Tech Center Security Management
Dark Reading's Security Management Tech Center is your destination for news and information surrounding the administrative and professional tasks that information security professionals must perform every day. Written for career security pros, The Security Management Tech Center is designed to provide insight on security career choices, staffing and budgetary issues, and day-to-day administrative tasks such as security reporting and architecture planning.
Rather than watching for communications between infected systems and command-and-control servers, companies can detect stealthy malware when it attempts to spread
ERPM’s newest version offers two interfaces that provide a programmatic option for identity management
New solution combines SIEM data with other critical security data
A group of Taiwanese researchers peer into the operations center of a group behind one large espionage campaign
With flaw tallies varying by up to 75 percent, vulnerability data needs to be taken with a grain of salt, yet reports based on the data fail to include caveats, Black Hat presenters say
- BeyondTrust Extends Vulnerability Management With Newest Version Of Retina CS
- Microsoft: SMB Cloud Security, Privacy Concerns A Matter Of Perception
- Is Risk-Based Security Management Art Or Science?
- Tech Insight: What You Need To Know To Be A Cyber Forensics Pro
- Gartner: Worldwide Security Market To Grow 8.7 Percent In 2013
By The Numbers
Information Security Salaries Split
Infosec managers saw their salaries rise, while staffers felt a slight dip in 2013.
Source: InformationWeek 2013 IT Salary Survey
Around the Web
Free Research and Reports
- BYOD into the Cloud: The Next Phase of Enterprise Mobility -
- Secure your mobile applications in the new commerce era - Mobile Commerce World - Mobile Commerce World
- Discover the opportunities and challenges associated with mobile retail - Mobile Commerce World - Mobile Commerce World
- Get practical information on how to develop your organization's mobile commerce application - Mobile Commerce World - Mobile Commerce World
- Explore best practices for marketers in the new mobile world - Mobile Commerce World - Mobile Commerce World
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Time To Set Up That Honeypot
Securing Cisco IP Telephony
Attribution Is Much More Than A Source IP
New CA Group Has Big Names, Small Impact
How To Build An IT Security Budget
5 Approaches To Decaffeinating Java Exploits
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 22.214.171.124, 5.3 before 126.96.36.199, and 5.4 through 188.8.131.52 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 184.108.40.206, 5.3 before 220.127.116.11, and 5.4 through 18.104.22.168 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via an undocumented API call that triggers the transmission of unexpected data.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.