Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
IronKey: U.K Organisations Fearful Of Organized Cybercrime
30 percent suffered one or more attacks in the past 12 months resulting in theft of data or money
Dasient Names Harnish Patel Vice President Of Sales
Harnish comes to Dasient from McAfee
Experian, Symantec Collaborate In ID Proofing And Authentication Technology
Combined solution supports National Institute of Standards and Technology requirements
Voltage Rolls Out Page-Integrated Encryption For Protecting Credit Card Numbers
PIE is particularly useful for e-commerce and other cloud-based applications that use confidential personal information
Apple Responds To iPhone Location Data-Gathering
Apple answers 10 questions
FireHost Introduces Secure Cloud Hosting With PCI 2.0 Compliance
Secure Cloud Hosting includes same level of protection as FireHost brand
73.7% Admit Email Compliance Violations
Enterprises are not effectively mitigating email risk or educating employees on acceptable-use policies, according to VaporStream study
IronKey Announces Trusted Access For Banking v2.7
Update extends IronKey’s keylogging protection
Symantec Announces April 2011 MessageLabs Intelligence Report
Targeted attacks increase in intensity rising to 85 per day while global spam continues to fall
PhoneSheriff Allows Parents To Control Child Phone Activities And Track GPS Locations
Parental control service works with iPhone, Android, BlackBerry, and Windows smartphones
Awareness Technologies Corporate Security Advisory: Seven Employee Monitoring Tips For Small Businesses
Many small businesses do not have the time or resources to develop and enforce effective policies
Citi's Global Transaction Services Achieves PIV-I Cross-Certification With CertiPath
Citi is the first company to be cross-certified by CertiPath to PIV-I
Managing Your Company's Cyber Risk: Antivirus Software And Endpoint Protection
Symantec Endpoint Protection 12.1 is designed to stop mutating threats without slowing you down
HITRUST Outlines Plans to Support Healthcare Industry in 2011 and Beyond
Health Information Trust Alliances identified a number of key areas, including cloud computing, data protection, health information exchanges (HIEs), mobile devices and authentication management, that it will focus on in 2011
Cloud Security Alliance Partners With ISO/IEC
Cloud Security Alliance will have a key role in the development of cloud security and privacy standards under ISO/IEC
Michigan Woman Pleads Guilty To Selling More Than $400,000 In Counterfeit Business Software
Pirated business software owned by several companies, including Microsoft, Adobe, Intuit and Symantec
FireMon Acquires Saperix Technologies
FireMon expands security operations solution with patented risk analysis technology developed at MIT Lincoln Laboratory
Forum Systems Delivers Unified Content Firewall
Next generation of flagship XML Gateway for faster, more powerful and seamless Web experience
Norton Survey Shows Royal Wedding Crowds Spilling Onto Cyber Streets
Wedding bells for happy couple may mean warning bells for users
Norton Internet Security And Norton AntiVirus 2012 Public Betas Now Available
Betas include key security enhancements
Fortinet: Torpig Botnet Re-Emerges
Botnet accounting for 30 percent of new botnet activity
F5 Security Solutions Help Deliver DNS Security For Newly Signed .com Domain
BIG-IP solutions provide a central point of control for DNSSEC based on trusted, signed query responses
U.S. Commerce Secretary, Senior White House Officials to Unveil Administration's National Strategy For Trusted Identities In Cyberspace
Strategy lays out vision for a more secure online environment, led by private-sector technology innovations
New Software Creates Privacy Mode For The Android
TISSA creates privacy setting manager that allows users to customize the level of information each smartphone application can access
Symantec Rolls Out New Messaging Gateway
Solution blocks more than 99 percent of spam while integrating with DLP and encryption technologies to protect outbound messages
TrustDefender Launches New Security And Fraud Risk Management Solutions
New products enable organizations to reduce the risk of dealing with online fraud
GigaTrust Brings Enterprise Rights Management To Apple's iPhone And iPad
GigaTrust extends Microsoft AD RMS to rights-enable the iOS platform
AppSec And Securosis Team Up To Provide Comprehensive Guide For Database Security Programs
Guide provides insight into all common database security tasks
Survey: Half Of Companies Can't Manage Risks Of Their IP-Connected Devices
In general, companies know they aren’t prepared to handle device security breaches, according to Mocana study
CSIdentity Corporation Acquires IdentityTruth
IdentityTruth's proprietary system constantly receives and analyzes data from multiple sources to build a complete identity profile for an individual
Email-Borne Malware Jumps 400% After Rustock Takedown, Says Commtouch Quarterly Report
The first three months of 2011 were witness to a range of varied attempts to distribute malware, according to quarterly Internet Threats Trend Report
DataMotion Releases Groundbreaking Mobile Email Encryption
SecureMail now integrates natively with all popular smartphone email clients
Verdasys Announces New Funding
Investment will enable Verdasys to expand the Digital Guardian Platform into mobile devices and cloud security
DOJ: $1.4 Million Money Laundering Case Yields Guilty Plea, Another Suspect
Georgi Vasilev Pletnyov faces a maximum sentence of 20 years in prison
Alert Logic Secures $12.6M Series E Funding
Round is being led by investors Updata Partners, Covera Ventures, DFJ Mercury and Access Venture Partners
The Open Group Releases Maturity Model For Information Security Management
O-ISM3 is compatible with other ISM industry standards, such as the ISO2700x series
TrustWave Teams With Tucows, Launches QuickTrust SSL
Trustwave SSL offerings now available through Tucows’ OpenSRS
Android, Facebook And The Anonymous Hacks -- Most Serious Cybercrime Issues of Q1 2011
First PandaLabs Quarterly Report of 2011 shows intense virus activity
Yubico And ForgeRock Partner To Provide Secure And Open Source Cloud Single Sign-On
YubiKey is now supported in ForgeRock OpenAM
LogRhythm Raises $10M In Funding
Company has tripled its customer base and revenue over the past two years
Neustar Launches SiteProtect For DDoS Protection
SiteProtect allows customers’ Web infrastructure to operate normally under attack
MSPAlliance Establishes New Cloud, MSP Certification Standard
Unified Certification Standard provides two levels of certification
Better Business Bureau Warns Of First Phishing Attacks In Wake Of Epsilon Breach
Banks, credit-card issuers warn of email breach
Banking Department Warns Consumers about Email 'Phishing' Scams After Security Breaches At Epsilon And RSA
Pennsylvania consumers warned to guard against possible financial
scams involving their email accounts
PandaLabs Q1 Report: China, Thailand And Taiwan World's Most Infected Countries
New threats surge 16 percent quarter over quarter to more than 73,000 new strains each day
ModSecurity WAF Gets New Features
ModSecurity is a free, open-source web application firewall engine for Apache
Data Breach Mistakes Feared More Than Hackers By Compliance Professionals
Fully 61% believed that an accidental breach by an employee was very or somewhat likely
NEI Awarded U.S. Patent For "Digital Fingerprinting" Software
Tech validates software updates for physical and virtual servers and cloud-based application platforms
Videos, Installers, KeyGens, And Social Media Most Popular Attack Bait
The most frequently blocked website in Q1 2011 was a Brazilian site offering a video of the Japanese tsunami disaster
2010 Threats Year In Review: Toolkits Dominated The Cybercriminal Scene
The rise of toolkits turned nontechies into hackers
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
