Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Security Analytics Still Greenfield Opportunity
Surveys out this week show improvement in the use of analytics and threat intelligence but room for better execution.
With $325 Million In Extorted Payments CryptoWall 3 Highlights Ransomware Threat
Study by Cyber Threat Alliance reveals sophisticated nature of the latest version of CryptoWall
Machine Learning Is Cybersecurity’s Latest Pipe Dream
Rather than waste money on the unproven promises of ML and AI, invest in your experts, and in tools that enhance their ability to search for and identify components of a new attack.
5 Things To Know About CISA
Despite criticism from privacy advocates, the Cybersecurity Information Sharing Act passed through the Senate yesterday.
Undermining Security By Attacking Computer Clocks
A team of researchers at Boston University has developed several attacks against the Network Time Protocol that is used to synchronize internal computer clocks on the Internet
First Cyberterror Charges: DOJ Accuses Hacker Of Giving Military PII To ISIS
The data was first stolen from an online retailer, and the suspect is awaiting extradition hearing in Malaysia.
Adobe Patches Pawn Storm Zero-Day Ahead Of Schedule
Critical bug wasn't expected to be fixed until next week.
Pawn Storm Flashes A New Flash Zero-Day
Cyberespionage group shows off another piece of kit in attacks on foreign ministries.
Researchers Warn Against Continuing Use Of SHA-1 Crypto Standard
New attack methods have made it economically feasible to crack SHA-1 much sooner than expected.
Intro To Machine Learning & Cybersecurity: 5 Key Steps
Software-based machine learning attempts to emulate the same process that the brain uses. Here’s how.
Don’t Be Fooled: In Cybersecurity Big Data Is Not The Goal
In other words, the skills to be a security expert do not translate to being able to understand and extract meaning from security data.
Nuclear Plants' Cybersecurity Is Bad -- And Hard To Fix
Report: 'Very few' nuclear plants worldwide patch software, and operations engineers 'dislike' security pros.
Amazon Downplays New Hack For Stealing Crypto Keys In Cloud
Attack works only under extremely rare conditions, cloud giant says of the latest research.
The Evolution Of Malware
Like the poor in the famous Biblical verse, malware will always be with us. Here’s a 33-year history from Elk Cloner to Cryptolocker. What will be next?
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
