We constantly report on the latest developments in threat exposure management
Dec 29, 2024
In this blog, we reflect on vulnerability data from 2024 to argue that effective vulnerability prioritization cannot rely solely on severity ratings - organizations patching critical vulnerabilities immediately, while scheduling others for the next patch cycle. We contend that an effective prioritization strategy must incorporate additional …
Dec 28, 2024
32% of ransomware attacks start with an unpatched vulnerability, and these have the greatest business impact. In our weekly ”Top 5 Hacker-Relevant Vulnerabilities" series, we report on vulnerabilities that are particularly pertinent to threat actors. As part of this ongoing effort, we will provide quarterly recaps on selected threat actors, …
Dec 10, 2024
Germany’s cybersecurity landscape constantly evolves, with various Advanced Persistent Threat (APT) groups consistently testing the country’s defenses. This blog utilizes data from the Federal Office for Information Security (BSI), Malware Information Sharing Platform Galaxy (MISP Galaxy), and MITRE Adversarial Tactics, Techniques, and …
Dec 2, 2024
The rapid development of quantum computing presents a clear danger to widely used security algorithms. Future quantum computers will be capable of breaking these algorithms, potentially exposing sensitive data to cybercriminals. Even now, attackers may be collecting encrypted data, intending to decrypt it once quantum capabilities mature. This …
Nov 12, 2024
In cybersecurity, national vulnerability databases are pivotal in cataloging and assessing software vulnerabilities. Two prominent databases are the U.S. National Vulnerability Database (NVD) and China’s National Vulnerability Database (CNNVD). Current industry practices often recommend utilizing Common Vulnerability Scoring System (CVSS) …
Sep 16, 2024
CISA (the U.S. Cybersecurity and Infrastructure Security Agency) maintains a list of known exploited vulnerabilities, currently encompassing 1162 vulnerabilities. For each of these, CISA has evidence of active exploitation by threat actors. Among these, 741 vulnerabilities can be exploited without requiring user interaction. Prompt response to …
Dec 29, 2024
Beyond Severity: Rethinking Vulnerability Prioritization
ENTRYZERO
In this blog, we reflect on vulnerability data from 2024 to argue that effective vulnerability prioritization cannot rely solely on severity ratings - organizations patching critical vulnerabilities immediately, while scheduling others for the next …
Dec 28, 2024
Quarterly Briefing: Threat Actor Using Unpatched Vulnerabilities
ENTRYZERO
32% of ransomware attacks start with an unpatched vulnerability, and these have the greatest business impact. In our weekly ”Top 5 Hacker-Relevant Vulnerabilities" series, we report on vulnerabilities that are particularly pertinent to threat …
Dec 10, 2024
Shadows at the Gates: Understanding Germany’s Threat Landscape
ENTRYZERO
Germany’s cybersecurity landscape constantly evolves, with various Advanced Persistent Threat (APT) groups consistently testing the country’s defenses. This blog utilizes data from the Federal Office for Information Security (BSI), …
Dec 2, 2024
Quantum Safety in Internet Exposure: What You Need to Know?
ENTRYZERO
The rapid development of quantum computing presents a clear danger to widely used security algorithms. Future quantum computers will be capable of breaking these algorithms, potentially exposing sensitive data to cybercriminals. Even now, attackers …
Nov 12, 2024
Uncovering the Differences: U.S. vs. China Vulnerability Databases
ENTRYZERO
In cybersecurity, national vulnerability databases are pivotal in cataloging and assessing software vulnerabilities. Two prominent databases are the U.S. National Vulnerability Database (NVD) and China’s National Vulnerability Database (CNNVD). …
Sep 16, 2024
Nessus, Qualys, Nuclei, GitHub: Optimizing Vulnerability Response!
ENTRYZERO
CISA (the U.S. Cybersecurity and Infrastructure Security Agency) maintains a list of known exploited vulnerabilities, currently encompassing 1162 vulnerabilities. For each of these, CISA has evidence of active exploitation by threat actors. Among …
All Rights Reserved by ENTRYZERO GmbH
Website by Sanico Software
IMPRINT: ENTRYZERO GmbH, Technologiezentrum Ruhr, Konrad-Zuse-Straße 18, 44801 Bochum, Registered Office: Bochum, Registration Court: Local Court Bochum, Registration number: HRB 21709, VAT ID: DE369315057, Managing Directors: Dr. Mohamad Sbeiti, Samet Gökbayrak, Tel.: +49 234 94426026, Email: info@entryzero.ai
PRIVACY POLICY: This website does not collect any personal data. We do not use cookies, trackers, forms or similar technologies. However, by visiting our website you agree that for every site request the following non-personal information is stored on the webserver for statistical, intrusion detection/prevention and troubleshooting purposes: requested address (URL), request date and time, client IP address, user-agent and referer. No information is given to or shared with third parties
