal agencies have until Dec. 24 to apply fixes for Log4Shell vulnerability

by • 5 months ago

DHS directives give departments 15 days to respond to critical vulnerabilities of this type.

DHS questions vulnerability disclosure program

by • 3 years ago

Undiscovered vulnerabilities in agency information systems could be exploited by nation-states or hackers.

Report: Two Interior Department agencies riddled with IT vulnerabilities

by • 5 years ago

Thousands of critical and high-risk vulnerabilities were identified on IT assets at the Bureau of Indian Affairs and Bureau of Indian Education, according to an inspector general report released to the public.

Google aims to fix XSS, make the web safer

by • 6 years ago

Ninety-five percent of the one billion websites Google scanned ​recently were vulnerable to Cross-Site Scripting, or XSS, attacks, allowing hackers to load malicious code onto the computers of anyone who visited their page. This week the company issued tools​ to help web developers identify and mitigate XSS vulnerabilities.

Critical vulnerability discovered in MySQL application

by • 6 years ago

A researcher has discovered a critical security flaw in the world's most widely used open-source database application — one that could allow hackers to completely take over a web server.

Former White House cyber director: Expect another Shadow Brokers incident

by • 6 years ago

Another Shadow Brokers-like incident — in which unprecedented, older software vulnerabilities are indiscriminately posted online for everyone to see — should be expected in the “near future,” said former White House National Security Council Senior Director for Cybersecurity Ari Schwartz.