Over 50 New CVE Numbering Authorities Announced in 2022
Dwelling › Vulnerabilities
Over 50 New CVE Numbering Authorities Introduced in 2022
By Eduard Kovacs on December 22, 2022
Tweet
Greater than 50 organizations have been added as a CVE Numbering Authority (CNA) in 2022, bringing the overall to 260 CNAs throughout 35 nations.
Most CNAs can assign CVE identifiers to vulnerabilities present in their very own merchandise, however some can even assign CVEs to flaws discovered by their researchers in third-party software program that isn’t in one other CNA’s scope.
SecurityWeek has carried out an evaluation of bulletins made by the CVE Program and located that 54 CNAs have been added in 2022, in comparison with 43 in 2021.
The 2022 checklist contains cybersecurity firms equivalent to Proofpoint, Bugcrowd, Qualys, CyberArk, Inexperienced Rocket Safety, Dragos, SailPoint, Senhasegura, NetRise, HYPR, and Netskope.
Main tech firms equivalent to Baidu, Canon, Google (open supply software program), Seagate, Unisoc, GE Healthcare, Philips, Medtronic, Baxter Healthcare, and Citrix are actually additionally CNAs.
Main industrial options suppliers equivalent to Normal Electrical (Gasoline Energy), Honeywell, and Rockwell Automation can now additionally assign CVEs to vulnerabilities.
There are additionally some nationwide organizations and nonprofits which have joined the checklist of CNAs, together with the Dutch Institute for Vulnerability Disclosure (DIVD), Automotive Safety Analysis Group, Slovakia’s Nationwide Cyber Safety Centre (SK-CERT), and the Nationwide Cyber Safety Centre within the Netherlands (NCSC-NL).
The checklist of recent CNAs additionally contains Docker, WolfSSL, Grafana Labs, Honor, Zowe, OneKey, KrakenD, Twin Vipers, Baicells, HashiCorp, OpenCloudOS, OpenNMS Group, Crestron Electronics, OpenHarmony, Full Providers, KNIME, OpenGauss Group, Hitachi and Hitachi Vantara, Hallo Welt, OpenAnolis, ZUSO Superior Analysis Crew, Go Venture, JetBrains, The Lacking Hyperlink Australia (TML), and the OpenBMC Venture.
Associated: Moussouris: U.S. Ought to Resist Urge to Match China Vuln Reporting Mandate
Associated: Over 28,000 Vulnerabilities Disclosed in 2021
Associated: Microsoft: China Flaw Disclosure Legislation A part of Zero-Day Exploit Surge
Associated: GitHub Introduces Personal Vulnerability Reporting for Public Repositories
Get the Every day Briefing
- Most Latest
- Most Learn
- Zerobot IoT Botnet Provides Extra Exploits, DDoS Capabilities
- 5 Methods TikTok Is Seen as Risk to US Nationwide Safety
- Over 50 New CVE Numbering Authorities Introduced in 2022
- France Seeks to Defend Hospitals After Collection of Cyberattacks
- FBI Recommends Advert Blockers as Cybercriminals Impersonate Manufacturers in Search Engine Adverts
- Researchers Hyperlink Royal Ransomware to Conti Group
- Okta Supply Code Stolen by Hackers
- Ransomware Assault Causes Disruption at British Newspaper The Guardian
- Firms Introduced Billions in US Authorities Cybersecurity Contracts in 2022
- France Fines Microsoft 60 Million Euros Over Promoting Cookies
In search of Malware in All of the Mistaken Locations?
First Step For The Web’s subsequent 25 years: Including Safety to the DNS
Tattle Story: What Your Laptop Says About You
Be in a Place to Act Via Cyber Situational Consciousness
Report Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant
2010, A Nice 12 months To Be a Scammer.
Do not Let DNS be Your Single Level of Failure
How you can Determine Malware in a Blink
Defining and Debating Cyber Warfare
The 5 A’s that Make Cybercrime so Engaging
How you can Defend Towards DDoS Assaults
Safety Budgets Not in Line with Threats
Anycast – Three Causes Why Your DNS Community Ought to Use It
The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering Organizations
Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise
