When vulnerability management started out as a practice 15 years ago, the process was straightforward and simple in function. An IT admin would download non-commercial open-source tools for free, scan his environment for the few disclosed vulnerabilities, and mitigate them manually. The whole process would take months to complete, and that was still okay. Fast […]

Read More →

Organizations regularly face compliance audits that keep them up at night every quarter or year-end. To secure PII (personally identifiable information) of consumers and corporate data, various industries and governments have drawn up security benchmarks that mandate periodic risk assessment along with safe data handling and storage. Some common security benchmarks are HIPAA, ISO, NIST, […]

Read More →

Vulnerability management is hard to execute as a continuous process in the long run. In huge networks of organizations, the number of devices, software applications, and the vulnerabilities associated with them is multiplying rapidly. The complexity of devices and software are always growing. Organizations are put in a tough spot when conducting risk assessment and […]

Read More →

At SecPod, we always work towards delivering exceptional features to help you get the best out of our product. SanerNow 4.7.0.0 comes out with the most awaited Active directory integration along with several new enhancements and bug fixes. This release also includes enhancements on REST API. A glimpse into what’s new: To know more about […]

Read More →

Vulnerability management is a standardized process across most organizations. However, even organizations that follow periodic compliance audits and patch software vulnerabilities are hit by cyber-attacks. If attack surfaces are open despite following a documented vulnerability management process, the obvious problem to fix is the program’s effectiveness. Organizations should realize vulnerability management as more than an […]

Read More →

The scares of Halloween came very early this year in the form of COVID-19. Although organizations were eventually happy to keep their business operations running remotely, the shift was not that easy for IT teams. IT teams were tasked with the responsibilities of supporting the entire workforce with all the tools and devices they need. […]

Read More →

A new zero-day vulnerability in Oracle Solaris has been brought to light by the FireEye security research team, Mandiant. The vulnerability has been reported as being actively exploited. The sophisticated threat actor, known as UNC1945, has been known to be using the zero-day bug to break into corporate networks. The vulnerability, tracked as CVE-2020-14871, affects […]

Read More →

On October 20, 2020, the National Security Agency (NSA), a national-level intelligence agency of the United States Department of Defense, released a cybersecurity advisory highlighting 25 vulnerabilities in commonly-used software that are currently under active exploitation. They released the advisory following a series of attacks targeted in the USA. Here’s what happened In September, analysts […]

Read More →

Google Project Zero has disclosed details for a zero-day vulnerability CVE-2020-17087 found in the Windows operating system that is being currently exploited in the wild. Earlier Google had released a patch addressing a zero-day vulnerability (CVE-2020-15999) found in Chrome web browsers. The vulnerability allowed a remote attacker to exploit heap corruption by crafting a HTML […]

Read More →

Cyber-attacks are busting in from all directions. The biggest and most widespread attack was in 2017, called Wannacry. More than 230,000 computers were affected by the ransomware amounting to more than $4 billion in losses. This attack was due to an old SMB protocol enabled in Windows devices. Microsoft had released a patch 2 months […]

Read More →