vulnerability disclosure Archives

Rep. Nancy Mace, R-S.C., listens as FEMA Administrator Deanne Criswell testifies during a House Oversight Committee Hearing at the Rayburn House Office Building on Nov. 19, 2024 in Washington, D.C. (Photo by Kevin Dietsch/Getty Images)

Bill requiring federal contractors to have vulnerability disclosure policies gets House redo

Reps. Nancy Mace and Shontel Brown reintroduced VDP legislation after the 2024 bipartisan, bicameral bill didn’t get a full Senate vote.

Jan 31, 2025 By Matt Bracken

Sen. Mark Warner, D-Va., speaks during a press conference in Washington, D.C., on March 20, 2018. From left, Sens. John Cornyn, James Lankford, Susan Collins and Richard Burr listen. (NICHOLAS KAMM/AFP via Getty Images)

Vulnerability disclosure policy bill for federal contractors clears Senate panel

The Homeland Security and Governmental Affairs Committee on Wednesday also advanced legislation to strengthen the federal IT supply chain.

Nov 20, 2024 By Matt Bracken

Screen of smartphone with icons. (Getty Images)

Android warns of Qualcomm exploit in latest security bulletin

The November security bulletin includes two CVE's reportedly exploited in the wild.

Nov 4, 2024 By Christian Vasquez

Close-up server detail with KVM switches. (Getty Images)

Printer bug sends researchers into uproar, affects major Linux distros

The vulns would allow attackers to run any commands on targeted computers without user knowledge. But it would take a lot of work to get to that…

Sep 26, 2024 By Christian Vasquez

Oil pipeline with valves in large oil refinery. (Getty Images)

Automatic tank gauge vendors alerted of software vulnerabilities in their products

If exploited, the vulnerabilities could give hackers full administrative access to critical networks found in the management systems for large fuel storage.

Sep 24, 2024 By Christian Vasquez

Microsoft Romania headquarters in City Gate Towers situated in Free Press Square, in Bucharest, Romania. (Getty Images)

Here’s what Microsoft fixed in September’s Patch Tuesday

The tech giant's regular vulnerability list includes new vulnerabilities for Windows Updater and Installer.

Sep 10, 2024 By Christian Vasquez

Vulnerability disclosure policies eyed for federal contractors in Senate bill

The legislation from Sens. Warner and Lankford would require federal contractors to adhere to NIST’s guidelines on VDPs.

Aug 13, 2024 By Matt Bracken

Aisle with messy cables in a server room. (Getty Images)

Six-year old bug will likely live forever in Lenovo, Intel products

A report from Binarly finds that a silently patched bug in a popular web server will likely live on in several major end-of-life products.

Apr 11, 2024 By Christian Vasquez

A digitally generated image of yellow data server discs organized into circular pattern is seen against on beige background. (Andriy Onufriyenko via GettyImages)

Plan to resuscitate beleaguered vulnerability database draws criticism

The National Vulnerability Database has ceased some of its work, but some experts fear the formation of a consortium to address its problems lacks sufficient urgency.

Mar 28, 2024 By Tim Starks

Glowing computer monitor in row of monitors. (Getty Images)

LogoFAIL vulnerabilities impact vast majority of devices

Nearly all commercially available computers are vulnerable to a flaw in the process used to display a logo upon start-up.

Dec 7, 2023 By Christian Vasquez