It seems like new vulnerabilities enter the mainstream every day. With the recent Log4Shell bug attracting significant attention as one of the worst vulnerabilities known to cybersecurity, many businesses are scrambling to understand their exposure and how the cybersecurity industry is responding. One way to understand these vulnerabilities is to look at security databases and classifications. Two of the most widespread frameworks for classifying and ranking vulnerabilities are the Common Vulnerabilities Exposures and Common Vulnerability Scoring Systems.

Read More

The recent uncovering of the Log4Shell bug, tied to the ubiquitous log4j module, has swept through private and public organizations reliant on IT logging technology. A relatively simple bug, the implications of its widespread use means that remediation will be a long, complex endeavor. While the potential millions of implementations wait for updates, however, the complex infrastructure of national IT is vulnerable to attack. 

Read more about this bug and its potential threat to organizations across the world. 

Read More

For decades, the golden rule for web security was simple: don’t download and execute files on your computer. Ignore attachments from unknown sources, refrain from opening PDFs or Word documents with macros, and avoid getting software from any source other than the creator. Firefox is taking the next step by creating new sandboxing technology that could have a big impact on securing user workstations. 

But times change, and now even websites can infect your computer with malware or separate you from your personal account information. This threat has become a problem that browsers like Firefox are now implementing security measures to protect users against these threats. 

Needless to say, malicious software is always a threat to businesses large and small. Because of this fact, secure browsers utilizing technologies like sandbox security may become a critical part of low-level compliance for the foreseeable future.

Read More