Common Vulnerabilities and Exposures

VulnCheck Adds Common Platform Enumeration (CPE) Data to its NVD++ Service to Improve Vulnerability Prioritization

Retrieved on: 
Monday, March 25, 2024
Technology, Security, Community, OS, National Vulnerability Database, NVD, Research, Software, NIST, CPE, JSON, API, Common Vulnerabilities and Exposures, Common Platform Enumeration, Government, CVE, Risk management

VulnCheck , the exploit intelligence company, today announced it is enhancing its Community Tier service, NVD++ , with Common Platform Enumeration (CPE) data currently missing from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD).

Key Points: 
  • VulnCheck , the exploit intelligence company, today announced it is enhancing its Community Tier service, NVD++ , with Common Platform Enumeration (CPE) data currently missing from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD).
  • By enriching NVD++ with CPE data, VulnCheck is helping solve an industry-wide issue, enabling defenders to identify vulnerable assets for newly published Common Vulnerabilities and Exposures (CVEs) in the NVD.
  • CPE data plays a crucial role in vulnerability management by providing a standardized method for identifying and documenting software applications, operating systems, and hardware components.
  • The source data VulnCheck used to produce “known vulnerable configurations” containing CPEs in NVD++ is the same used by NIST.

RapidFort’s Platform Now Available in Microsoft Azure Marketplace

Retrieved on: 
Tuesday, November 28, 2023
Professional Services, Data Management, Security, Data Analytics, Technology, Software, Networks, Common Vulnerabilities and Exposures, Microsoft, SASM, CVE, Azure, Video game, Online shopping

Customers now have access to the powerful -- Azure optimized -- features of the RapidFort platform to scan, monitor and harden workloads running in Microsoft Azure Kubernetes Services.

Key Points: 
  • Customers now have access to the powerful -- Azure optimized -- features of the RapidFort platform to scan, monitor and harden workloads running in Microsoft Azure Kubernetes Services.
  • RapidFort’s technology will be the first of its kind available on the Azure marketplace and can be fully deployed on the Azure stack within a customer account.
  • The complete integration of the platform into the Azure Marketplace greatly benefits regulated industries such as financial services and healthcare, as it will allow customers to leverage their existing certifications alongside the benefits of the RapidFort platform.
  • To find RapidFort on the Microsoft Azure Marketplace, please visit: https://azuremarketplace.microsoft.com/pt-br/marketplace/apps/rapidforti...
    To learn more about RapidFort, please visit: https://www.rapidfort.com/ .

PX5 Commits to Long-Term Value for ThreadX Developers with Spin-Off of RTOSX Subsidiary

Retrieved on: 
Tuesday, November 21, 2023
Other Manufacturing, Textiles, Steel, Packaging, Engineering, Chemicals, Plastics, Automotive Manufacturing, Aerospace, IOT (Internet of Things), VoIP, Manufacturing, Mobile, Wireless, Telecommunications, Software, Networks, Internet, Hardware, Electronic Design Automation, Data Management, Consumer Electronics, Technology, Semiconductor, Security, Satellite, Photography, Nanotechnology, Audio, Video, Eclipse, Acquisition, ThreadX, Service-level agreement, Internet of things, Common Vulnerabilities and Exposures, CVE, Filex Kiprotich, SLA, Common Vulnerability Scoring System, Eclipse Foundation, Service level, NetWare, Microsoft, Express, Logic, Video game

RTOSX will provide professional support, extended long-term maintenance, and engineering services to developers using the ThreadX embedded real-time operating system, and PX5 will remain the leading developer of the industry’s most advanced runtime solutions for deeply embedded applications.

