Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Large Businesses Wrestle With Web 2.0
New capabilities turn security policies and practices on end, panelists say
Software Lets Enterprises Encrypt, Restrict Use of CD/DVD Media
New technology from Lumension encrypts data on CDs, prevents reading and writing without network authorization
Webroot to Launch Enterprise Web Filtering Service
Content filtering will be marketed alongside email management service
Wireless Vulnerabilities Present Enterprise-Wide Threats, Expert Says
Wireless is the greatest threat to corporate networks since the emergence of the Internet, AirPatrol CEO says
'Long-Term' Phishing Attack Underway
New phishing exploit doesn't bother asking for passwords, and its stealthy malware hides out on victim's machine
Societe Generale Goat Gets IT Consulting Job
Man who singlehandedly cost financial services firm more than $7B is now giving advice
Exostar Set to Launch Federated Identity Service for Aerospace
Service vets and authenticates customers and trading partners for its members
Men More Likely Than Women to Fall for Internet Fraud
Guys lose $1.67 to every $1 lost by gals, ICCC says
Securing the Internet's DNS
Internet's .arpa, .org, and .uk domains soon to adopt DNSSEC
Companies May Be Held Liable for Deals With Terrorists, ID Thieves
New and little-known regulations could mean fines, or even jail time, for companies that do business with bad guys
eBay Turns Up the Heat on Fraudsters
Special cookies will help online marketplace separate legitimate sellers from identity thieves
New Tool Lets Enterprises Manage Security on Multiple Linux Servers
Trusted Computer Solutions readies software that can 'lock down' servers running Red Hat, CentOS, or Oracle Enterprise Linux
Server Theft Exposes Data on 700,000 Consumers
Break-in at debt collection company puts Indiana citizens' personal information at risk
2008 Could Be Record Year for Breaches
More than 8 million Americans' data has been exposed so far this year, first-quarter study says
Customers Ticked Off Over Breach Notification
Majority of customers have had their data exposed more than once, study says
Security, IT Operations, Compliance & Privacy Converge in Data Center
Formerly disconnected disciplines find themselves working together
Women Are Four Times More Likely to Give Up Passwords for Chocolate
But overall willingness to give up passwords has dropped sharply since 2007, study finds
Wireless Security Gets Boost From New Round of Products
Wireless isn't the problem child it used to be, but authentication and management still challenge enterprises
PayPal Outlines Strategy to Slow Phishing
Web's biggest phishing target published multi-layered plan to reduce delivery of fake emails and warn users of phishing sites
RSA: Hashing Out Encryption
Vendors at RSA 2008 rolled out tools that make encryption easier to use and manage
New York Hospital Worker Arrested for Stealing 50,000 Patient Records
Theft was discovered by police, not hospital IT staff
NAC Market Retrenches at RSA
Vendors try the appliance approach, scaling back from larger vision of enterprise-wide deployments with hundreds of end points
DHS Chief Says Current Defenses 'Insufficient' to Handle Evolving Threats
Homeland Security secretary Michael Chertoff says federal government and industry need to do more
Coviello: Security's a Drag on Business
RSA exec says more than 80% of businesses have shied away from innovation due to security concerns
Cisco, RSA Partner to Secure Data in Motion, at Rest
Partnership leverages data loss prevention framework unveiled by RSA last week
'Digital Trust Barometer' Is Falling
More than a fifth of users have already fallen victim to online fraud
KeyCorp Unlocks Method for Extending Single Sign-on
Financial services firm looks to stretch SSO to business partners
Next-Gen Crypto Method Will Help Secure Mobile Apps
Certicom will demo new Elliptic Curve Cryptography (ECC)-based mobile ticketing, RFID tag technologies at the RSA conference
Enterprise Networks Rife With Unauthorized Apps, Study Says
Employees use variety of tactics to circumvent IT policies and misuse the corporate network
RSA Takes Suite Approach to Data Leak Prevention
Next-gen technology can inspect data, classify it, and apply policies on how to secure it
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
