Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Researcher: Vonage Vulnerable
Popular VOIP service could be subject to spoofing, eavesdropping, and denial of service, Sipera warns
Sprint Adds Laptop Security to Mobile Broadband
Wireless carrier is first to distribute Alcatel-Lucent's Laptop Guardian connection card
Is NAC Dying?
Frustrated with complexity and cost, many enterprises are retrenching their NAC strategies
Upstart Takes New Tack on Digital Signatures
TriCipher's new MySignatureBook enables multiple signers to authorize a single document electronically
Phishing's Future Scapegoats
If they don't act soon, frequently-phished companies may be held liable for crimes committed in their names
Wolves in IT Administrators' Clothing?
Enterprises, vendors move to safeguard their systems from rogue systems administrators
eBay, PayPal Phishing Exploits Plummet
Sophos says 21 percent of phishing emails target eBay and PayPal, down from 85 percent last year
Schwarzenegger Terminates CA Retail Data Security Law
Minnesota remains only state to outlaw retention of credit card data
Obstacles Nick NAC, But Growth Continues
Most companies are getting network access control, but cost and lack of integration still are pain points
IGN Locks Down Endpoints
IGN Entertainment uses technology from Bit9 to control what its end users can access - and what they can't
Former IT Admin Convicted of Sabotage
Disgruntled staffer faces 10 years in jail after destroying payroll and HR files at Pentastar
Experts: Security Flaws Vary on Social Networking Sites
Though often lumped together, MySpace, Facebook, and LinkedIn each have their own security weaknesses
FTC Comes Down Hard on Spammers
In separate cases, agency slaps complaints on defendants for identity trafficking, bogus product claims
Are Hackers Piggybacking on Your Wireless Modem?
UK wireless service provider warns 250,000 customers of modem flaw
Web Hack Exposes Personal Data of 14,000 At Nature Conservancy
Attacker accessed data via malware attached to association Website
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
