in Articles minutes

Week 50 in Review: LinkedIn scams target Middle East, and an introduction to CVSS 4.0

I had two articles published this week, one over at Dark Reading covering the relative improvement in LinkedIn scams targeting the Middle East and another for Synack’s covering the release of CVSS 4.0.

CVSS 4.0 is shaking up vulnerability management. Here’s what’s changed |

CVSS 4.0 urges companies to go beyond base scores, allowing them to more accurately judge the threat posed by particular vulnerabilities based on threat intelligence and environmental factors. (14 December 2023)

Convincing LinkedIn ‘Profiles’ Target Saudi Workers for Information Leakage | Dark Reading

Social engineering attacks in the Kingdom collect information on professionals — and offer fake profiles for sale. (11 December 2023)