Week 51 in Review: Zoom's VISS and a Surge in Zero-Days
A lot of writing this past week, but most of which won’t be published for the next few weeks, since my editors are caching articles for the coming vacation. So, I have two articles to post from the past week: One covering the differences of Zoom’s new Vulnerability Impact Scoring System, and another for README.security that is focused on the surge in 0-day vulnerabilities over the past year.
Will Putting a Dollar Value on Vulnerabilities Help Prioritize Them? | Dark Reading
Zoom’s Vulnerability Impact Scoring System calculates the impact of a vulnerability to assign a cash payout for bugs, leading hackers to prioritize more severe flaws. Can it do the same for companies? (18 December 2023)
Zero-days aren’t just for nation-states anymore | README.security
In 2023, attackers continue to wield more zero-day exploits against companies and individuals, using them for ransomware, surveillance and espionage. Will the number of zero-days climb further in the New Year? What can organizations do? (21 December 2023)