Sounil Yu at the MITRE ATT&CK Conference, holding up a life-size poster of the MITRE ATT&CK framework. Yu has contributed to cybersecurity models in his own right, having developed the Cyber Defense Matrix that was described by one tech leader as the “must-have playbook in modern information security programs.”
Keeping tabs on the vast constellation of vendors in the cybersecurity space, what they do and how they fit into your overall defense strategy can sometimes feel like trying to count the stars in the sky. Understanding this landscape has never been more critical for businesses today, which is why Sounil Yuâs Cyber Defense Matrix is so valuable.
Google patches yet another Chrome zero-day, tight-lipped about details Thursday, 22 April 2021 06:47 Google patches yet another Chrome zero-day, tight-lipped about details Featured Image by Clker-Free-Vector-Images from Pixabay
Search giant Google has been forced to patch yet another zero-day in its Chrome browser, the fourth this year, but the company has not provided any indicators of compromise or other details n its advisory.
In
an advisory dated 20 April (US time), the company merely said that the stable branch of Chrome had been updated for Windows, Mac and Linux. It said it was aware that exploits for this latest flaw were floating around the Internet.
iTWire Wednesday, 14 April 2021 05:55 Four more remotely exploitable bugs found in Microsoft Exchange Server Featured Image by Ron van den Berg from Pixabay
Microsoft has issued patches for four remotely-exploitable vulnerabilities in its Exchange Server product, a little more than a month after the company warned of
Two of the vulnerabilities were reported by the NSA, with the agency
saying in a tweet that it urges applying critical Microsoft patches released today, as exploitation of these #vulnerabilities could allow persistent access and control of enterprise networks .
NSA urges applying critical Microsoft patches released today, as exploitation of these #vulnerabilities could allow persistent access and control of enterprise networks.https://t.co/SYkqmjeM2h
Latest Articles freerepublic.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from freerepublic.com Daily Mail and Mail on Sunday newspapers.
The site played a crucial role in shaping the cybersecurity industry in its early, fledgling days.
Established by Scott Chasin on November 5, 1993, BugTraq provided the first centralized portal where security researchers could expose vulnerabilities after vendors refused to release patches.
The portal existed for many years in a legal gray zone. Discussions on the site about the legality of disclosing security flaws when vendors refused to patch are what shaped most of today s vulnerability disclosure guidelines, the axioms on which most bug hunters operate today.
Today, it sounds reasonable for a security researcher to release details about a patched or unpatched bug, but back then, such details were often controversial, sometimes resulting in many legal threats.