Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
RSA Denies Trading Security For NSA Payout
EMC security subsidiary accused of accepting $10 million from the NSA to purposefully use encryption for which the intelligence agency enjoyed backdoor access.
7 Reasons Why Bitcoin Attacks Will Continue
Cryptographic currency's rising value makes it an appealing target for cybercrime gangs and crimeware toolkit developers.
Target Confirms Hackers Stole 40 Million Credit Cards
Hackers' 19-day heist scoops up all ingredients required to make counterfeit cards.
My 5 Wishes For Security In 2014
Security skeptic Dave Piscitello tells why his end-of-year InfoSec predictions are like a fine wine.
Advanced Power Botnet: Firefox Users, Beware
Malicious Firefox plugin scans websites for exploitable SQL injection vulnerabilities.
Protecting Brand And Data While Staying Social
Despite worries about social media, most companies are not monitoring it for threats
Zeus Banking Malware Gets 64-Bit Facelift
Crimeware toolkit developers follow the money, build new features into the notorious banking malware.
Time For An 'Active Defense' Against Security Attacks
Today's threat landscape and the mobility of our data demand much more than a castle wall approach to keep hackers at bay.
Cybercrime Milestone: Guilty Verdict In RICO Case
Prosecutors use law designed to take down mobsters to fight online crime.
6 Tips To Secure Webcams, Stop Keyloggers
If the FBI can activate webcams silently and record keystrokes, so can attackers. Here's how to defend yourself.
DARPA Crowdsources Bug-Spotting Games
DARPA debuts five different puzzle games to test whether players can spot mathematical flaws in open-source code used by the Defense Department.
IT Security Risk Management: Is It Worth The Cost?
The attitude that IT security risk shouldn't be governed by traditional measures of cost and benefit is ludicrous.
NSA Fallout: Microsoft Rethinks Customer Data Controls
Fallout over NSA surveillance drives Microsoft to promise widespread security and privacy improvements. But do they go far enough?
Do Antivirus Companies Whitelist NSA Malware?
Microsoft, Symantec, and McAfee fail to respond to a transparency plea from leading privacy and security experts.
Weighing Costs Vs. Benefits Of NSA Surveillance
What the tech industry needs the NSA to know about aligning a national security agenda with the realities of a global Internet.
Zero-Day Drive-By Attacks: Accelerating & Expanding
The zero-day attack business is no longer just about money, and patching is no longer the best defense.
5 Protocols That Should Be Closely Watched
Attackers frequently scan for open SSH, FTP, and RDP ports, but companies need to watch out for attacks against less common protocols as well
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
