Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Recent Attacks Lead to Renewed Calls for Banning Ransom Payments
While attackers in protected jurisdictions continue to get massive sums for continuing to breach organizations, the ransomware threat will only continue to grow.
Attackers Exploited 4 Zero-Day Flaws in Chrome, Safari & IE
At least two government-backed actors -- including one Russian group -- used the now-patched flaws in separate campaigns, Google says.
State Dept. to Pay Up to $10M for Information on Foreign Cyberattacks
The Rewards for Justice program, a counterterrorism tool, is now aimed at collecting information on nation-states that use hackers to disrupt critical infrastructure.
Targeted Attack Activity Heightens Need for Orgs. to Patch New SolarWinds Flaw
A China-based threat actor -- previously observed targeting US defense industrial base organizations and software companies -- is exploiting the bug in SolarWinds' Serv-U software, Microsoft says.
Can Government Effectively Help Businesses Fight Cybercrime?
From the Biden administration's pledge to take action to INTERPOL's focus on ransomware as a global threat, governments are looking to help businesses cope with cyberattacks. But can it really work?
Kaseya Releases Security Patch as Companies Continue to Recover
Estimates indicate the number of affected companies could grow, while Kaseya faces renewed scrutiny as former employees reportedly criticize its lack of focus on security.
What Colonial Pipeline Means for Commercial Building Cybersecurity
Banks and hospitals may be common targets, but now commercial real estate must learn to protect itself against stealthy hackers.
Microsoft Releases Emergency Patch for 'PrintNightmare' Vuln
It urges organizations to immediately apply security update, citing exploit activity.
Cyberattack on Kaseya Nets More Than 1,000 Victims, $70M Ransom Demand
The provider of remote monitoring and management services warns customers to not run its software until a patch is available and manually installed.
Why Are There Never Enough Logs During an Incident Response?
Most security pros believe their responses could be dramatically quicker were the right logs available, and usually they're not.
Stop Playing Catchup: Move From Reactive to Proactive to Defeat Cyber Threats
One-time reactive measures can't keep up. It's time to be proactive and pick our swords and not just our shields.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
