Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Advisory: CSRF Flaw Found In Novell GroupWise Allows E-Mail Theft
Any HTTP request can be successfully forged, which means that any configuration settings can be changed on behalf of the victim user by tricking him
Name.com Offers Clients Two-Factor Authentication From VeriSign
By joining the VeriSign Identity Protection (VIP) Network, Name.com can provide its clients with safeguards that go beyond the standard log-in methods
Exaprotect Issues Warning on Apple Trojan
Urges IT Industry to secure their virtual networks not just from external and internal attacks, but also from unwittingly giving remote malicious users the tools to attack other networks
BitDefender E-Threats Landscape Report Spotlights Trojans As Dominant Security Menace In 2008
Report provides an overview of the security threats landscape during past six months, and takes a look at what lies ahead in 2009
AOTA Unveils Top 10 Privacy Principles To Help Maximize Online Consumer Confidence
Announcement coincides with World Data Privacy Day
Novator Chooses NitroSecurity For PCI Compliance
Online retail services provider selects the integrated NitroView Database Monitor and NitroView Enterprise Security Manager solution to help meet PCI-DSS compliance requirements
New Philadelphia Major League Soccer Stadium To Deploy Panasonic's IP-Based Surveillance Systems
Panasonic also will be the exclusive provider of broadcast and TV production systems, large screen LED displays, and point-of-sale systems
Snort Users Have Zero-Day Protection From W32.Downadup/Conficker Worm
The combination of Sourcefire's MS06-040 rules, its MS08-067 rules, and the company's generic shellcode detection rules delivers multiple layers of protection
Bradford Networks Sales Up 87 Percent In 2008
The provider of network access control solutions added more than 120 new customers to its roster
Edgeos Rolls Out New Pricing Model For Private Labeled Vulnerability Assessment Services
Monthly pricing plan enables smaller technology services providers to start offering vulnerability assessment services without having to commit to a monthly minimum at the outset
Splunk Closes '08 With Record Quarter
IT search company also realizes a year-over-year growth rate of 85%
Symantec Delivers Solid Fiscal Third Quarter Operating Results
Results are stronger than expected, according to the company
Oracle Broadens Database Auditing And Monitoring Capabilities
Oracle Audit Vault now collects audit data from IBM DB2 and Sybase ASE to help customers meet regulatory mandates and secure against insider threats
PandaLabs: 89.88% Of Email Was Spam In '08
Sexual performance enhancers and pharmaceuticals were the most common subjects used by spam in 2008
Shavlik Offers Free Protection Against Downadup Worm
Software company offers a limited-time only free version of its NetChk Protect and NetChk Compliance software for users to protect against the Downadup variant of the Conficker worm
SecureMac.com Releases Free iServices Trojan Removal Tool 1.1
Free tool detects and removes the new variant distributed with pirated versions of Adobe Photoshop CS 4 for Apple Mac OS X
CoSoSys Joins Educational Efforts On Data Protection Day
Acknowledging the threats of portable storage devices can prevent vicious outbreaks such as Downadup, affecting 10 million computers worldwide
Websense Acquires Defensio
Acquisition extends content identification and classification capabilities of the Websense ThreatSeeker Network by providing visibility into spam posted as comments to social Web sites
Trio Of Customers Implement Symantec Online Backup
Cameron Consultation, mmolecule and Stratis Business Systems select Symantec's software-as-a-service (SaaS) online backup application
Symantec Releases January 2009 MessageLabs Intelligence Report
New botnets boost spam growth to 80% to 90% of pre-McColo spam levels
eEye Rolls Out Blink Security Management Appliance 200
Mini appliance is designed to deploy and manage up to 200 computer desktops secured by eEye's Blink Professional security software
Infoblox Achieves U.S. Government Certification For IPv6
Appliances with the Infoblox NIOS operating system and grid technology get the OK from the Defense Information Systems Agency for Internet Protocol (IP) Version 6 (IPv6) interoperability
Archer Technologies Acquires Brabeion Software
Archer will leverage Brabeion's content library to enhance its Policy Management solution
TrustPort Unveils Two Portable Antivirus Products
TrustPort Antivirus USB Edition and TrustPort Antivirus U3 Edition secure portable media
Symantec Releases GoEverywhere Online Workspace Beta
Users can access their Web applications anytime, anywhere, using most any device enabled with a Web browser
OPSWAT Releases Metascan, Multiscanning Engine for Antivirus Applications
Metascan leverages seven built-in antivirus engines from AVG, CA, ESET, Norman, VirusBuster, MicroWorld (Kaspersky) and ClamWin
