City & State New York

NYPD officer database had security flaws that could have let hackers covertly modify officer data

A database used to track NYPD officer profiles contained security flaws that would have allowed a skilled-enough hacker to add, remove or modify data entries and insert potentially malicious files ...
Dark Reading

Vulnerabilities Surge, But Messy Reporting Blurs Picture

MITRE loses its lead as the top reporter of vulnerabilities, while new organizations pump out CVEs and reported bugs in ...
Nextgov

NIST’s vulnerability database logjam is still growing despite attempts to clear it

Get the latest federal technology news delivered to your inbox. Despite goals set last year by the National Institute of Standards and Technology to process a backlog of unanalyzed cybersecurity ...
Nextgov

NIST may not resolve vulnerability database backlog until early 2025, analysis shows

A leading U.S.-managed database of cybersecurity vulnerabilities has a processing backlog so extensive that, at current rates, it likely won’t be cleared up until early 2025, a new analysis shows. The ...
Dark Reading

Critical 'MongoBleed' Bug Under Attack, Patch Now

The memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers.
American Banker

The cybersecurity database the government nearly defunded

For a few hours this week, the future of the Common Vulnerabilities and Exposures (CVE) Program — a database used by companies and governments to learn about new security holes in the software they ...
Krebs on Security

Funding Expires for Key Cyber Vulnerability Database

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally ...
ZDNet

Why the CVE database for tracking security flaws nearly went dark - and what happens next

Over the weekend, security experts were beginning to panic. MITRE announced that the US government had not renewed funding for the Common Vulnerabilities and Exposures (CVE) database. MITRE VP Yosry ...
Computer Weekly

Enisa launches European vulnerability database

The European Union Agency for Cybersecurity (Enisa) has debuted a European Union Vulnerability Database (EUVD) to provide “aggregated, reliable and actionable” information on newly disclosed cyber ...
CSOonline

New EU vulnerability database will complement CVE program, not compete with it, says ENISA

After the CVE’s program’s near-death experience in April, might the Europeans be looking for a more reliable long-term system? From this week, the global technology industry has a new database to ...
Bleeping Computer

Hacker defaces spyware app’s site, dumps database and source code

A hacker has defaced the website of the pcTattletale spyware application, found on the booking systems of several Wyndham hotels in the United States, and leaked over a dozen archives containing ...
AppleInsider

Global security vulnerability database gets 11 more months of funding [u]

After the U.S. government initially cut its funding of the CVE database, used to track security vulnerabilities in operating systems and software, CISA has said it will continue to be funded for ...