The number of reported vulnerabilities of a product is sometimes cited as a measure of its relative security. In this article, we will dispel the notion that the count of Common Vulnerabilities and Exposures (CVEs) is a useful indicator of the security of products. Rather, CVEs simply serve to catalog security vulnerabilities and provide the needed [...]
Researchers Daniele Antonioli from SUTD, Singapore, Dr. Nils Ole Tippenhauer, CISPA, Germany and Prof. Kasper Rasmussen, University of Oxford, England have identified a vulnerability that affects Bluetooth devices, specifically Bluetooth BR/EDR Bluetooth Core specification versions 1.0 through 5.1. This vulnerability has been identified as: CVE-2019-9506. The researchers are presenting their findings at the USINEX Security [...]
At Cisco, our leadership made the decision over twenty four years ago that we would clearly publicly communicate security vulnerabilities or other issues that could potentially expose customers to risk. This is when the Cisco Product Security Incident Response Team (PSIRT) was born. Our team and the security vulnerability process has evolved to meet customer [...]
The Industry Consortium for Advancement of Security on the Internet (ICASI) welcomes new members Honeywell International and BlackBerry Limited into the consortium. In this increasingly connected ecosystem, industry leaders are banding together to better coordinate vulnerability response, promote security response best practices, and be an active partner with security researchers to make the Internet more [...]