Microsoft Confirms SQL Zero-Day Security Vulnerability—Here’s The Fix

Microsoft has confirmed that a hacker who successfully exploits a zero-day SQL vulnerability could gain system administrator privileges. Here’s how to fix it.
Nextgov

NIST’s vulnerability database logjam is still growing despite attempts to clear it

Get the latest federal technology news delivered to your inbox. Despite goals set last year by the National Institute of Standards and Technology to process a backlog of unanalyzed cybersecurity ...

Armis Announces Armis Centrix™ for Vulnerability Management Detection and Response to Reduce Cyber Risk and Eliminate Operational Friction

Armis, the cyber exposure management & security company, today announced Armis Centrix™ for Vulnerability Management Detection and Response. The solution enables security teams to precisely identify ...
AppleInsider

Global security vulnerability database gets 11 more months of funding [u]

After the U.S. government initially cut its funding of the CVE database, used to track security vulnerabilities in operating systems and software, CISA has said it will continue to be funded for ...
CSOonline

New EU vulnerability database will complement CVE program, not compete with it, says ENISA

After the CVE’s program’s near-death experience in April, might the Europeans be looking for a more reliable long-term system? From this week, the global technology industry has a new database to ...
TechRepublic

European Vulnerability Database is Live: What This ‘Essential Tool’ Offers Security Experts

European Vulnerability Database is Live: What This ‘Essential Tool’ Offers Security Experts Your email has been sent The announcement comes after concerns that the US government would stop funding the ...
Infosecurity Magazine

Researchers Uncover ‘LeakyLooker’ Vulnerabilities in Google Looker Studio

A set of nine cross-tenant vulnerabilities in Google Looker Studio that could have enabled attackers to extract or manipulate ...
ZDNet

Why the CVE database for tracking security flaws nearly went dark - and what happens next

Over the weekend, security experts were beginning to panic. MITRE announced that the US government had not renewed funding for the Common Vulnerabilities and Exposures (CVE) database. MITRE VP Yosry ...
American Banker

The cybersecurity database the government nearly defunded

For a few hours this week, the future of the Common Vulnerabilities and Exposures (CVE) Program — a database used by companies and governments to learn about new security holes in the software they ...
Security Boulevard

Common ecommerce security vulnerabilities and testing strategies

Ecommerce platforms represent one of the most consistently targeted areas of the modern digital estate. They process payment ...
MacRumors

Security Database Used by Apple Goes Independent After Funding Cut [Updated]

Update: Following the CVE Foundation's announcement (below), CISA has said the U.S. government is extending funding to ensure no continuity issues with the critical Common Vulnerabilities and ...

LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability

LexisNexis confirmed a data breach after hackers leaked stolen files, with attackers claiming they exploited the React2Shell ...