Key Points: 
  • RTOSX will provide professional support, extended long-term maintenance, and engineering services to developers using the ThreadX embedded real-time operating system, and PX5 will remain the leading developer of the industry’s most advanced runtime solutions for deeply embedded applications.
  • Having decades of direct experience, RTOSX is uniquely positioned to help ThreadX developers and create the best of both worlds – free open-source software with professional support.
  • RTOSX offers fully ticketed professional support for ThreadX, including a Service Level Agreement (SLA) that typically results in same-day response and fast issue resolution.
  • This includes monitoring the ThreadX open-source community and proactively alerting developers if/when significant issues are reported, including Common Vulnerabilities and Exposures (CVE).

OTORIO Authorized as CVE Numbering Authority by Common Vulnerabilities and Exposures Program

Retrieved on: 
Wednesday, November 15, 2023
Catalog, Record, Organization, CNA, American Securities, CVE, Common Vulnerabilities and Exposures, Research, Partnership, Communication, Information technology, TEL, Medical device, Risk management

TEL AVIV, Israel, Nov. 15, 2023 /PRNewswire/ -- OTORIO, the leading provider of operational technology (OT) cyber and digital risk management solutions, today announced that it has been authorized as a CVE Numbering Authority (CNA) by the Common Vulnerabilities and Exposures (CVE®) Program. This prestigious designation allows OTORIO to identify, define, and catalog publicly-disclosed cybersecurity vulnerabilities, contributing to the global effort to enhance cybersecurity awareness and strengthen digital defenses.

Key Points: 
  • TEL AVIV, Israel, Nov. 15, 2023 /PRNewswire/ -- OTORIO , the leading provider of operational technology (OT) cyber and digital risk management solutions, today announced that it has been authorized as a CVE Numbering Authority (CNA) by the Common Vulnerabilities and Exposures (CVE®) Program .
  • The CVE Program is an international, community-driven initiative that relies on partnerships with organizations worldwide, including industry, academic, and government representatives, to discover, define and catalog cybersecurity vulnerabilities.
  • "Our authorization as a CVE Numbering Authority is a testament to our ongoing commitment to cybersecurity excellence," said Eran Jacob, Head of Research at OTORIO.
  • For more information about OTORIO's CVE Numbering Authority status and to access the latest advisories, please visit OTORIO's vulnerability disclosure webpage .

Red Hat Launches Next Versions of the World’s Leading Enterprise Linux Platform

Retrieved on: 
Wednesday, November 8, 2023
Internet, Data Management, Technology, Artificial Intelligence, Software, Linux, Red Hat Enterprise Linux, Red Hat, Inc. v. SCO Group, Inc., Units of information, Ansible, IDC, Organization, Research, Red, Growth, USS Charger (CVE-30), Running, Common Vulnerabilities and Exposures, Blog, Automation, Online shopping, Computer data storage, Red Hat, OS-level virtualization

Red Hat, Inc., the world's leading provider of open source solutions, today announced the general availability of Red Hat Enterprise Linux 9.3 and the forthcoming availability of Red Hat Enterprise Linux 8.9.

Key Points: 
  • Red Hat, Inc., the world's leading provider of open source solutions, today announced the general availability of Red Hat Enterprise Linux 9.3 and the forthcoming availability of Red Hat Enterprise Linux 8.9.
  • As with Red Hat Enterprise Linux releases before them, both Red Hat Enterprise Linux 9.3 and 8.9 natively include the capabilities of Podman , a daemonless tool for deploying, running, building and sharing Linux containers.
  • All Red Hat Enterprise Linux subscriptions, including Red Hat Enterprise Linux 9.3 and 8.9, include Red Hat Insights , a suite of hosted services that use Red Hat’s decades of experience in developing and managing Linux platforms at scale to proactively detect, analyze and mitigate potential system issues.
  • For users considering a migration to Red Hat Enterprise Linux, the convert2rhel tool now supports additional Red Hat Enterprise Linux-derived distributions, smoothing the transition to the world’s leading enterprise Linux platform.

