CVSS: Ubiquitous and Broken | Digital Threats: Research and Practice

The Common Vulnerability Scoring System is at the core of vulnerability management for systems of private corporations to highly classified government networks, allowing organizations to prioritize remediation in descending order of risk. With a lack of justification for its underlying formula, inconsistencies in its specification document, and no correlation to exploited vulnerabilities in the wild, it is unable to provide a meaningful metric for describing a vulnerability’s severity, let alone…

Read More

Previous articleDNS data exfiltration VIA cellular?Next articleHunting C2 with Shodan

Read more

Explore the site

More from the blog

Latest News