Common Vulnerability Scoring System stories

Nearly one-third of CVE entries are unverified, revealing flaws in how organisations assess software security risks and reliance on CVSS scores.

Tenable’s AI-enhanced Vulnerability Priority Rating sharply narrows focus to 1.6% of business-critical risks, boosting real-time threat detection and faster remediation.

Tenable enhances its Vulnerability Priority Rating with AI, reducing critical cybersecurity threats focus to 1.6% for faster, smarter remediation.

Azul’s Intelligence Cloud now cuts Java security false positives by up to 99%, using runtime data to boost vulnerability detection accuracy for DevOps teams.

Azul has launched a Java vulnerability tool that cuts false positives by up to 99%, improving threat detection accuracy for production environments.

Picus Security launches Exposure Validation, a tool using real-time attack simulations to identify which vulnerabilities are truly exploitable in organisations.

Datadog reveals updated DevSecOps report showing Java’s vulnerabilities and announces Metaplane acquisition to boost data observability and AI monitoring.

Microsoft's recent Patch Tuesday sparked scrutiny with a 40-minute delay in updates and notable vulnerabilities, including a critical zero-day in the CLFS Driver.

As digital transformation heightens cyber-physical connectivity, organisations must adopt effective exposure management strategies to safeguard critical systems.

Revenera launches OSS Inspector for IntelliJ IDEA, helping developers identify open source software risks directly in their IDE, ensuring secure, compliant code.

Tenable unveils new features in Tenable Nessus, enhancing risk prioritisation with EPSS and CVSS v4 for improved vulnerability management and compliance.

A report from CPS protection company, Claroty, reveals that 38% of high-risk cyber-physical systems are overlooked by traditional security practices, increasing vulnerability to cyber attacks.

Zoom unveils Vulnerability Impact Scoring System (VISS), an open-source method set to revolutionise online security. .

SBOMs will be key to dealing with the next big vulnerability and incredibly useful in the fight to minimise the effects of smaller weaknesses.

Trellix has expanded its Threat Intelligence portfolio, partnering with Intel 471 to provide underground malware insights to customers.

Rather than talking in terms of attack vectors and vulnerabilities, CISOs and security decision-makers must look at actual business risk.

BeyondTrust's 2022 Microsoft Vulnerabilities Report reveals that Elevation of Privilege is the top vulnerability category for the second year running.

A new report has identified a 7.6 per cent increase in the number of vulnerabilities tied to ransomware in Q1 2022.

Exploits of MS Exchange and password guessing are the most common cyber intrusion methods, says ESET's T3 2021 Threat Report.

The latest ESET Threat Report reveals key insights into external attack vectors, email threats, and the impact of cryptocurrency exchange rates.