Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Surrendering The Endpoint
Imagine there’s no desktop...
The (Attack) Path To Prioritization
Since you can't fix every vulnerability, you need to prioritize what needs to get done now and what doesn't. Using attack path data can help
Sextortion Warning: Masking Tape Time For Webcams
"Camjacking" attacks activate your webcam and record your every move. Female images are in demand.
Online Privacy: We Just Don't Care
Facebook leaked your data (again). Big Brother's watching everyone and everything. And Google is testing a "service" that sounds like you providing them a list of everything you own.
Ignoring Compliance Is A Real Option
Security and compliance are commonly deferred by choice
Database Configuration Standards
The trouble with database assessment and compliance
CrowdStrike Turns Security Fight Toward Attacker
CrowdStrike Falcon platform is first to focus on the source of the attack, rather than stopping malware
Should You Use Software-Defined Flash Storage?
"Software definition" leverages the processor's power to do things that used to require dedicated hardware. So, what does that mean for flash?
The Slippery Slope Of Security Invisibility
Everyone seems to want security to just be there, invisible to end users. Everyone except the security industry, that is, if it wants to survive
Security Needs More Designers, Not Architects
The better we design the user experience, the more we reduce our risk
Small Business, Big Target
Why SMBs are a big target of hackers, regulators, and security-conscious partners--and what to do about it
0-Day The (Bug) Bounty Hunter
Companies increasingly offer bug bounties to help find vulnerabilities and threats. This is an opportunity for those looking to get into security
Letter Of (Cyber) Marque And Reprisal
Facilitating future 'hack back' programs
NSA Prism Whistleblower Snowden Deserves A Medal
Without Snowden's leaks, we wouldn't be pursuing rational, democratic debates on the government's post-Sept. 11 balance between security and civil liberties.
Getting Out Of PRISM
What we can learn from national security monitoring
Endpoint Data Protection: Tablet Trouble
Backup managers should look at bringing endpoint protection in-house and using it to protect tablets.
Why Database Assessment?
How FIS bungled the basics
NSA Prism: Inside The Modern Surveillance State
The government's approach seems to be: "Collect first, ask questions later."
Putting Vulnerabilities And Threats Into Context
Advanced security research should play a role in your security program and be ready when science projects become weaponized attacks
What To Ask Your Penetration Tester
The importance of manual pen testing
DoS-in Your Database
The re-emergence of database denial-of-service attacks
Building An Effective Security Architecture: No Piece Of Cake
Enterprises need to put more thought, fewer products into their cyberdefense strategies
Can't Fix What You Hide
Willful ignorance may be bliss, but rarely is it compliant
When Colleges Use Twitter As Help Desk
Education IT leaders, your users are turning to Twitter to complain about the campus network and IT services. Are you responding effectively?
|
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
