InfoSecBulletin Cybersecurity for mankind
MITRE, a non-profit organization that provides research and development in the areas of cybersecurity and information assurance, has released its list of the top 25 most dangerous software weaknesses. The list is based on data from the Common Vulnerabilities and Exposures (CVE) database, which is a repository of known security vulnerabilities.
The top 25 weaknesses are dangerous because they can be exploited by attackers to take control of systems, steal data, or cause denial-of-service attacks. They include weaknesses in input validation, authentication, and memory management.
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
ALSO READ:
Ireland: Draconian law to make data protection procedures confidential
MITRE created the list by analyzing 43,996 CVE entries from NIST’s National Vulnerability Database (NVD) for vulnerabilities discovered and reported across 2021 and 2022. The list is updated annually to reflect the latest trends in software vulnerabilities.
To see the top 25 most dangerous software weaknesses CLICK her.
CISA, the Cybersecurity and Infrastructure Security Agency, encourages developers and product security response teams to review the CWE Top 25 and evaluate recommended mitigations to determine those most suitable to adopt.
MITRE also offers a list outlining the most dangerous programming, design, and architecture security flaws plaguing hardware systems.
The CWE program will be publishing a series of further articles on the CWE Top 25 methodology, vulnerability mapping trends, and other useful information that help illustrate how vulnerability management plays an important role in Shifting the Balance of Cybersecurity Risk.
