Over 6,000 SmarterMail servers exposed to automated hijacking attacks

Nonprofit security organization Shadowserver has found over 6,000 SmarterMail servers exposed online and likely vulnerable to attacks exploiting a critical authentication bypass vulnerability.

NIST is rethinking its role in analyzing software vulnerabilities

As the agency’s vulnerability database buckles under a flood of submissions, it’s planning to shift some responsibilities to other parties.
Infosecurity Magazine

Experts Welcome Global Cybersecurity Vulnerability Enumeration Launch

A new service, the Global Cybersecurity Vulnerability Enumeration (GCVE), offers an alternative to the US-led CVE ...
Cybernews

EU alternative to US-led CVE vulnerability database is now live

The EU has launched a new alternative to the US-led CVE vulnerability database, offering European security teams a decentralized backup amid funding and continuity concerns.
CU Boulder News & Events

PREP Graduate Research Assistant Position at NIST in the High-Speed Waveform Metrology Group under the RF Technology Division (PREP0003979)

This position is part of the National Institute of Standards and Technology’s (NIST) Professional Research Experience Program (PREP). NIST recognizes that its research staff may wish to collaborate ...
HHS

ENISA Is Now a CVE Program Root

The European Union Agency for Cybersecurity is poised to take on a greater role in coordinating vulnerability disclosures across the trading bloc with its elevation as a "Root"-level participant in ...
Dark Reading

Can a Global, Decentralized System Save CVE Data?

The current challenges with tracking vulnerabilities, enriching reported data in a timely manner, and maintaining the collection of information calls for a revamping of the Common Vulnerabilities and ...
Morningstar

Tanium Joins Common Vulnerabilities and Exposures (CVE™) Program as a CVE Numbering Authority

Tanium, a leader in Autonomous Endpoint Management (AEM), announced today it has been authorized by the CVE Program as a CVE Numbering Authority (CNA). As a CNA, Tanium will publicly document and ...
CPO Magazine

CISA Outlines Future Vision for CVE Program With Plans for Funding and Improved Vulnerability Prioritization

A new strategic roadmap from CISA may calm some nerves as regards the future of its widely-used CVE program, as the organization has indicated it has plans for funding beyond the program’s current ...
Homeland Security Today

CISA Presents Vision for the Common Vulnerabilities and Exposures (CVE) Program

The Cybersecurity and Infrastructure Security Agency (CISA) has released CISA Strategic Focus: CVE Quality for a Cyber Secure Future. The detailed roadmap identifies priorities that will elevate the ...
SecurityWeek

CISA: CVE Program to Focus on Vulnerability Data Quality

CISA says it is time for the CVE Program to focus on improving trust, responsiveness, and the caliber of vulnerability data. The US cybersecurity agency CISA believes that expanded partnerships, ...
JD Supra

FDA’s New Priority Voucher Program for Drug Developers Ties Incentives to Defined National Interests

The US Food and Drug Administration recently announced the launch of a regulatory incentive program pilot program, the Commissioner’s National Priority Voucher Program (CNPVP), designed to reward drug ...