Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
CSRF Bug Runs Rampant
Vulnerabilty found in Check Point, various firewalls, UTM appliances, routers, storage systems, and other devices managed with Web interfaces
Killing That 'Man in the Browser'
TriCipher to unveil transaction security tool today
Hacking Truckers
Researchers discover that the contents of a truck's haul are wide open to hackers via RFID
'You're Now Free to Move About the Company'
American Airlines pilots discover major vulnerability in company's intranet
People, Not Passwords, Are the Problem
UK government study says end users still don't know how to protect their passwords online
PatchLink Buys SecureWave
Deal merges endpoint security with patch management, vulnerability assessment
Stonesoft Seeks to Open Up VPNs
New SSL VPN products don't discriminate against mobile devices, non-employees
Server Room Follies
In which pizza and soda are shown to be more powerful than a crowbar for breaking and entering
A New Approach to Database Security
Startup Sentrigo prepares to launch Hedgehog, a new tool that works at the cache memory level
Eight Vulnerabilities You May Have Missed
With all the security vulnerabilities in the news, here's a look at some dangers that few are talking about
Survey: 1 in 4 WLANs Unsecured
RSA survey finds more WLANs, but not much security
Authentication Goes USB Route
TriCipher to debut smart drive-based, multi-factor authentication for $2 to $3 per user
Pfizer Falls Victim to P2P Hack
Attackers access personal information on 17,000 employees via laptop vulnerability
Architect's Many Identities
Dale Olds, creator of Novell's eDirectory, talks open-source ID, tuba photography, and how not to configure your home firewall
Attackers Break Into UVA Database
Personal data on nearly 6,000 former and current faculty members at the University of Virginia was compromised
P2P's Unintended Leaks
Or, how file-hungry music and video fans might download business-sensitive data
Security's Soft Underbelly
Many companies secure the walls, but databases remain the soft, chewy center
EMC Secures Verid
Vendor continues its security spending tear, picking up authentication specialist Verid
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
