Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
ACTi And Twonky Directory Traversal Vulnerabilities Disclosed By Digital Defense
DDI has disclosed multiple disclosures in recent months
Blackbird International Corporation Announces Its Acquisition of Insight ID
Insight ID is a real-time authentication service
Sourcefire Announces First Quarter 2012 Financial Results
Company increased commercial U.S. revenue 28 percent compared to the same quarter last year
Akamai Releases Fourth Quarter 2011 'State Of The Internet' Report
China top source of observed attack traffic
Symantec Releases Internet Security Threat Report, Volume 17
Number of malicious attacks skyrocketed by 81 percent
Gigamon Partners With ForeScout
Companies to provide an integrated set of network management and visibility solutions
ISSA-LA Offers Free Registration Program For NonProfits
Registration is open to anyone interested in learning more about information security
Shape Security Closes $6 Million Series A Funding Round
Round led by Kleiner Perkins Caufield & Byers and Google executive chairman Eric Schmidt's TomorrowVentures
Dome9 Security Introduces One-Click Cloud Server Secure Access
Browser-based application enables one-click secure access to any server and any cloud for Google Chrome users
Privacy Rights Groups Voice Opposition To CISPA
Cyber Intelligence Sharing and Protection Act "explicitly supersedes all standing online privacy protections," opponents say
Black Hat Expands Content Review Board
Chris Rohlf and Chris Wysopal join board
PayPal Surpassed By Taobao As Most Phished Brand
Taobao.com is one of China's largest e-commerce sites
Trustworthy Internet Movement Picks SSL Implementation And Governance As First Initiative
TIM also launched SSL Pulse, an index that tracks the progress of how well SSL is implemented
Metaforic Announces Protection For Android Applications
Android application developers can harden their applications to minimize hacking vulnerability
Lumension Endpoint Security Suite Integrates Cloud-Based Integrity Service
Service will now be available within the Lumension Endpoint Management and Security Suite management console
Solera Networks Takes Security Out Of The Box
Rolls out new version of DeepSeer Software
Norton And Facebook Partner To Make Web Safer
Partnership brings Norton protection to Facebook members
SSH Communications Security Unveils SSH User Key Management Solution
Solution is first new extension of its SSH Information Integrity Platform
BT Assure Adds Intelligence And Innovation For The New Security Reality
Exclusive BT research shows opportunity for organizations to "rethink the risk"
ValidEdge Unveils Portable Malware Intelligence System
ValidEdge MISbook 2300 can analyze up to 1,000 malware samples per day in a fully functional laptop
European Online Fraud Increases 60%
iovation also announces launch of European data center
Trend Micro Announces Partnership With Facebook Offering Users Protection For Their Digital Life
Trend Micro Smart Protection Network uses cloud technology, threat correlation, and a global network of threat intelligence sensors to stop malware and Web threats
IBM Announces New Threat Analytics To Help Organizations Better Identify Hidden Security Attacks
QRadar Network Anomaly Detection appliance analyzes complex network activity in real-time
Courion Leverages NaviSite's Enterprise Cloud To Deliver Identity And Access Management Software-As-A-Service
Courion selected NaviSite for its global footprint
New Vormetric Release Uses Chips To Make Enterprise Encryption Invisible
Vormetric Encryption V5 includes scalability enhancements
Dirty Disks Raise New Questions About Cloud Security
Context Information Security IDs potentially significant flaws in the implementation of cloud infrastructure services
NetDNA And GlobalSign Bring Instant Provisioning To Web Security With EdgeSSLT Service
EdgeSSL is a one-stop SSL Certificate solution for the NetDNA content delivery network
Websense Reports Record First Quarter Billings On Strong TRITON Performance
First quarter revenues of $89.5 million, up 1 percent year-over-year
LANDesk Acquires Data Analytics Company
Managed Planet marks LANDesk's fifth acquisition
Arbor Announces New Version Of Peakflow SP
New features within the platform include ATLAS Intelligence Feed
Bocada Announces Physical And Virtual Data Protection Management In Single Solution
Bocada vpConnect correlates data protection activities across environments
SureCloud Launches Unified Compliance Platform
SaaS solution helps midmarket organizations automate and simplify security and compliance processes
CORE Security Announces CORE Insight Enterprise 2.0
With version 2.0, CORE Insight now offers a comprehensive set of vulnerability management capabilities
Air Force Wins NSA's 12th Annual Test Of Cyber Defense
Marks third win since annual competition began in 2001
McAfee Announces Next-Generation Situational And Risk-Aware SIEM
McAfee Enterprise Security Manager has a scalable database that was built to handle big security data
One In Five Macs Harbors Malware, Sophos Research Reveals
Both Windows and Mac threats were discovered
New Norton Secured Seal Trust Mark Unveiled
Symantec unites the power of the VeriSign and Norton
VidSys And Activu Partner to Enhance Situational Awareness And Collaboration For Public Sector
Combination of VidSys PSIM software with Activu’s IP-based visualization and collaboration solution provides an open standards, network-based solution
DISA Selects HP To Enhance Assessment Of Networks For Vulnerabilities
Program will provide analytics to enable the assessment of DoD enterprise networks and connected IT systems
VASCO Launches MYDIGIPASS.COM
Gives consumers access to convenient and secure login services to various Web applications
Lookout Announces Partnership With Deutsche Telekom
Partnership focuses on distribution and joint innovation
Sophos Publishes 'Dirty Dozen' Report -- India Takes The Spam Crown
Malicious spam and phishing increases, while overall volumes dip
National Collegiate Cyber Defense Competition Champion Crowned
Top three finalists from University of Washington, U. S. Air Force Academy, and Texas A&M University
61% Of IT Security Professionals Are Concerned About Attacks From Anonymous And Hacktivists
Bit9 survey also showed that IT executives are most concerned about malware and spear phishing attacks
New Survey: 70% Of Orgs Don't Take Data Protection Seriously
Majority of organizations in this study are failing to comply with SOX, others, Varonis study shows
10 Things To Consider Before Purchasing Cyber Insurance
ID Experts has created a free checklist to help guide companies
Spy Software For Tablets Released
Retina-X Studios unveils PeekTab multiplatform monitoring software for tablets
NCP Engineering Debuts Universal VPN Client For Android 4.0
Now available for free download in the Google Play store
Certes Networks Releases Virtual Security Appliance
Encryption solution protects network traffic inside IaaS clouds and between customer locations
Faronics Announces New Anti-Executable Product
Faronics Anti-Executable 5.0 boosts defense against advanced persistent threats, sophisticated malware and zero-day attacks
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
