Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Survey: Unstructured Data a Security Nightmare
New Ponemon Institute report finds organizations don't have a grip on access to data on file servers, network-attached storage
TV Guide/Comcast Joint Venture Gets NAC
GuideWorks adds mobile, visiting users to its network with TippingPoint appliance
Google, Microsoft Back Security & Privacy Framework for Online Health Data
The Common Framework for Networked Personal Health Information defines best practices for protecting patient data for online access
Microsoft, Novell, Oracle, PayPal, Others Launch New Digital ID Forum
Nonprofit Information Card Forum established to unite various industry efforts for building online information identities to replace the username/password model
Filling Out Forms: Still a Dangerous Game
Despite upgrades and fixes, most browsers are still vulnerable to attacks via Web forms, researcher says
New Worm Spawns More Than 8M Spam Messages
Fake news come-ons lead to infected porn site
ID Protection Startup Prepares Commercial Push
After completing identity theft study and numerous breach response engagements, Debix says it's good to go
Stolen Healthcare, Airline Credentials Found on Servers
Researchers at Finjan say cybercriminals are looking beyond stolen credit card accounts
GAO: There Ought to Be a Law
Government's ability to extract and manipulate personal data is too broad, watchdog agency says
Could a Smartphone Solve the Notebook Security Problem?
Maybe instead of looking at them as a new problem, we should consider smartphones as a potential security solution
Verizon Study Links External Hacks to Internal Mistakes
Most breaches come from outside the company, but they are often triggered by unfound errors on the inside
Cybercrime Outranks Other Crimes on Europeans' Worry List
Almost half of German PC users believe they will eventually fall victim
Mind-Reading: The Next Great Privacy Debate?
New MRI technology lets doctors see images in your mind - now there's a scary thought
New Virus Lets Attackers Hold Data for Ransom
Gpcode variant encrypts many file types with strong key; attackers ask for a bounty to decrypt
Gartner Details Real-Time 'Adaptive' Security Infrastructure
Future security model addresses arrival of multiple perimeters, mobile users
Army Hospital Breach May Be Result of P2P Leak
Data loss at Walter Reed exposed personal information on 1,000 soldiers
At Gartner Summit, Experts Question Security's Future
Analysts, sci-fi authors challenge security pros to rethink the status quo
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
