Security news aggregator

Latest coverage for Mitigation

Mitigation covers measures that reduce cybersecurity risk, limit damage from incidents, and help restore secure operations after an attack.

41 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Mitigation is the use of measures that reduce the likelihood or impact of a security threat. In information security, it commonly describes actions taken after a vulnerability, misconfiguration, or active attack is identified, as well as controls planned during system design. Mitigation may lower exposure without removing the underlying weakness; a software patch fixes a vulnerability, while disabling an affected feature or restricting access may provide temporary protection.

Effective mitigation connects vulnerability management with operational decisions: prioritize exposed, exploitable weaknesses on important assets; apply patches or configuration changes; and use compensating controls such as network segmentation, least-privilege access, multifactor authentication, or service isolation when a fix is unavailable. Threat intelligence can help assess exploitation urgency. Controls should be tested and monitored because they can fail or create new exposure. During an incident, containment actions—such as isolating a host or revoking credentials—are mitigations that limit spread while investigation and remediation proceed.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 41 Filtered view

Just a day after Cisco disclosed CVE-2023-20198, it remains unpatched, and one vendor says a Shodan scan shows at least 10,000 Cisco devices with an implant for arbitrary code execution on them. The vendor meanwhile has updated the advisory with more mitigation steps.

Just a day after Cisco disclosed CVE-2023-20198, it remains unpatched, and one vendor says a Shodan scan shows at least 10,000 Cisco devices with an implant for arbitrary code execution on them. The vendor meanwhile has updated the advisory with more mitigation steps.

CIARA V4.0 boosts compliance with security regulations and best practices while providing effective mitigation guidance. "CISOs are doing more with less, making it challenging to understand their current standing across the OT Cybersecurity landscape," said Ilan Barda, Radiflow CEO and co-founder.

Loading more headlines...