Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
3 Things Every CISO Wishes You Understood
Ensuring the CISO's voice is heard by the board will make security top of mind for the business, its employees, and their customers.
Ransomware Losses Drive Up Cyber-Insurance Costs
Premiums have gone up by 7% on average for small firms and between 10% and 40% for medium and large businesses.
Microsoft Refining Third-Party Driver Vetting Processes After Signing Malicious Rootkit
Rogue driver was distributed within gaming community in China, company says.
Attacks Erase Western Digital Network-Attached Storage Drives
The company suspects a remote code execution vulnerability affecting My Book Live and My Book Live Duo devices and recommends that business and individual users turn off the drives to protect their data.
New House Bill Aims to Drive Americans' Security Awareness
The legislation requires the National Telecommunications and Information Administration to establish a cybersecurity literacy campaign.
Expecting the Unexpected: Tips for Effectively Mitigating Ransomware Attacks in 2021
Cybercriminals continually innovate to thwart security protocols, but organizations can take steps to prevent and mitigate ransomware attacks.
Identity Eclipses Malware Detection at RSAC Startup Competition
All 10 finalists in the Innovation Sandbox were focused on identity, rather than security's mainstay for the last 20 years: Malware detection.
Did Companies Fail to Disclose Being Affected by SolarWinds Breach?
The SEC has sent out letters to some investment firms and publicly listed companies seeking information, Reuters says.
4 Habits of Highly Effective Security Operators
These good habits can make all the difference in advancing careers for cybersecurity operators who spend their days putting out fires large and small.
Trickbot Investigation Shows Details of Massive Cybercrime Effort
Nearly a score of cybercriminals allegedly worked together to create the Trickbot malware and deploy it against more than a million users, an unsealed indictment claims.
Many Mobile Apps Intentionally Using Insecure Connections for Sending Data
A new analysis of iOS and Android apps released to Apple's and Google's app stores over the past five years found many to be deliberately breaking HTTPS protections.
Deepfakes Are on the Rise, but Don't Panic Just Yet
Deepfakes will likely give way to deep suspicion, as users try to sort legitimate media from malicious.
First Known Malware Surfaces Targeting Windows Containers
Siloscape is designed to create a backdoor in Kubernetes clusters to run malicious containers.
Is Your Adversary James Bond or Mr. Bean?
Especially with nation-state attacks, its critical to assess whether you're up against jet fighter strength or a bumbler who tries to pick locks.
CISO Confidence Is Rising, but Issues Remain
New research reveals how global CISOs dealt with COVID-19 and their plans for 2022–2023.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
