Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Proof-of-Concept Released for Apache Struts Vulnerability
Python script for easier exploitation of the flaw is now available as well on Github.
A False Sense of Security
Emerging threats over the next two years stem from biometrics, regulations, and insiders.
Embedding Security into the DevOps Toolchain
Security teams need to let go of the traditional security stack, stop fighting DevOps teams, and instead jump in right beside them.
New PHP Exploit Chain Highlights Dangers of Deserialization
PHP unserialization can be triggered by other vulnerabilities previously considered low-risk.
Open Source Software Poses a Real Security Threat
It's true that open source software has many benefits, but it also has weak points. These four practical steps can help your company stay safer.
The Data Security Landscape Is Shifting: Is Your Company Prepared?
New ways to steal your data (and profits) keep cropping up. These best practices can help keep your organization safer.
10 Threats Lurking on the Dark Web
Despite some high-profile takedowns last year, the Dark Web remains alive and well. Here's a compilation of some of the more prolific threats that loom.
US-CERT Warns of New Linux Kernel Vulnerability
Patches now available to prevent DoS attack on Linux systems.
Is SMS 2FA Enough Login Protection?
Experts say Reddit breach offers a prime example of the risks of depending on one-time passwords sent via text.
Power Grid Security: How Safe Are We?
Experiencing a power outage? It could have been caused by a hacker … or just a squirrel chewing through some equipment. And that's a problem.
6 Ways DevOps Can Supercharge Security
Security teams have a huge opportunity to make major inroads by embracing the DevOps movement.
5 Steps to Fight Unauthorized Cryptomining
This compromise feels like a mere annoyance, but it can open the door to real trouble.
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
