Security news that informs and inspires

Archive

60 results for tag Vulnerability:

What IT Needs to Know About Foreshadow

Foreshadow/L1TF refer to a group of vulnerabilities that can be exploited in modern Intel chips using speculative execution attacks to bypass security protections and harvest sensitive information.

Vulnerability, Hardware, Spectre

Expect More Spectre, Meltdown Variants Until Updated Chips Arrive

After Meltdown and Spectre, many researchers warned that increased scrutiny on side-channel meant more attacks will be found, so the discovery of "Variant 4" is not a surprise. More variants will be found as chip makers update their designs over the next few years to fix the issues.

Hardware, Security Processor, Vulnerability

Predict Which Security Flaws Will be Exploited, Patch Those Bugs

How do enterprises figure out which security flaws to fix first? Research shows common vulnerability management and remediation strategies are no better than random guesses. Trying to predict which flaws will be exploited and fixing those is a better use of the security teams's time.

Vulnerability, Patch

AMD Releases Spectre Mitigations

AMD has released mitigations for the Spectre vulnerability that affects some of its processors.

Vulnerability

GitHub Alerts Help Fix Bugs in Ruby, JavaScript Code

When GitHub unveiled its Security Alerts scanning feature last November, it was betting that if project owners knew which software components they were using had vulnerabilities, they would update them with patched versions. GitHub said that by Dec. 1, 450,000 vulnerabilities had been resolved, either by removing the dependency entirely or swapping out with a more recent, patched version. That's a little over 10 percent of the vulnerabilities addressed, right off the bat.

App Security, Vulnerability, Software Security