Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
Equifax Bolsters Personal Information Solutions Suite With Identity Report
Equifax Identity Report provides consumers with a high-level snapshot of their identity information and a summary of their credit standing for their own review or to share with others
Trend Micro Announces New Web Gateway Security Solution
Web Gateway Security solution integrates the InterScan Web Security Virtual Appliance 5.0 product and the new Advanced Reporting and Management module
Proofpoint, Purewire Deliver Joint SaaS Email- And Web-Based Security For College In Georgia
TCSG deployed the Proofpoint ENTERPRISE SaaS email security solution to protect more than 10,000 inboxes
VeriSign Launches 90-Day Free Trial of Identity Protection
VeriSign Identity Protection (VIP) Authentication Service available free for three months to organizations looking to protect their business-to-business portals and customer-facing Web sites
3Com Integrates Security Products With TippingPoint's
The Secure Network Fabric includes the integration of 3Com's industry-leading TippingPoint intrusion prevention system (IPS) technology and its H3C enterprise network and security solutions
HITRUST Working On IT Security Product Certification For Healthcare Industry
HITRUST to streamline process of identifying and evaluating information security solutions
OpenAjax Alliance Delivers Software For More Secure Enterprise Mashups
OpenAjax Hub 2.0 approved as an industry standard for more secure Web 2.0 mashup applications
TrustMe.com Launches Security Solution For Craigslist Users
TrustMe.com supports quick transactions by establishing trust between legitimate users interested in responsible interaction
Conficker/Downadup Dominates BitDefender's Top Ten Threats For August
Conficker re-emerges after eight months as top e-threat, while the second spot goes to an unusual suspect
Webfusion Offers Free SSL Certificates
Offer from Web hosting company available until September 30
Code Green Networks Announces Scalable Data Loss Prevention For Large Enterprises
New CI-3000 appliance extends TrueDLP solution to large-scale deployments
Security Expert From Trustwave's SpiderLabs To Speak At International Association Of Fraud Crime Investigators
Charles Henderson, practice manager for application security, will look at failures in application security that have lead to real-world compromises
Affinion Security Center Augments Personal Information Monitoring Capabilities
Company adds new set of personal identity monitoring benefits to its ID Theft protection suite, dubbed "IdentitySecure Monitoring"
Newmium Working On iXRIOS Secure Operating System
iXRIOS offers high-end data processing with complete security and portability, and a scaled-down version for mobile computing named iXRIOS-Soli
Fluke Networks Completes Acquisition of AirMagnet
Acquisition of AirMagnet could bolster Fluke Networks' position in the fast-growing area of Wi-Fi testing and security
Social Networking Poll Shows Users More Vulnerable Than Ever
AVG and CMO Council survey shows that the widespread and growing use of social networks at home and work is creating serious danger of Web-borne identity theft and infection
BitDefender Offers Twitter Spam Protection Tips
How users can avoid falling prey to some of the most common tricks regularly employed by hackers
ReallyWho.com Launches Web 2.0 Identity Verification Service For Twitter, Facebook
ReallyWho technology uses information generated from public and commercial records to formulate questions that can only be affirmed by the person being verified
WiKID Systems Upgrades Strong Authentication Server, iPhone Token Client
Adds support for Google Apps SSO/SAML protocol, vendor-specific radius attributes, and built-in self-service initial validation module for Active Directory users
Archer Technologies Rolls Out GRC Solution
Business Continuity Management (BCM) solution combines business continuity, disaster recovery, and crisis management
MX Logic: Healthcare Remains Top Spam Category
Hackers also turn up the heat, according to September MX Logic Threat Forecast & Report
Voltage Security Reports Growth For First Half Of Fiscal '09
Total contract value of deals in the first half grows by more than 70%
StillSecure, Force10 Networks Extend Partnership In Convergence Of Network Devices And Security
Companies will enable 802.1x-based network access control (NAC) on all Force10 Ethernet switches
All GSM Calls Under Threat From Hackers
At the recent Hacking at Random (HAR) conference, Karsten Nohl detailed plans for cracking standard GSM cell phone encryption, known as A5/1
Bank Of Hawaii Merchants Achieve Record PCI Compliance
