Security news aggregator

Latest coverage for Attack Surface Management

Attack Surface Management identifies exposed assets and weaknesses so defenders can reduce unknown entry points, prioritize fixes, and limit attacker access.

2 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Attack Surface Management continuously identifies and monitors all digital assets an organization exposes to potential attackers, including internet-facing systems, cloud resources, APIs, employee devices, and third-party connections. This process reveals where vulnerabilities or misconfigurations might exist, which attackers could exploit to gain unauthorized access or move laterally within networks.

Maintaining an accurate, up-to-date inventory of assets enables targeted vulnerability scanning and prioritizes remediation efforts. It also uncovers shadow IT and forgotten resources that often lack security controls. Automated discovery and monitoring tools help sustain visibility over evolving attack surfaces, reducing the risk of exploitation through unknown or unmanaged entry points. This practice is essential for minimizing exposure and supporting effective defensive operations.

Showing 2 most recent headlines Filtered view

A first-of-its-kind security analysis of iOS Find My function has demonstrated a novel attack surface that makes it possible to tamper with the firmware and load malware onto a Bluetooth chip that's executed while an iPhone is "off." The mechanism takes advantage of the fact that wireless chips related to Bluetooth, Near-field communication (NFC), and ultra-wideband (UWB) continue to operate