Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Cloud Security Startup Armo Emerges from Stealth with $4.5M
Armo's platform was developed to protect cloud-native workloads and provide DevOps teams with greater visibility and control.
2020 Marked a Renaissance in DDoS Attacks
Amid the global pandemic, cybercriminals ramped up use of one of the oldest attack techniques around.
Microsoft Security Business Exceeds $10B in Revenue
Microsoft's security division has grown more than 40% year-over-year, the company reports alongside security product updates.
Security's Inevitable Shift to the Edge
As the edge becomes the place for DDoS mitigation, Web app security, and other controls, SASE is the management platform to handle them all.
Startup Offers Free Version of its 'Passwordless' Technology
Beyond Identity co-founders hope to move the needle in eliminating the need for passwords, but experts say killing passwords altogether won't be easy.
How to Better Secure Your Microsoft 365 Environment
Security experts offer Microsoft 365 security guidance as more attackers target enterprise cloud environments.
Cloud Jacking: The Bold New World of Enterprise Cybersecurity
Increased reliance on cloud computing puts more weight on robust authentication systems to protect data against hijackers.
SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics
Meanwhile, Malwarebytes is the latest victim, Symantec discovers a fourth piece of malware used in the massive attack campaign, and FireEye Mandiant releases a free tool to help spot signs of the attack.
'Chimera' Threat Group Abuses Microsoft & Google Cloud Services
Researchers detail a new threat group targeting cloud services to achieve goals aligning with Chinese interests.
Businesses Struggle with Cloud Availability as Attackers Take Aim
Researchers find organizations struggle with availability for cloud applications as government officials warn of cloud-focused cyberattacks.
NSA Recommends Using Only 'Designated' DNS Resolvers
Agency provides guidelines on securely deploying DNS over HTTPS, aka DoH.
Virtual Pen-Testing Competition Tasks College Students With Running a Red Team Operation
Aimed at developing offensive cyber talent, last weekend's sixth annual Collegiate Penetration Testing Competition brought out some of the brightest from RIT and Stanford, among other universities.
The Data-Centric Path to Zero Trust
Data is an organization's most valuable asset, so a data-centric approach would provide the best value for organizations, now and in the future.
Nissan Source Code Leaked via Misconfigured Git Server
Leaked information includes source code of Nissan mobile apps, diagnostics tool, and market research tools and data, among other assets.
6 Open Source Tools for Your Security Team
Open source tools can be great additions to your cloud security arsenal. Here are a half-dozen to get you started.
COVID-19's Acceleration of Cloud Migration & Identity-Centric Security
Here are some tips for updating access control methods that accommodate new remote working norms without sacrificing security.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
