Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
New Release Of Mocana MAP Showcases Built-In Secure Browser
MAP helps enterprises meet compliance and audit requirements
Tenable Adds New Passive Vulnerability Scanner (PVS) To Nessus Family
PVS will be available at the end of August as a standalone product
PhishMe Unveils Phish Reporter At Black Hat USA 2013
Outlook Add-in aggregates and normalizes user-provided reports of suspicious emails
SnoopWall Warns: Beware Of Android Malware
Company notes increase in number of malicious apps flooding the market
Symantec Posts Better Than Expected Earnings For Q1 FY14
GAAP revenue for the fiscal first quarter was $1.71 billion
HALOCK Investigation Finds That 25% Of Sampled Colleges And Universities Are Putting Student And Parent Private Financial Data At Risk
HALOCK sampled 162 institutions in the United States and found 41 that encouraged scanning and emailing unencrypted documents
NetFlow Logic Launches Cyber Threat Security Suite
Suite includes real-time threat detection of Botnet Command and Control (C&C) Hosts, APT1, and Malicious Hosts by IP Reputation
ThreatTrack Security To Provide Automated Remediation For APTs And Zero-Day Threats
The Spyder Initiative addresses lack of automated malware remediation
NSS Labs Unveils New Threat Modeling And Threat Forecasting At Black Hat USA
Services help customers better understand their risk and distill actionable threat intelligence
ICS-ISAC Announces Corporate Board
Execs from IBM, Verizon, SAIC, and PwC join board
Sophos Offers Hourly Pricing Model For UTM Via AWS
Sophos UTM now available via a new hourly billing model
Survey Reveals IT Leaders’ Top BYOD And DaaS Concerns
Navisite survey reveals that while 80 percent of IT leaders surveyed agree that BYOD is the new normal, only 45 percent have a formal BYOD policy in their place
Network Access Control Evolves Into Endpoint Visibility, Access And Security (EVAS) Market, Says ESG
ESG projects that as NAC transforms into EVAS it will become even more of a mainstream IT technology
Report: 83% Of Mobile Apps Are Risky
Summer 2013 App Reputation Report to examine the hidden behaviors behind free and paid mobile apps
ThreatConnect Launches Collaborative Threat Intelligence Platform
ThreatConnect combines threat analysis capabilities with social-sharing technologies to detect advanced cyberthreats
OpenDNS Integrates Predictive Detection Capabilities Into Cloud-Delivered Web Security Platform
Umbrella Web security platform can identify, prevent, contain, and inform on advanced cyberattacks without the need for a malware sample or attack data
FireHost Report Suggests Commodity Cloud Providers Are Bolstering Botnet Agility
Q2 2013 sees sharp increase in blended, automated attacks
SSH Communications Security Unveils General Availability Of SSH Risk Assessor Tool
Free tool provides users with a clear report on risk and compliance exposures in Secure Shell environments
Splunk Showcases Security Intelligence Solutions
Applications have a wide range of use cases, including investigating incidents, detecting advanced threats and improving security and compliance posture
Honoring Black Hat's Sweet 16, Venafi Report Chronicles 16 Years of Attacks, Offers Advice On Defending Against Advanced Threats
Chronicled in the report are the different eras of attacks and attackers, with factual examples of attacks and exploits from each period
Anti-Scraping Scanning Tool Reveals Web Site Vulnerabilities To Block Web Scraping Snd Data Mining
System produces an actionable list of recommendations for Web site owners
RSA Adaptive IAM Goes Mobile With Acquisition Of PassBan
PassBan is ae developer of mobile and cloud-based multifactor authentication technology
IBM Unveils New Software To Help Organizations Identify And Predict Security Risk
QRadar Vulnerability Manager helps identify, sort, contextualize, and prioritize network vulnerabilities
China, Ukraine And Saudi Arabia See Record Growth in Malware Threats In 2013, According To NQ Mobile Mid-Year Report
Fake apps, malicious URLs and SMS scams responsible for majority of the estimated 21 million device infections
NSA's First Annual "Science Of Security Competition"
Winning paper was written by Dr. Joseph Bonneau, who now works for Google