Cohesity and Red Hat Enter Strategic Collaboration to Embed Red Hat Enterprise Linux into the Cohesity Data Cloud

Retrieved on: 
Tuesday, October 24, 2023
Internet, Security, Data Management, Technology, Software, Cloud, Linux, Intelligence, CentOS, Red Hat, Inc. v. SCO Group, Inc., Red Hat Enterprise Linux, Ebbs, Maintenance, Engineering, Red, Partnership, USS Charger (CVE-30), Common Vulnerabilities and Exposures, AI, Red Hat, IBM, Computer data storage, Risk management, Cohesity

Red Hat, Inc., the world's leading provider of open source solutions, and Cohesity, a leader in AI-powered data security and management, today announced that Cohesity has selected Red Hat Enterprise Linux as the foundational operating system of its Cohesity Data Cloud platform.

Key Points: 
  • Red Hat, Inc., the world's leading provider of open source solutions, and Cohesity, a leader in AI-powered data security and management, today announced that Cohesity has selected Red Hat Enterprise Linux as the foundational operating system of its Cohesity Data Cloud platform.
  • A streamlined and straightforward migration process, with Red Hat tools designed to help make the transition to Red Hat Enterprise Linux easier.
  • Cohesity has already begun its Linux migration journey by embedding Red Hat Enterprise Linux into the Cohesity Data Cloud platform, which should provide a smooth migration experience for customers.
  • With Red Hat Enterprise Linux, Cohesity will bring the strong capabilities of the world’s leading enterprise Linux platform to its customer base.

SoftIron Authorized as a CVE Numbering Authority (CNA)

Retrieved on: 
Wednesday, September 20, 2023
Dell, CVE, Information technology, AMD, Common Vulnerabilities and Exposures, CNA, ID, VMware, Organization, SAN, HP

SAN FRANCISCO, Sept. 20, 2023 (GLOBE NEWSWIRE) -- SoftIron , the worldwide leader in private cloud infrastructure, today announced that it has been authorized by the Common Vulnerability and Exposures (CVE®) Program as a CVE Numbering Authority (CNA).

Key Points: 
  • SAN FRANCISCO, Sept. 20, 2023 (GLOBE NEWSWIRE) -- SoftIron , the worldwide leader in private cloud infrastructure, today announced that it has been authorized by the Common Vulnerability and Exposures (CVE®) Program as a CVE Numbering Authority (CNA).
  • The CVE Program seeks to provide a common framework to identify, define, and catalog publicly disclosed cyber security vulnerabilities.
  • As each vulnerability is detected, reported, and assessed, a CVE ID is assigned and a CVE Record is created.
  • SoftIron joins authorized commercial entities such as VMWare, Dell, HP and AMD as a CNA.

Apple IT and Security Experts Gather for the 14th Annual Jamf Nation User Conference to Hear the Latest in Security and Device Management

Retrieved on: 
Tuesday, September 19, 2023
Cloud, Common Vulnerability Scoring System, IPhone, Partnership, SSO, UI, Education, Common Vulnerabilities and Exposures, Microsoft Windows, USS Guadalcanal (CVE-60), OS, Work, Virtual private network, AND, Microsoft, Apple Watch, Android, Privacy, IOS, Organization, MacOS, Access management, ZTNA, Student, Enrollment, Okta, IAM, IPadOS, MITRE, Mac, Environment, Conference, JAMF, Software, Mobile phone, Risk management, Video game, Medical device, Jamf, Apple

AUSTIN, Texas, Sept. 19, 2023 (GLOBE NEWSWIRE) -- Today, Jamf (NASDAQ: JAMF), the standard in managing and securing Apple at work, kicked off its 14th annual Jamf Nation User Conference (JNUC) both virtually and in-person in Austin, Texas.

Key Points: 
  • AUSTIN, Texas, Sept. 19, 2023 (GLOBE NEWSWIRE) -- Today, Jamf (NASDAQ: JAMF), the standard in managing and securing Apple at work, kicked off its 14th annual Jamf Nation User Conference (JNUC) both virtually and in-person in Austin, Texas.
  • It’s bringing together management, identity and security required to be successful with Apple at Work.
  • Earlier this year, Jamf Pro added support for Rapid Security Response updates to provide admins with complete visibility and control over important security updates.
  • Jamf announced its new AI-powered support bot that will serve Jamf Nation, the largest community of Apple admins in the world.