Bank of Hawaii selected SecurityMetrics' PCI Site Certification Services for Merchants to address merchant data security needs for PCI
GlobalSign Partners With Vietnam's Government Licensed Public Certificate Authority
GlobalSign will provide V-SIGN with operational support and consultation services in order to develop and deploy a range of e-government solutions
Accertify, Rapleaf Partner On Online Fraud Protection
Companies announce that Rapleaf's email reputation service will be added to Accertify's Interceptas platform
K7 Computing Launches K7 TotalSecurity Version 10.0
Advanced protection features include "Pre-Installation Super Scanner" tool, which detects and eliminates threats even before the installation of the main package
Atmel To Incorporate Cryptography Research Security Patents In Chips
License also covers software executing on Atmel chips, allowing Atmel's customers to develop their own security countermeasures without a separate license from Cryptography Research
AppGate Launches Version 9.1 Of AppGate Security Server
New features include Chained Authentication and a new virtual appliance image for VMware
HyTrust Unveils HyTrust Appliance 1.5
HyTrust Appliance 1.5 enforces granular authorization of all virtual infrastructure management operations, according to user role, object, label, protocol, and IP address
Sentrigo Extends Database Security Offerings
Hedgehog 3.0 now supports Microsoft SQL Server 2008 running on Windows Server 2008, as well as SQL Server 2005 and SQL Server 2000 running on earlier Windows platforms
Fidelis Rolls Out XPS Edge
Fidelis XPS Edge is aimed at organizations with decentralized network egress points
New App Store Security Application To Protect Core iPhone Component
ContactCrypt 1.6 encrypts sensitive personal and business data stored in the Contacts section of the iPhone
Two SCIPP International Certificate Programs Enter ANSI-CAP Program
Program accredits certificate issuing bodies against the new American National Standard " ASTM E-2659, "Standard Practices for Certificate Programs"
Yoggie, Lenovo Team With 'Always-On' Secured Email
New device combines Lenovo ConstantConnect and Protect 2.0 to allow users to send and receive emails immediately after turning on their laptop
SECNAP Network Security Waives Expense For SpammerTrap Email Security Purchases
For a limited time, hardware will be provided at no charge for all SpammerTrap Email Security appliances purchased with a three-year service agreement
StillSecure Passes SAS 70 Type II Service Audit
Meets audit for the third straight year through its ProtectPoint managed security services
Tata Communications Launches Internet Clean Pipe Service
Managed service will include will built-in DDoS detection and mitigation services
IronKey, Tresys Team On Malware Cleansing Protection For USBs
Companies announce integration of IronKey's FIPS 140-2 Level 3 validated secure flash drives with Tresys' FiST (File Sanitization Tool)
CyberDefender Announces Final Results Of Offer To Warrant Holders
Company raises more than $2 million from proceeds received as a result of the exercise of warrants covering 1,838,952 shares of common stock
Motorola Introduces Wireless LAN Security Solution for Remote Wireless Security Testing
Wireless vulnerability assessment solution helps protect wireless networks from outside threats, reduces third-party consultation costs, and ensures regulatory compliance and reporting
Cyveillance Testing: Leading AV Vendors Not Keeping Pace with Influx of Malware and Phishing Attacks
More than half of active malware and phishing threats on the Internet continue to go undetected
Network Intercept Releases Keystroke Interference Tool
Interferes with both known and unknown keystroke logging malware present on the user's computer
Nominum Upgrades Intelligent DNS System
Lets service providers provide automatic protection to end users against a wide range of Internet threats as soon as they are discovered
Finjan a Permanent Injunction for Infringing Technology Found In McAfee Products
Injunctions and extended damages were granted on McAfee's Webwasher and TSP products
AppGate Launches Version 9.1 Of AppGate Security Server
New release feature chained authentication, new virtual appliance features
Webroot Names New President and CEO
Former IBMer Dick Williams takes the helm at Webroot
PandaLabs: 600% Rise In Users Hit By ID Theft Malware
Economic crisis, black market sales of credit card numbers, Paypal or Ebay accounts could be to blame
Rohati Systems Extends Security Solutions to Virtualized Data Centers and Clouds
Rohati extends its on-premise security solutions to virtualized servers and off-premise cloud environments, software-as-a-service
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