New Study Shows Enterprises NOT Prepared For Cyberattacks
Respondents say they have seen an uptick in more sophisticated and targeted malware attacks over the past 24 months
Bit9 Introduces The Bit9 Platform For Mac
Bit9 for Mac defends enterprises against advanced threats
Reputation.com Acquires Online Platform MySocialCloud
MySocialCloud is a cloud-based platform that enables users to manage all logins and passwords from a single place
C-Level Executives Lack Confidence In Their Cybersecurity
Nearly 70 percent of C-level executives are concerned their companies are vulnerable to sophisticated malware attacks, but many not adopting best practices in technology and personnel
Riskive Closes $2.2M Seed Round
Riskive protects government and enterprise organizations from social cyberthreats
Technical Director Of PandaLabs Re-Elected To AMTSO Board
Luis Corrons ' thrilled and honored to be re-elected to the AMTSO Board for another three-year term'
Centrify Delivers Advanced Security And Auditing to Mitigate Internal Threats To Cloud And On-Premise Servers
Centrify Suite 2013 Release 2 leverages existing directory infrastructure
Trend Micro Brings Cloud & Data Center Security To The Midmarket With Enhanced Channel Program
Updates include improvements to the Deal Registration and Specialization Programs
SailPoint Debuts Enterprise-Grade IAM-As-A-Service Suite
SailPoint IdentityNow services that will be available this quarter include SSO, access certifications, and password management.
CSA Unveils PRISM Survey Results
In light of recent revelations about government access to customer information, 56% of non-U.S. residents are now less likely to use U.S.-based cloud providers
Alcatel-Lucent Reports Rising Cases Of Malware And Breaches Of Cybersecurity On Broadband Devices And Smartphones
New data shows that security threats to fixed and mobile broadband networks are on the rise as global consumer usage continues to grow
Solera Networks Introduces Blue Coat ThreatBLADES
Solution unifies threat intelligence, big data security analytics, and security visibility
Webroot And RSA Team Up To Deliver Real-Time Phishing Detection
Companies to provide additional real-time phishing detection to RSA FraudActionSM Anti-Phishing Service
73 Percent Of OpUSA Compromised Sites Were Hosted In Microsoft IIS Web Servers
Solutionary's Security Engineering Research Team (SERT) has released its Quarterly Threat Report for the second quarter of 2013
Alert Logic To Announce Strong Q2 Results
To date, Alert Logic has more than 2,200 customers using its Security-as-a-Service solutions
CSIS Releases Study Linking Cybercrime To Job Loss
McAfee-sponsored report quantifies economic impact of cybercrime
HBGary To Launch New Incident Response Command Center Technology At Black Hat
V-App for Incident Response Command Center integrates and manages all incident data
BAE Systems And Bayshore Networks Expand Strategic Partnership To Defend Against Advanced Cyber Threats
BAE Systems will resell and distribute Bayshore’s SingleKey, Bayshore SCADA Firewall, and SingleView
RiskIQ Secures $10 Million Series A Investment From Summit Partners
RiskIQ uses a global proxy network spanning nearly 40 geographic locations to monitor key websites and mobile applications
21CT Enhances Security Intelligence With LYNXeon v2.29
Update includes enhanced graph database and inclusion of LYNXeon Connect
Smart Card Alliance Identity Council Urges Use Of Smart Cards For Security, Privacy In NSTIC Identity Ecosystem
White paper reviews NSTIC initiatives and discusses how smart card technology can provide the credentialing capabilities
Tripwire Announces New Version Of TRIPWIRE Log Center Solution
Tripwire Log Center solution is powered by the Tripwire VIA agent
SIA Standards To Launch SNMP MIB Project
Effort will define security-specific set of attributes
Weak Help Desk Security Traced To Lack Of Training, Loose Processes And Too Much 'Helpfulness'
RSA announces new report by the SANS Institute spotlighting the threats and privacy issues facing help desks
Rapid7 Releases Solutions Portfolio Update
New capabilities in the release include Metasploit MetaModules that provide automated security testing
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
