Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Cybersecurity User Training That Sticks: 3 Steps
People are eager for common-sense advice that gives them control over their environment and helps them stay safe online.
WindTalker Attack Finds New Vulnerabilities in Wi-Fi Networks
White hat researchers show how hackers read keystrokes to potentially compromise cellphone and tablet users on public Wi-Fi and home networks.
Cyber Monday, Consumers & The Bottom Line Of A Data Breach
Yes retailers can achieve ROI for their investments in cybersecurity during the upcoming holiday season - and for the rest of the year, too! Here’s how.
Thinking Ahead: Cybersecurity In The Trump Era
In a panel held by the University of California Berkeley Center for Long-Term Cybersecurity and Bipartisan Policy Center, experts discuss challenges facing the incoming presidential administration.
China's Jinping Opens Tech Meet With Calls For 'Fair & Equitable' Internet
The third Wuzhen World Internet Conference had a strong presence of US tech companies despite criticism of China’s Internet laws.
Teenager Admits To TalkTalk Hack
A 17-year-old boy exploited flaws in ISP’s web pages to steal confidential data of 150,000 customers.
As Deadline Looms, 35 Percent Of Web Sites Still Rely On SHA-1
Over 60 million web sites are relying on a hashing algorithm that will be blocked by major browsers starting Jan 1.
NIST Releases Version of Cybersecurity Framework for Small Businesses
Researchers offer a step-by-step approach for covering the basics of cybersecurity.
Insider Threat: The Domestic Cyber Terrorist
It is dangerously naive for business and government leaders to dismiss the risk of radicalized privileged users inside our critical industries.
8 Public Sources Holding 'Private' Information
Personal information used for nefarious purposes can be found all over the web – from genealogy sites to public records and social media.
Adobe To Pay $1 Million Compensation In Data Breach Case
Personal data of more than 500,000 consumers from 15 states were stolen in the 2013 breach of Adobe server.
The 7 Most Significant Government Data Breaches
Mega compromises at federal and state agencies over the past three years has compromised everything from personal data on millions to national security secrets.
Shoppers Up Their Online Security Game, Survey Says
While they check SSL certificates and liability policies more often, many remain wary of biometric authentication, Computop reports
Stay Vigilant To The Evolving Threat Of Social Engineering
Even the most cyber-savvy individuals can easily get tripped up by a social engineering attack. But users can trip-up a threat simply by paying attention.
Is Fingerprint Authentication Making The Password Problem Worse?
Problems emerge when users switch to a new phone.
Election 2016 & WikiLeaks: Bad, But Not Your Worst Nightmare
John Podesta may be the poster child for poor user security practices but the real problem is rigid regulatory compliance frameworks that perpetuate ineffective perimeter defenses.
7 Reasons Consumers Don’t Take Action on Cybersecurity
Security awareness is high but it’s hard to turn personal knowledge into effective practices.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
