Critical Vulnerabilities Discovered in South Korean ActiveX controls

computer code on laptop screen

Many years ago, ActiveX was a popular technology. Unfortunately, too many ActiveX controls had a very low code maturity and were riddled with basic vulnerabilities like buffer overflows, or exposed unsafe functionality even if marked as “safe for scripting”. These allowed malicious websites to trivially compromise users’ systems. Today, ActiveX technology is considered obsolete and […]

Vulnerabilities disclosed during the first three months of 2019 reach a Q1 all-time high

RICHMOND, VA, May 16, 2019 — Risk Based Security today released the Q1 2019 Vulnerability QuickView Report. There were 5,501 vulnerabilities aggregated by Risk Based Security’s VulnDB that were disclosed during the first three months of 2019. This represents a 1% increase over the same period in 2018, making this Q1 an all-time high. CVSSv2 […]

Risk Based Security Wins 2019 Emerging Technology Business Award

Photo of Jake Kouns, CISO and co-founder of Risk Based Security, accepting the Emerging Technology award at the RVAtech Gala

RICHMOND, VA, May 10, 2019 — Risk Based Security, a global leader in vulnerability intelligence and risk ratings, has been honored as the 2019 winner in the Emerging Technology Business category at the annual RVAtech award gala. The Emerging Technology Business award is given to organizations with high growth potential who are establishing themselves as […]

Over 1,900 breaches reported in the first three months of 2019, a new Q1 record

RICHMOND, VA, May 7, 2019 — Risk Based Security today announced the release of its Q1 2019 Data Breach QuickView Report, which found that there were 1,903 publicly disclosed data compromise events in the first three months of the year, exposing over 1.9 billion records. No other first quarter has seen this level of activity, […]

From 4,000 to 40,000 Data Breaches: People are Still the Problem

CRA data breach statistics - May 2019

On May 2, 2019, we hit a data breach milestone. The Cyber Risk Analytics research team added the 40,000th breach entry to our ever expanding data breach database. Coming hot on the heels of the 200,000th vulnerability added to VulnDB, it can be tempting to think much of the breach activity taking place over the […]

Risk Based Security Announces New Integration with Recorded Future for Intelligence-Driven Vulnerability Management

Provides richer, more actionable vulnerability intelligence to improve risk mitigation RICHMOND, VA, May 1, 2019 — Risk Based Security, Inc., a provider of detailed information and analysis on Vulnerability Intelligence, Data Breaches, and Vendor Risk Ratings, today announced a new partnership with Recorded Future, the leading threat intelligence company, to help joint customers more effectively […]

Vulnerability Fixes That Make You Go Hmm…

things that make you go hmmm...

The VulnDB research team processes a large number of vulnerability reports, exploits, and vendor advisories on a daily basis. Each report is scrutinized, classified and added to the VulnDB vulnerability database. They are enriched with important details like affected versions, requirements for exploitation, and sometimes even identifying incorrect fixes. The lack of available detail in […]

Risk Based Security Named Finalist For 2018 Richmond Technology Award

The Richmond Technology Council, central Virginia’s catalyst for technology, recently held its 23rd Annual Technology Awards Meet the Finalists Reception, announcing and honoring the finalists in each award category. The nominees include several local organizations and individuals that are actively helping advance central Virginia’s technology-based economy. Risk Based Security was nominated for the Innovation in Technology Builder Award […]

What You Don’t Know About The Vulnerability Ecosystem Can Lead To A Data Breach

I started working in vulnerability intelligence and running vulnerability databases more than 15 years ago. Recently, I paused to reflect on some of the changes to how vulnerabilities are being reported today versus at the beginning of my career. These changes greatly impact how I believe that organizations must deal with vulnerabilities reported in the […]

Risk Based Security Appoints Sven Krewitt To VulnDB Research Team

RICHMOND, VA, January 30, 2017 — Risk Based Security, Inc. today announced that it has appointed Mr. Sven Krewitt as a Senior Vulnerability Researcher. The appointment of Mr. Krewitt, a very talented and experienced vulnerability analyst, signals the company’s continued expansion of its vulnerability research team and dedication to providing the highest quality and most […]