Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Telcos at Risk of Web Bugs
Service providers face security learning curve as they roll out next-generation Web services
Retailers Still Lag in PCI Compliance
Despite recent data breaches, more than half still have not implemented guidelines for protecting credit card data
SCADA State of Denial
More bugs and security tools for process control industry - but it's more a mindset than a technology problem
Loan Companies Abusing Student Database
Financial companies accused of unauthorized mining of National Student Loan Data System
Electoral Subtext
Whether you're monitoring the voting process or the status of your most valued server, you better have a Plan B
Study: Browser Warnings Don't Work
Despite lock-and-key icons and pop-up alerts, banking users just keep on loggin' on, Harvard/MIT researchers say
10 Hot Security Startups
Want to know who's on the cutting edge of security technology? Take a look at these 10 newcomers
Feds Under Fire Over Security
Agencies get C- on security report card; FTC criticized for low number of spam, spyware convictions
Security Enforcement, The Cooperative Way
Aventail pushes envelope on cooperative policy enforcement, will add interfaces to SSL VPN gateways this year
RFID Under Attack Again
RFID hacking isn't rocket science, but the risk depends on proper use, deployment
Whirlpool Spins New Address Scheme
New DNS address management tools help appliance maker wash away previous security woes
Hacking Bluetooth With a USB Stick
European researchers have built a Bluetooth sniffer on a $30 USB dongle
Audit Uncovers IRS Security Flaws
Tax agency not doing enough to protect taxpayer data on laptops, PCs, according to Treasury report
Dude, Where's Your PC?
Audit exposes lost computers at counterintelligence agency, need for better inventory management
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
