Federal agencies have until Dec. 24 to apply fixes for Log4Shell vulnerability
DHS directives give departments 15 days to respond to critical vulnerabilities of this type.
DHS questions vulnerability disclosure program
Undiscovered vulnerabilities in agency information systems could be exploited by nation-states or hackers.
Report: Two Interior Department agencies riddled with IT vulnerabilities
Thousands of critical and high-risk vulnerabilities were identified on IT assets at the Bureau of Indian Affairs and Bureau of Indian Education, according to an inspector general report released to the public.
Google aims to fix XSS, make the web safer
Ninety-five percent of the one billion websites Google scanned recently were vulnerable to Cross-Site Scripting, or XSS, attacks, allowing hackers to load malicious code onto the computers of anyone who visited their page. This week the company issued tools to help web developers identify and mitigate XSS vulnerabilities.
Critical vulnerability discovered in MySQL application
A researcher has discovered a critical security flaw in the world's most widely used open-source database application — one that could allow hackers to completely take over a web server.
Former White House cyber director: Expect another Shadow Brokers incident
Another Shadow Brokers-like incident — in which unprecedented, older software vulnerabilities are indiscriminately posted online for everyone to see — should be expected in the “near future,” said former White House National Security Council Senior Director for Cybersecurity Ari Schwartz.