Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
ValidEdge Adds New Bot Monitoring Capability
ValidEdge MIS 1200 processes large volumes of samples, in addition to analyzing unknown malware samples in seconds
New Endpoint Security Product Developers' Consortium To Improve Critical Class Of Security Products
Charter members include AVG, McAfee, Microsoft
nCircle And Core Security Announce Support For CAG
Companies announce jointly developed coverage map of the SANS Consensus Audit Guidelines
Smart Card Alliance Endorses Health IT Privacy And Security Tiger Team Recommendations
All organizations involved in health data exchange involving personally identifiable health information should be required to use digital certificates
Panda Security Acquires Canadian Franchise And Continues International Expansion
Company also opens new franchises in Europe, Asia and Latin America in 2010; now present in 61 countries
FBI Warns Of Fraudulent Sweepstakes, Lottery Prize Schemes Via Email And Letters
Schemes use counterfeit checks that bear legitimate-looking logos of various financial institutions
ReportLinker Rolls Out SIEM Report
Issues 'World Security Information and Event Management (SIEM) and Log Management Products Market'
NaviSite Enhances NaviCloud For Enterprise Cloud Computing
New features provide increased flexibility, security, and control for cloud-based enterprise applications
PhishMe Offers Free Consumer Edition
Consumer Edition is an extension of the comprehensive PhishMe Enterprise Edition
DataX, Ltd. Unveils Advanced Identity Authentication And Skip Trace Services
DataX's identity authentication solutions employ advanced analytics and record-linking technology
Kodak's Security Solutions Group and Document Security Systems Partner To Combat Counterfeiting And Brand Fraud
Agreement covers a broad range of applications
Trend Micro To Purchase Mobile Armor
Mobile Armor's data protection offerings provide full-disk, file/folder, and removable media encryption for endpoints
Lumension Upgrades IT Risk Management, Compliance Product
Releases version v4.2 of Lumension Risk Manager
GuardTime, Joyent Team On Enhanced Trust, Integrity In Cloud
Joyent customers will be able to purchase GuardTime SmartMachines
IBM Leads EU Consortium On Secure Cloud Infrastructure
TCLOUDS will also study the legal, business and social aspects of cross-border cloud computing
WatchGuard Notes Worst Offending Security Reputations
Recommends businesses adopt “reputation” services as part of their multilayered security posture
Ground Labs Announces PCI Compliance Cardholder Data Discovery For Legacy Systems Using EBCDIC
Card Recon and Enterprise Recon products now include EBCDIC support
BT Ethical Hacking Center Validates Federated Networks' SSL Alternative Protocol
ASL protocol eliminates pervasive vulnerabilities inherent in the known limitations and weaknesses of current SSL implementations
(ISC)2 Establishes International Application Security Advisory Board
Board consists of 14 software life-cycle professionals
SIA Offers Guidelines For Biometrics In Federal E-Verify Program
Seven recommendations aimed at helping to “protect individual privacy and prevent identity theft”
Novell To Be Acquired By Attachmate Corp.
Transaction valued at approximately $2.2 billion
Afilias Secures .GI, .MN, And .SC Domains With DNSSEC
Enables DNSSEC for three more country-code top-level domains
40% Of U.K. Consumers Would Let AV Subscriptions Expire
Research shows consumers are increasingly reluctant to renew their antivirus software annually
Chinese National Pleads Guilty To Stealing Ford Trade Secrets
Former Ford employee faces a sentence of between 63-78 months’ imprisonment
Dell Rolls Out Encryption Solution
Dell Data Protection | Encryption is designed to help companies protect endpoint devices
Umail.net Launched To Offer Disposable Email Aliases And Antispam Whitelist
Free webmail service uses whitelist-based filtering
E-Commerce And Online Gaming Cyber Attacks Surge
IID releases Q3 Phishing Trends Report
Cloud-Based WAF Service Launched
New start-up, backed by Imperva, enhances website security and performance for SMBs
SonicWALL Receives Enterprise Firewall Certification From ICSA Labs
Certification covers the entire SonicWALL E-Class Network Security Appliance (NSA) series
Afilias And DotAsia Collaborate On DNSSEC Implementation For .ASIA
.ASIA domain enhances search engine optimization for users coming from Asia
CyberSource, Trustwave Team
CyberSource has engaged Trustwave to provide its merchants access to TrustKeeper PCI
New AutoRun Disable Tool Protects Computers Against USB-Spreading Malware
Tool from Endpoint Protector was designed to stop worms such as Conficker/Stuxnet
McAfee Reveals Top Threats From Q3: Cutwail, Zeus, Stuxnet Top List
McAfee's Q3 Threat Report also shows malware growth has reached its highest levels
Quaresso Announces Protect On Q
Protect On Q instantly delivers an armored browser upon connection to the website
FireHost To Close 2010 With Over 200 Percent Growth
Company has seen the most traction in industries that handle confidential information
PandaLabs: 40 Percent Of All Total Fake Antivirus Strains Were Created In 2010
5.4 percent of all PCs compromised in 2010 were infected with a fake antivirus, generating millions of dollars for cybercriminals
Web Browsers, Desktop Software Top “Dirty Dozen” Apps List
Google Chrome placed first on Bit9's list
ThreatMatrix Rolls Out Cookieless Device Identification
ThreatMetrix Fraud Network helps businesses detect returning visitors based on the attributes of the device
Anonymizer Guards Against Evercookie JavaScript API With Free Firefox Plugin
Plug-in extends Firefox's private browsing mode
NetQin Anti-virus 4.2 Beta Released For Android
NetQin Anti-virus 4.2 Beta is designed to protect Android
application against viruses and malware
Survey Reports 96% Of Orgs Unprepared For Network Breaches
Solera Networks completes 2nd Annual Network Forensics Survey
Lookout Announces Availability Of Lookout Premium
Lookout Premium for Android is now available for download
CA ARCserve Enhances Data Protection For Physical And Virtual Server Environments
New releases designed to help customers more effectively protect business systems and data
StopBadware Turns Focus To Web Hosting Providers
Organization will develop best practices for how providers respond to malware reports
Intersections Inc. Offers Advice to Consumers To Stay Safe During The Holiday Shopping Season
Intersections recommends the following safety tips for holiday shoppers
Lieberman Extends Microsoft Systems Center Service Manager To Automatically Close Privileged Account Security Holes
Announces out-of-the-box integration between privileged identity management solutions and Microsoft SCSM
SpamTitan Technologies Announces Major New Release Of Web Filter
Release 3.50 includes advanced reporting capabilities and real-time monitoring dashboard
Athena Security Debuts New Firewall Rule Tracker
Athena is offering the Rule Tracker to end users looking to comply with PCI DSS 1.1.5 and NERC R2.2
SIA Challenges NRC Findings On Biometrics
Report fails to acknowledge recent advances in technology, association says
RSA Announces DLP Suite Updates To Address PCI DSS 2.0
RSA DLP Version 8.5 includes 40 new features
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
