Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Romanian Man Pleads Guilty to ATM Skimming Scheme
Radu Bogdan Marin allegedly used stolen account details and fake ATM cards to withdraw tens of thousands of dollars.
The Business of Security: How your Organization Is Changing beneath You
And why it’s your job to change with it and ‘skate where the puck is headed.’
To Gain Influence, CISOs Must Get Security's Human Element Right
Focusing on certain elements of security in isolation can cause a false sense of security.
This Week On Dark Reading: Event Calendar
Ransomware remediation and recovery this week, with clouds on the horizon.
Cybercriminals Exploit March Madness Frenzy
Users are clicking on dubious links to stream matches and exposing confidential data to hackers, says Zscaler.
7 Steps to Transforming Yourself into a DevSecOps Rockstar
Security practitioners at one education software firm offer lessons learned from merging DevOps with security.
The True State of DevSecOps
Automation improving, but security needs to find ways to slide into DevOps workflow and toolchain.
Report: ‘OilRig' Attacks Expanding Across Industries, Geographies
Malware targets Middle Eastern airlines, government, financial industries and critical infrastructure with a simple but powerful backdoor created by infected Excel files attached to phishing emails.
Secrets of a Highly Productive CIO-CISO Relationship
The dynamic between CIOs and CISOs has evolved along with the technology. How can they ensure they're on the same page while driving value?
In Cyber, Who Do We Trust to Protect the Business?
If business leaders and directors continue to view cybersecurity as mainly a matter for the IT department, they will leave their companies exposed to significant risks.
Ethical Hacking: The Most Important Job No One Talks About
If your company doesn't have an ethical hacker on the security team, it's playing a one-sided game of defense against attackers.
Women Still Only 11% Of Global InfoSec Workforce
Career development and mentorship programs make women in cybersecurity feel more valued, increase women's success.
Security in the Age of Open Source
Dramatic changes in the use of open source software over the past decade demands major changes in security testing regimens today. Here's what you need to know and do about it.
Awareness Training Can Help Quell Ransomware Attacks
53 percent of organizations fall victim to ransomware, despite multiple technological defenses; but the right awareness training brings that infection rate down significantly, KnowBe4 study finds.
This Week On Dark Reading: Events Calendar
How to become a threat hunter, how to build a cybersecurity architecture that actually defends against today's risks, and much more...
Mobile (In)security: Dark Reading Cartoon Caption Contest Winners
Clever word play on mobile ransomware, cloud and the Internet of Things. And the winners are …
In Cybersecurity, 'Sales Engineers' Rake in Higher Salaries Than Tech Workers
Stop coding, start selling, and you could earn 50 percent more.
9 Phishing Lures that Could Hijack your 2017 Tax Refund
Scammers are taking an aggressive approach to tax season this year, packing attachments and links with banking Trojans, and fairly new strains of ransomware.
Is Mentorship the Key to Recruiting Women to Cybersecurity?
New ISACA survey identifies biggest barriers faced by women in tech, chief of which are a lack of mentors and female role models.
Yahoo CEO Punished for Data Breaches
Marissa Mayer will be denied her annual bonus of around $2 million and also forgoes annual stock award worth millions.
In Appreciation: Howard A. Schmidt
Former cybersecurity coordinator to President Obama, and renowned veteran of the security industry, passed away Thursday.
Trump Names New Head of Economic Council for Cybersecurity, Technology
Grace Koh will be special assistant to the President for technology, telecom, and cybersecurity.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