Open Mainframe Project Celebrates Major Technical Milestone with the 5-Year Anniversary of Zowe

Retrieved on: 
Thursday, August 10, 2023
Mainframe, Common Vulnerabilities and Exposures, BMC, IBM, CVE, Micro Focus, Open Mainframe Project, API, OS, Privacy, CNA, Architecture, Rocket Software, IntelliJ IDEA, GSE, SHARE, SAN, Zero trust security model, Shahr-e Zow, ZSS, Conformance, Z/OS, Broadcom Inc., Web application, CLI, Longevity, ZEBRA, SDK, Phoenix Technologies, Video game, Typesetting, Online shopping, Documentation, Mainframe computer

SAN FRANCISCO, Aug. 10, 2023 /PRNewswire/ -- The Open Mainframe Project, an open source initiative that enables collaboration across the mainframe community to develop shared tool sets and resources, announced today that Zowe will mark its 5-year anniversary this month. Zowe, an open source software framework for the mainframe that strengthens integration with modern enterprise applications, will celebrate the milestone by bringing the community together for Zowe Day at SHARE New Orleans on August 14.

Key Points: 
  • Zowe, an open source software framework for the mainframe that strengthens integration with modern enterprise applications, will celebrate the milestone by bringing the community together for Zowe Day at SHARE New Orleans on August 14.
  • Zowe, the integrated and extensible open source framework for z/OS, was announced at SHARE St. Louis 2018 with initial contributors Broadcom, IBM and Rocket Software.
  • Created 13 Projects that improve the learning ability, accessibility, and possibility of mainframe development including Zowe Application Framework, API Mediation Layer, Zowe CLI, Zowe Explorer, Zowe System Service (ZSS), Node.js Client SDK, Zowe IntelliJ Plugin, Zowe Kotlin Client SDK, Zowe Chat, ZEBRA, Zowe Python Client SDK, Zowe Swift Client SDK amd Zowe Java Client SDK.
  • Zowe will also be featured in several sessions at Open Mainframe Summit Las Vegas , co-located with IBM TechXchange on September 11, and Open Mainframe Summit New York , co-located with FINOS' Open Source in Financial Forum on November 1.

Protect AI Acquires huntr; Launches World’s First Artificial Intelligence and Machine Learning Bug Bounty Platform

Retrieved on: 
Tuesday, August 8, 2023
Data Management, Security, Technology, Other Technology, Software, Artificial Intelligence, Internet, Common Vulnerabilities and Exposures, Noise, Black hat, CVE, ML, Intelligence, Reward, BI, OSS, Research, CNA, Threat, Skynet, Trust, Acquisition, Machine learning, Risk, DEF, Big data, Artificial intelligence, Knowledge, AI, Environment, Medical device, Synopsys, Protection

Protect AI, the leading artificial intelligence (AI) and machine learning (ML) security company, today announced the launch of huntr, a groundbreaking AI/ML bug bounty platform focused exclusively on protecting AI/ML open-source software (OSS), foundational models, and ML Systems.

Key Points: 
  • Protect AI, the leading artificial intelligence (AI) and machine learning (ML) security company, today announced the launch of huntr, a groundbreaking AI/ML bug bounty platform focused exclusively on protecting AI/ML open-source software (OSS), foundational models, and ML Systems.
  • The launch of the huntr AI/ML bug bounty platform comes as a result of the acquisition of huntr.dev by Protect AI.
  • This success provides an opportunity for Protect AI to focus this platform on a critical and emerging need for AI/ML threat research.
  • “The vast artificial intelligence and machine learning supply chain is a leading area of risk for enterprises deploying AI capabilities.