Lucene search
K

868 matches found

hivepro
hivepro
added 2025/11/13 6:6 p.m.3 views

5 Exposure Management Best Practices for Your Team

Let's be honest: the traditional approach to vulnerability management is broken. Your team is likely drowning in a sea of alerts, staring at scan reports thousands of lines long, and struggling to figure out what to fix first. This constant state of reactive fire-fighting is exhausting and, worse...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/12 11:55 a.m.3 views

[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR

Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you're always one step behind. But what if there was a smarter way to stay ahead—without adding more work or stress? Join The Hacker News...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/12 11:7 a.m.7 views

Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security

Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD's importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making ...

7.2AI score
Exploits0
hivepro
hivepro
added 2025/11/10 4:58 p.m.4 views

9 Key Areas to Monitor for Potential Security Threats

The old "castle-and-moat" approach to security is a thing of the past. Your organization's perimeter is no longer a single, defensible line; it's a distributed and porous collection of remote employees, cloud services, and third-party vendors. Every connection is a potential entry point, and your...

7.3AI score
Exploits0
hivepro
hivepro
added 2025/11/04 7:35 p.m.4 views

What Is Attack Surface Mapping And Why It’s Critical To your Security Program

You might think an attack surface mapper is just another name for a vulnerability scanner, but they serve two very different purposes. A scanner tests the assets you already know about for specific weaknesses. An attack surface mapper answers a more fundamental question: What assets do I even hav...

7.1AI score
Exploits0
Wiz blog
Wiz blog
added 2025/11/03 1:36 p.m.42 views

Introducing Wiz ASM: Context-Driven Attack Surface Management

Wiz launches Attack Surface Scanner to bring context, ownership, and prioritization to every exposure, anywhere...

6.9AI score
Exploits0
hivepro
hivepro
added 2025/11/03 7:20 a.m.5 views

What Are Attack Surface Intelligence Exposures?

Do you know every single digital asset your organization owns? For most security leaders, the honest answer is no. Between shadow IT, forgotten development servers, and complex cloud environments, your true attack surface is full of blind spots. These unknown and unmanaged assets are where...

6.9AI score
Exploits0
CVE
CVE
added 2025/11/03 12:0 a.m.9 views

CVE-2025-60892

The CVE-2025-60892 issue affects Raspberry Pi Imager for Windows (1.9.6) where the OS customization feature’s public-key authentication setting unintentionally re-adds a local id_rsa.pub to the Pi’s authorized_keys file, even after users delete it in the UI. This creates an unintended attack surf...

6.8CVSS6.2AI score0.00161EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/31 10:7 p.m.8 views

CVE-2025-34135

Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets that were too permissive. In particular, the nagios.service unit had executable permissions that were not required. Overly permissive permissions on service unit files can broaden local attack surface by...

5.1CVSS6.7AI score0.00325EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/10/31 8:46 a.m.8 views

CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers

The U.S. Cybersecurity and Infrastructure Security Agency CISA and National Security Agency NSA, along with international partners from Australia and Canada, have released guidance to harden on-premise Microsoft Exchange Server instances from potential exploitation. "By restricting administrative...

9.8CVSS9.8AI score0.99962EPSS
Exploits24
NVD
NVD
added 2025/10/30 10:15 p.m.5 views

CVE-2025-34135

Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets that were too permissive. In particular, the nagios.service unit had executable permissions that were not required. Overly permissive permissions on service unit files can broaden local attack surface by...

5.1CVSS0.00325EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/30 9:39 p.m.3 views

CVE-2025-34135 Nagios XI < 2024R1.4.2 Overly Permissive Permissions on Systemd Unit Files

Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets that were too permissive. In particular, the nagios.service unit had executable permissions that were not required. Overly permissive permissions on service unit files can broaden local attack surface by...

5.1CVSS6.3AI score0.00325EPSS
Exploits0References3
CVE
CVE
added 2025/10/30 9:39 p.m.16 views

CVE-2025-34135

Nagios XI prior to 2024R1.4.2 is affected by overly permissive permissions on systemd unit files, notably nagios.service having executable permissions not required. This could broaden local attack surface. Affected versions should be updated to 2024R1.4.2 or later; monitoring advisories also note...

5.1CVSS6.3AI score0.00325EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.3 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.4.2, which stems from overly lax...

5.1CVSS6.1AI score0.00325EPSS
Exploits0References3
hivepro
hivepro
added 2025/10/29 9:21 p.m.3 views

Attack Surface Exposures: A Practical Guide

Many security teams believe their existing tools have them fully covered. With a firewall, endpoint protection, and a vulnerability scanner, it’s easy to assume you can see everything that matters. This is one of the most dangerous myths in cybersecurity today. These tools often operate in silos,...

7AI score
Exploits0
hivepro
hivepro
added 2025/10/28 5:33 p.m.3 views

A Practical Guide to Attack Surface Intelligence Mapping

Think of your organization’s digital presence as a sprawling, ever-expanding city. New buildings servers go up, old ones are forgotten, and unofficial shortcuts shadow IT appear overnight. Trying to defend this city without a current map is impossible. You’re left reacting to alarms instead of...

7AI score
Exploits0
hivepro
hivepro
added 2025/10/27 5:20 p.m.4 views

Cloud Attack Surface Management Mapping 101

Before an attacker launches an assault, they do their homework. Their first step is to meticulously map your digital footprint, searching for the path of least resistance—an exposed database, an unpatched server, or a forgotten subdomain. The reality is that your attack surface is already being...

6.9AI score
Exploits0
hivepro
hivepro
added 2025/10/23 7:47 p.m.6 views

Mapping Attack Surface for Enterprises: A 5-Step Guide

An attacker doesn’t see your company the way you do. They don’t see departments, projects, or business units. They see a collection of potential entry points—a web of digital assets they can probe for a single weakness. Their goal is to find the one unlocked door you forgot about. This is why...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/21 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987544)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987544 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will...

5.5CVSS6AI score0.0021EPSS
Exploits0References4
hivepro
hivepro
added 2025/10/20 5:2 p.m.5 views

What Is a Platform for Continuous Exposure Assessment?

You can’t protect what you don’t know you have. In an environment of sprawling cloud instances, remote endpoints, and shadow IT, gaining a complete and accurate picture of your attack surface is a massive challenge. Periodic scans only provide a snapshot in time, missing assets that spin up and...

7AI score
Exploits0
Rows per page
Query Builder