Security news aggregator

Latest coverage for Vulnerability

Vulnerabilities are flaws attackers can exploit to access systems or data; timely patching, isolation, and least privilege reduce the impact.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A vulnerability is a weakness in a system’s design, code, configuration, or operating process that could allow an attacker to violate a security requirement. It may affect software, hardware, networks, cloud services, or exposed interfaces, and is not automatically exploitable: practical risk depends on factors such as exposure, required privileges, available attack paths, and existing controls. Outcomes can include unauthorized access, information disclosure, code execution, or disruption of service.

Effective vulnerability management combines accurate asset inventory with code review, security testing, scanning, and trusted vulnerability intelligence. Organizations should prioritize weaknesses affecting reachable, business-critical systems—especially when exploitation is known or requires little access—then patch or otherwise mitigate them and verify the fix. Where patching is delayed, controls such as disabling an exposed feature, restricting network access, or strengthening authentication can reduce the attack surface. Records should preserve affected versions, risk decisions, remediation owners, and validation results.

Showing 4 most recent headlines Filtered view
Bank Info Security 2 years, 8 months ago

FTC Proposes New Cyber Disclosure Rule After Prison Hack

Federal Contractor Must Comply With New Reporting Measures Following Data BreachGlobal Tel*Link, a major telecommunications provider for state and federal prison systems, will be required to notify the FTC and consumers of future security incidents after a sweeping data breach left hundreds of thousands of its users vulnerable to identity theft and other privacy concerns.

Bank Info Security 2 years, 8 months ago

SonicWall Buys Solutions Granted to Offer MSPs More Services

Buying Master MSSP Will Bring MDR, SOC and Vulnerability Management to MSPs, MSSPsSonicWall acquired a longtime master MSSP partner to bring MDR, SOC and vulnerability management capabilities to its managed service providers. Buying Solutions Granted will help SonicWall detect and respond to endpoint or cloud-based threat activity on behalf of its MSP and MSSP partners.

Bank Info Security 2 years, 8 months ago

Google Says 4 Attack Campaigns Exploited Zimbra Zero-Day

Zimbra Patched the Cross-Site Scripting Vulnerability on July 25A zero-day flaw in the Zimbra Collaboration email server proved to be a bonanza for hackers as four distinct threat actors exploited the bug to steal email data and user credentials, says Google. Most of the exploit activity occurred after Zimbra had posted a hotfix on July 5.

Bank Info Security 2 years, 8 months ago

Vulcan Cyber Raises $34M to Safeguard Attack Path Management

Series B Extension Will Help Vulcan Cyber Go Beyond Legacy Vulnerability ManagementA breakthrough star in Forrester's latest vulnerability risk management rankings hauled in $34 million to expand into the cyber risk and attack path management markets. The Series B extension funding will allow Vulcan Cyber to go beyond legacy vulnerability management and take on ASPM.