Mapped Known Exploitation Evidence from @vulncheck.bsky.social KEV to CWEs so you can see what are the most commonly exploited weaknesses...
vulncheck.com/blog/cwe-top...
#cybersecurity #infosec
19.12.2024 12:38 — 👍 3 🔁 0 💬 0 📌 0
What's it gonna take for this CVE to make it onto CISA KEV?
#cybersecurity #infosecurity #infosec
09.12.2024 19:13 — 👍 1 🔁 0 💬 0 📌 0
It's often observed that there's a significant delay between when a vulnerability has publicly known exploitation evidence and when it gets added to CISA KEV.
We published a Jupyter notebook so you can now visualize the gap: vulncheck.com/blog/compari...
#cybersecurity #infosec #infosecurity #cisa
05.12.2024 15:11 — 👍 1 🔁 0 💬 0 📌 0
What's cool about today's CISA KEV additions is seeing @albinolobster0.bsky.social's research contribution with the ProjectSend vulnerability being added. We already captured the other KEVs at @vulncheck.bsky.social
#cybersecurity #infosecurity #riskmanagement #vulnerabilitymanagement
03.12.2024 17:54 — 👍 0 🔁 0 💬 0 📌 0
The security industry went 6-days without a new Known Exploited Vulnerability which is the longest length of time this year.
So do you think it was the threat actors or security researchers that went on holiday?
ELSE: What did we miss? 😝
#cybersecurity #infosecurity #infosec
03.12.2024 14:24 — 👍 7 🔁 3 💬 0 📌 1
Finally took some time to dive into Cybersecurity and Infrastructure Security Agency's 2023 Top Routinely Exploited Vulnerabilities Report. We saw a lot of threat activity across the CVEs in the report...
vulncheck.com/blog/cisa-to...
#cybersecurity #infosec #infosecurity
23.11.2024 10:32 — 👍 2 🔁 0 💬 0 📌 0
☆ Cybersecurity reporter
★ Newsletters at Risky Business
#infosec #cybersecurity
https://risky.biz
Software Supply Chain Security
Mostly on Mastodon - VP of Security at Anchore - Open Source Security https://opensourcesecurity.io - Hacker History http://hackerhistory.com - He/Him
Security technologist, always curious, industry analyst and practice lead at Futurum, trying to do the best I can re:work/life balance, etc… Work: Interplay between cybersecurity and economics is my catnip. Non-work: family, friends, golf, volleyball.
Friendly AppSec Ghost 👻
https://appsecg.host
50% #FDT - 50% Finding Joy
Joy = cats, pastries, software development, sciences, good bagels, anime, computer games, mexican recipes, family, history, movies, superheros, fantasy novels, game design, puzzles, and cats.
And I vote for Woke.
CISO, author, likes to learn from hackers and others who are smarter than me or think differently. He/him. Also on wbjwilliams@infosec.exchange
Avalor (nowZS) former Salt Security, former Lightstep (acquired by SNOW) former Skyhigh Networks (acquired by McAfee) former Clearwell (acquired by Symantec) former Peribit (acquired by Juniper)
SOC Manager at Coop Norge | GCFE | GCFA | GPEN | BTL1 | Coin hoarder | Lethal Forensicator #DFIR
evaluator of the constant hum of the internet tube signals
vulncheck | dc801
Cybersecurity, Security Engineering, Attack Surface Reduction, Vulnerability Management. Lover of Star Wars, Captain America and Democracy.
@weaponplus@infosec.exchange
Engineering and security person for early-stage startups, be that CTO, CISO or equivalent; forever-GM for TTRPGs, occassional writer and gamedev.
he/him
Cybersecurity Economist @ ReturnOnSecurity.com
