Review: From Day Zero to Zero Day 2025-08-11 at 08:02 By Mirko Zorz From Day Zero to Zero Day is a practical guide for cybersecurity pros who want to move beyond reading about vulnerabilities and start finding them. It gives a methodical look at how real vulnerability research is done. About the author Eugene Lim […]
React to this headline:
Review: From Day Zero to Zero Day Read More »
New AI model offers faster, greener way for vulnerability detection 2025-07-31 at 08:33 By Mirko Zorz A team of researchers has developed a new AI model, called White-Basilisk, that detects software vulnerabilities more efficiently than much larger systems. The model’s release comes at a time when developers and security teams face mounting pressure to secure
React to this headline:
New AI model offers faster, greener way for vulnerability detection Read More »
Artemis: Open-source modular vulnerability scanner 2025-07-30 at 09:00 By Mirko Zorz Artemis is an open-source modular vulnerability scanner that checks different aspects of a website’s security and translates the results into easy-to-understand messages that can be shared with the organizations being scanned. “The most important feature of the tool is report generation. Besides scanning, it
React to this headline:
Artemis: Open-source modular vulnerability scanner Read More »
OWASP Nettacker: Open-source scanner for recon and vulnerability assessment 2025-06-11 at 09:01 By Mirko Zorz OWASP Nettacker is a free, open-source tool designed for network scanning, information gathering, and basic vulnerability assessment. Built and maintained by the OWASP community, Nettacker helps security pros automate common tasks like port scanning, service detection, and brute-force attacks. It
React to this headline:
OWASP Nettacker: Open-source scanner for recon and vulnerability assessment Read More »
NIST proposes new metric to gauge exploited vulnerabilities 2025-05-26 at 08:06 By Help Net Security NIST has introduced a new way to estimate which software vulnerabilities have likely been exploited, and it’s calling on the cybersecurity community to help improve and validate the method. The new metric, “Likely Exploited Vulnerabilities” (LEV), aims to close a
React to this headline:
NIST proposes new metric to gauge exploited vulnerabilities Read More »
Critical vulnerabilities persist in high-risk sectors 2024-11-15 at 06:38 By Help Net Security Finance and insurance sectors found to have the highest number of critical vulnerabilities, according to Black Duck. Finance and insurance industry faces highest vulnerabilities The report, which analyzes data from over 200,000 dynamic application security testing (DAST) scans conducted by Black Duck
React to this headline:
Critical vulnerabilities persist in high-risk sectors Read More »
NIST is chipping away at NVD backlog 2024-11-14 at 16:33 By Zeljka Zorz The National Institute of Standards and Technology (NIST) is clearing the backlog of unprocessed CVE-numbered vulnerabilities in the National Vulnerability Database (NVD), but has admitted that their initial estimate of when they would finish the job was “optimistic”. About the NVD The
React to this headline:
NIST is chipping away at NVD backlog Read More »
Nuclei: Open-source vulnerability scanner 2024-08-26 at 06:31 By Help Net Security Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform various security checks. It can send requests to multiple targets using customizable templates, ensuring zero false positives and enabling rapid
React to this headline:
Nuclei: Open-source vulnerability scanner Read More »
OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware 2024-08-07 at 09:16 By Help Net Security Forescout has published a new report examining the current state of the software supply chain in OT/IoT routers. The study uncovered that OT and IoT cellular routers and those used in small offices and homes contain outdated software components
React to this headline:
OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware Read More »
NIST says NVD will be back on track by September 2024 2024-05-30 at 14:01 By Zeljka Zorz The National Institute of Standards and Technology (NIST) has awarded a contract for an unnamed company/organization to help them process incoming Common Vulnerabilities and Exposures (CVEs) for inclusion in the National Vulnerability Database (NVD), the agency has announced
React to this headline:
NIST says NVD will be back on track by September 2024 Read More »
CISA starts CVE “vulnrichment” program 2024-05-09 at 13:16 By Zeljka Zorz The US Cybersecurity and Infrastructure Agency (CISA) has announced the creation of “Vulnrichment,” a new project that aims to fill the CVE enrichment gap created by NIST National Vulnerability Database’s recent slowdown. NVD is failing Since 1999, NVD analysts have been adding CVE-numbered vulnerabilities
React to this headline:
CISA starts CVE “vulnrichment” program Read More »
5 free vulnerability scanners you should check out 26/09/2023 at 08:02 By Help Net Security Vulnerability scanners delve into systems to uncover security gaps. The primary mission? To fortify organizations against breaches and shield sensitive data from exposure. Beyond merely pinpointing weaknesses, vulnerability scanning is a proactive measure to anticipate potential attacker entry points. The
React to this headline:
5 free vulnerability scanners you should check out Read More »
Enterprises persist with outdated authentication strategies 15/09/2023 at 07:33 By Help Net Security Despite authentication being a cornerstone of cybersecurity, risk mitigation strategies remain outdated, according to new research from Enzoic. With the attack surface expanding and the increasing sophistication of cyber threats, organizations are struggling to deliver secure and user-friendly authentication. The research uncovered
React to this headline:
Enterprises persist with outdated authentication strategies Read More »
A closer look at the new TSA oil and gas pipeline regulations 18/08/2023 at 06:02 By Help Net Security The TSA has announced updates to its Security Directive (SD) to strengthen the operational resilience of oil and natural gas pipeline owners and operators against cyber-attacks. In this Help Net Security video, Chris Warner, OT Senior
React to this headline:
A closer look at the new TSA oil and gas pipeline regulations Read More »
SCARF cipher sets new standards in protecting sensitive data 03/08/2023 at 06:31 By Help Net Security A group of international researchers has achieved a breakthrough in computer security by developing a new and highly efficient cipher for cache randomization. The innovative cipher, designed by Assistant Professor Rei Ueno from the Research Institute of Electrical Communication
React to this headline:
SCARF cipher sets new standards in protecting sensitive data Read More »