Liberty Alliance Launches Telecom Special Interest Group
SIG's goal: to develop best practices for managing identity-information and identity-enabled transactions and services in the global telecom sector
Sendio Customers Satisfied With E-Mail Security Platform: Survey
Sendio's E-mail Security Platform took less than half the time to configure, deploy and manage than the customers' previously installed solutions, according to survey
PandaLabs Detects Valentine's Day Worm
Waledac.C worm spreads via email in fake Valentine's Day e-greeting cards
IronKey Partners With McAfee To Provide Automatic Virus Scanning On USB Drives
When an IronKey device is mounted, the McAfee anti-virus scan will automatically run to identify potentially harmful files
Netgear Enters SMB Security Market
STM Series combines best-of-breed security features and patent-pending Stream Scanning technology, providing the SMB with an enterprise-class Web and email protection solution
Lumigent Raises $6M In VC Funding For GRC Technology
Software automates compliance reporting and other manual regulatory activities associated with primary business applications
MEGA Introduces Advanced GRC Solution
MEGA GRC Suite Version 3.1 includes advanced risk capabilities and compliance and control features to meet new reporting requirements
Yahoo Selects Abaca's Email Security Solution
Abaca's email security solution uses the receiver's reputation to calculate whether an incoming message is legitimate
K7 Computing Develops Tool To Neutralize Confickr/Downadup Worm
K7Downadup Remover Tool is a console application that scans and removes Worm.Win32.Downadup malware files and associated registry entries from an infected machine
SecureMac Offers Free Trojan Removal Tool For Macs
iWorkServices Trojan Removal Tool is a free utility created to remove the iWorkServices Trojan from infected Macintosh computers running OS X
Lieberman Software Announces Revenue Increase
Plans for 2009 include further expansion into international markets, an emphasis on expanding support for multiplatform enterprises, and the release of upgrades across the entire product line
Leading Retailer The Wet Seal Chooses Guidance Software's EnCase eDiscovery
EnCase platform enables enterprises and government agencies to conduct network-enabled, and court-validated digital investigations
VASCO Unveils DIGIPASS 855 Smart Card Reader
Solution comprises multiple authentication functionalities, connected and unconnected user modes and "what you see is what you sign" in one card reader
Cyberoam Releases 4Q Email Threat Report
Shutdown of notorious Web host leads to drastic fall in global spam levels; economic recession, Barack Obama, Google Docs leveraged for spam attacks
Sophos Releases Latest "Dirty Dozen" Spam Report
Five years on, spam continues to plague users, as United States ends another year at the top of the Dirty Dozen spam-relaying league
Imperva Appoints Brian Contos Chief Security Strategist
Contos joins Imperva from ArcSight where he advised government organizations and Global 2000s on security strategy
Finjan Appoints Dennis Wolf, Former MySQL CFO, As EVP And CFO
Wolf brings more than 25 years of experience managing finance and operations for high-growth technology companies
Xceedium Teams With RSA To Provide Interoperable Authentication And Policy Enforcement Technology
Certification formalizes a technical partnership and allows joint customers to leverage Xceedium's entitlement management solution to manage access to network resources for high-risk users through
the use of RSA SecurID two-factor authentication technology
Six Percent Of Computers Scanned By Panda Security Infected With Conficker Worm
Infections detected in more than 80 countries; United States, Taiwan and Brazil are among the most affected regions
Lantronix Releases New Hybrid Ethernet-Terminal/Multiport Device Server
Evolution Device/Terminal Server enables users to remotely access and manage up to 16 devices on a corporate network
eIQnetworks Closes $10 Million Round In Company's First Institutional Financing
eIQnetworks positioned to capitalize on the significant market opportunity for security and compliance management
Downadup Worm Invading 1 Million PCs Per Day, Disables Agent-Based Security Solutions
Shavlik offers webinar to illustrate why agentless technology is best protection against Conficker worm
Intellitactics, Open Technologies Partner To Manage Compliance, Reduce Risk In The Russian Market
Open Technologies will sell and provide services for the entire portfolio of Intellitactics products
HBGary Unveils Comprehensive Windows Memory Investigation And Malware Analysis Platform
HBGary Responder Professional 1.3 allows security professionals, malware analysts and forensic investigators to more effectively and efficiently detect, diagnose, and investigate computer crimes on live Windows computer systems
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
