Infosecurity Magazine

Risk and Vulnerability Assessment News

Scroll down for the latest risk and vulnerability assessment news and information.

Latest news and features

#Infosec2025: Know Your Audience to Make an Impact, CISOs Tell Their Peers

News

#Infosec2025: Seven Steps to Building a Mature Vulnerability Management Program

News

At Infosecurity Europe 2025, Axonius’ Jon Ridyard proposed seven best practices to build mature vulnerability management processes

#Infosec2025: Concern Grows Over Agentic AI Security Risks

News

Agentic AI systems could threaten security and data privacy, unless organizations test each model and component

#Infosec2025: Majority of Compromises Caused by Stolen Credentials, No MFA

News

#Infosec2025: How Security Teams Can Make Sense of the Vulnerability Conundrum (video)

Interview

#Infosec2025: Defending Organizations From Rising Device Attacks with Rik Ferguson (video)

Interview

CISA Urged to Enrich KEV Catalog with More Contextual Data

News

ConnectWise Confirms Hack, “Very Small Number” of Customers Affected

News

Thousands of ASUS Routers Hijacked in Stealthy Backdoor Campaign

News

A threat actor has used ASUS routers’ legitimate features to create persistent backdoors that survive firmware updates and reboots

Ivanti Vulnerability Exploit Could Expose UK NHS Data

News

White papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

Steps to Get Ahead of Insider Threats

White Paper

Financial Sector Quarterly Threat Landscape

White Paper

On-demand webinars

Podcasts

More news and features

US Government Launches Audit of NIST’s National Vulnerability Database

News

How Does EASM Go Beyond Vulnerability Management?

Blog

Chinese Hackers Exploit Cityworks Flaw to Target US Local Governments

News

NIST Introduces New Metric to Measure Likelihood of Vulnerability Exploits

News

The US National Institute of Standards and Technology (NIST) published a white paper introducing a new metric called Likely Exploited Vulnerabilities (LEV)

The True Value of Undersea Cable Security

Opinion

Critical Vulnerabilities Found in Versa Networks SD-WAN/SASE Platform

News

Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits and Wipers

News

Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities

Healthcare Cyber-Attacks Intensify, Sector Now Prime Target

News

New data from Darktrace showed that cyber-attacks targeting healthcare organizations increased in intensity in 2024

SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers

News

New Linux Vulnerabilities Surge 967% in a Year

News

Blogs

How Does EASM Go Beyond Vulnerability Management?

Blog

Low Effort, High Reward: How Nailing Basic Cyber Hygiene Makes an Organization Stronger in the Age of the ‘Novel’ Attack Vector

Blog

Next-gen infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen