Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
PC Tools: Top Internet Blunders of '08
A look at the top Internet security blunders during the past year
ESET Teams With Inquira
Antivirus vendor expects to raise the bar in customer service for the IT Security Industry
Webroot Threat Advisory: Hackers Using Continental Flight 1404 Headlines To Scam Online News-Seekers
Rogue apps trick users into purchasing phony software and sharing personal information
Comodo Releases EasyVPN Beta
Comodo EasyVPN beta uses IM clients to access files, PCs
IronKey's New Anti-Worm Malware Protection Battles AutoRun Worms
Patent-pending technology prevents USB AutoRun worms from infecting corporate and government networks
IT Confidence Drops To Lowest Level In 2008
More staffing and budget cuts are anticipated in 2009, according to the latest CDW IT Monitor
Prism Microsystems Adds Smart Search To Security Information and Event Management Solution
Solution combines intelligent analytics to extract meaning from raw logs with free-form intuitive search to extract precise matches from terabyte of data
Cyber Secure Institute Cuts Through Misleading Security Claims: LynuxWorks and LynxSecure
What LynuxWorks actually said is its system supports EAL 7 evaluation or could be evaluated at that level, says The Cyber Secure Institute
Secerno Makes Enterprise-Class Database Security Available To Branch Offices And SMEs
Release of Secerno DataWall 3.2 includes two new entry-level versions of Secerno's active database control solution
SECNAP Adds Advanced Reporting Functionality To SpammerTrap Email Security Reporting Package
Security Gateway provides a robust array of reports for client administrators, as well as several enhanced reports for end users
IronKey Announces New Capabilities To Remotely Protect Secure USB Flash Drives
IronKey's Trusted Network allows IT administrators to remotely restrict IronKey devices from being used on systems outside specified enterprise IP addressees
Avocado Security Launches Enterprise Edition 2.0 Security & Business Intelligence Optimization Platform
Solution automates discovery and detection, and analyzes billions of CCTV video surveillance security images
Zero-Day Web Malware Blocks Surpass Yearly Average
Leading provider of SaaS Web security reports zero-day malware accounted for 26% of blocks in November
Sourcefire Announces EMEA Channel Expansion
Sourcefire appoints six new strategic partners across EMEA
Nuclear Regulatory Commission Expands Cybersecurity Requirements For Nuke Power Plants
New rule adds several new requirements as a result of experience in implementing previous security orders and updates the regulatory framework in preparation for the licensing of new nuclear power plants
John Wyatt Named President And CEO Of Cigital
Wyatt, who has been running Cigital since 2005 as the company's COO, will continue to be responsible for the company's overall management and business strategy
Network Frontiers Releases Media Disposal Toolkit
Network Frontiers' Media Disposal Toolkit contains everything any organization needs to know about data disposal, presented in a logical actionable format
Sourcefire 3D System 4.8 Now Available On Crossbeam Security Platform
System provides adaptive intrusion prevention capabilities to secure large enterprise network assets against all forms of security threats
Logica Implements SSH Tectia For Securing City of Helsinki's Financial Apps
Implementation involves more than 1,300 workstations and application servers to secure file transfers and data connections between workstations and application servers for the City of Helsinki
Beth Israel Medical Center Adds Third Brigade's Server Security
BIDMC is using the host-based firewall module of Third Brigade Deep Security to create zones of trust within its datacenters
ConSentry Enhances Partner Program
Announcement includes a series of programs, pricing changes, and tools aimed at broadening opportunities for its networking channel
Fidelis's XPS DLP Solution Adds Passive Data Discovery
New system version enhances an enterprise's ability to reduce the risks of leakage of protected or sensitive information
SecureMac Releases DNSChanger Trojan Removal Tool 2.0
Free tool detects and removes new variants discovered since the original tool was released
Palamida Finds Security Tops List Of Concerns Inhibiting Broader Open Source Adoption
Company highlights 25 open source projects that organizations can use with confidence
GlobalCrypto's RealMe Available As A Flash Web Widget
RealMe strong authentication software enables a user to upload a photo of their choice and have that picture embedded with cryptographic information unique to the user and Web site
PGP Whole Disk Encryption Approved For Use Within U.K. Goverment
Baseline approval provides assurance against data loss from laptops and desktops
Canada's NB Power Chooses Waterfall Security Solutions For Network Security
Waterfall's patent pending solutions enables network segregation ("air gapping") and provide absolute and impenetrable security for critical networks
Rapid7 Launches New 'PartnerFirst' Program
Program will help partners meet demand for Rapid7 NeXpose vulnerability management for security and compliance
WorkLight And Netvibes Develop New Secure Widget Platform
Companies taking advantage of these new capabilities can provide consumers with a host of customized tools, ranging from secure RSS feeds and targeted promotional widgets to secure, transactional widgets for managing accounts
Veracode Appoints Jon Stevenson SVP Of Technology And Service Operations
Stevenson, who held senior management roles at companies such as BMC and HP, is responsible for all aspects of engineering, product management, security research and service delivery
Q1 Labs Unveils Network Security Management Solution For Virtual Environments
VFlow Collector helps IT pros gain network and application layer visibility into their virtual worlds
Investment Bank Upgrades Global Infrastructure With Palo Alto Networks Firewalls
Greenhill & Co. adds user-based visibility and policy control of Webmail to reduce risk of regulatory noncompliance
Finjan Creates Advisory Board
First two members are Gregory Todd Garcia, the first presidentially appointed Assistant Secretary for Cyber Security and Communications at the DHS, and Taher Elgamal, a leading expert in computer, network and information security
Cloudmark Survey: Operators Ignore Mobile Spam
New research finds that operators anticipate increased mobile spam attacks, but are slow to protect against them
Open Letter From SESTA Calls For Tighter USB Security
SanDisk Enterprise Solutions Technology Alliance calls on IT professionals to implement improved security for USB storage devices without hampering worker productivity or banning the use of these powerful devices
Core Impact Pro V8 Extends Automated Web App Penetration Testing
The newest version of Core Security Technologies' flagship security testing software builds on the its range of comprehensive network, endpoint and Web application testing capabilities
LogRhythm Adds Intelligent IT Search To Log Management System
LogRhythm enhances cryptic raw logs to yield meaning, trends, and anomalies from search results
Business Services For U.S. Immigrants At Extremely High Risk Of Cybercriminal Penetration
Panda Security assessment finds businesses primarily used by U.S. immigrants to send money back to their home countries to be severely lacking in security measures
Panda Security Reveals Major Security Flaws In Money Transfer Businesses
Lack of security could allow cybercrooks to obtain users' bank details and empty their accounts
West Coast Labs Completes Anti-Malware Testing, Issues Checkmark Anti-Malware Certification
17 companies subjected their products to extensive testing to defend against malware attacks authored worldwide; US continues as lead originator of malware attacks against US companies and organizations
Flurry Of Spam Targeting The Federal Bureau Of Investigation
Consumers continue to be inundated by spam purportedly from the FBI
Monext Chooses Verizon Business Security Solutions to Support Delivery Of Industry-Compliant Bank-Payment Services
Verizon Business' professional services will enable certification of Monext's processing system
Bit9 Identifies 'The Dirty Dozen' - 2008's Most Popular Applications With Critical Security Vulnerabilities
Reputable programs found vulnerable; security gaps often left unaddressed
How Companies Can Use IT Security To Protect Against Insider Attacks
Tough economic times present increased motivation for cybercrime. Experts from Gotham Digital Science share tactics that companies can use to protect against security attacks executed by disgruntled or former employees
Imperva, ArcSight Partner To Integrate Database Monitoring Intelligence With Security Information And Event Management
SecureSphere achieves certified interoperability with ArcSight SIEM Platform under the ArcSight EnterpriseView Partner Program
Palo Alto Networks Discovers Critical Vulnerability In Microsoft Word
Exploited vulnerability could allow full system access and control
WhiteHat Security Releases 6th Website Security Statistics Report
Report shows eight of our 10 Websites are vulnerable to attack
HP Expands Virtual Protection Tool, Desktop Linux Offering For Small Business Customers
offerings are designed to help small businesses enhance their productivity and ease their management of technology
Actimize Expands IBM Partnership; Embeds Technology To Fight Fraud, Financial Crime
Actimize enterprise risk platform to include IBM name matching analytics technology
SkyRecon Provides Full Disk And File-Based Encryption With StormShield Security Suite Version 5.2
StormShield Security Suite Version 5.2 adds full disk encryption as a complement to its file-based encryption security layer
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
