Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
HP Study Finds Nearly 70 Percent of IT Professionals Experience Weekly Phishing Attacks
Six out of 10 attacks stem from malicious communication with the
command and control site
Belden Introduces Versatile New Industrial Router and Security Appliance
GarrettCom Magnum 10RX Features Designed to Benefit Power Utility and Transportation Industries
Trend Micro Adds VMware NSX Interoperability
New capabilities solidify position in cloud and data center security
Netskope and Box Team Up
Netskope gives IT a way to guide users to Box from unsanctioned apps, prevent data loss in Box across any endpoint, and ensure security for the OneCloud ecosystem
Security-as-a-Service Gets VMware Ready - vCloud Air Status
Company Brings Managed IDS and Log Management Capabilities to vCloud Air Customers
Bayshore Networks® Announces Major Release of SingleView
Bayshore’s management component now provides global management and access control for Pallaton™ policies and YARA rules.
Blue Coat Reveals Security Risks From "One-Day Wonders" Websites
Research Study finds 470 Million Websites Exist for Less Than 24 hours; 22 Percent Used to Facilitate Attacks
Qubitekk To Receive Federal Funding To Help Protect Nation's Power Grid From Cyber Attack
DOE provides $3 million grant for quantum encryption technology development.
Let the Hacking Begin: NYU Launches Largest Cyber Security Student Contests
Yahoo Chief Information Security Officer Alex Stamos to Keynote 11th
Annual NYU Polytechnic School of Engineering's Cyber Security Awareness Week Finals
Zumigo Raises $6M to Expand Secure Payments and eCommerce with Mobile Device Location and Identity Verification
Intel Capital Leads Series B Financing; Latest Funding to Expand Company’s Delivery and Development of Mobile Location Intelligence Solutions Uniquely Authenticating and Securing Mobile Commerce
Survey: Impact of Target Data Breach on Cybersecurity Budget, Executive Awareness Diminishing
Tripwire survey examines views of information security professionals at annual IT security conference
Lastline Secures $10 Million Funding Round
Funding from Dell Ventures, Presidio Ventures, Redpoint Ventures and eVentures to Extend the Lastline Advanced Malware Defense Platform, Security Team and Strategic Partnerships
Gartner Says Worldwide Information Security Spending Will Grow Almost 8 Percent in 2014 as Organizations Become More Threat-Aware
Analysts to discuss security trends at Gartner's 2014 Security and Risk Management Summits August 25-26 in Sydney, September 8-9 in London and September 15-16 in Dubai.
LogRhythm Launches Threat Intelligence Ecosystem and Related Security Analytics Suite to Detect High-Risk Cyber Threats
CrowdStrike, Norse, Symantec, ThreatStream and Webroot Join Industry’s First and Only Threat Intelligence Ecosystem
Lumeta Joins Amazon Web Services Marketplace
Lumeta ESI Real-Time Network Situational Awareness Now Available for AWS Subscribers
Report: 61% of enterprises not prepared for insider threats
Majority Do Not Believe They Are Adequately Prepared, Leaving Enterprises Vulnerable to Fraud, Data Breaches and IP Theft
New England’s Advanced Cyber Security Center and the Western Cyber Exchange Demonstrate Major Cybersecurity Advancement
Exchange demonstrated the possibility of a national and global network of organizations sharing cyber threat information.
vArmour Raises $36 Million to Protect the Data Defined Perimeter
Menlo Ventures, Columbus Nova Technology Partners And Citi Ventures Contribute Funds to Accelerate Development Of Disruptive Technology, Scale To Meet Global Demand
More than Half of Consumers Share Passwords Leading to Security Concerns
Research reveals consumers leaving back door open to hackers by signing up for automatic log in options.
Lumen21 Launches HITRUST “Compliant Cloud Computing” Solution
Secure Infrastructure-as-a-Service environment is fully compliant with Healthcare, Financial services, Retail and other industry regulations
GuardiCore Raises $11 Million for Data Center Security in Financing Round Led by Battery Ventures
Advanced, Scalable Network Security Protects Modern Data Centers from Cyber-attacks
The Mind of Hackers: 86% Don’t Believe They’ll Face Repercussions
Thycotic Black Hat 2014 Hacker Survey also finds 88% of hackers fear theft from other hackers
IBM Acquires Cloud Security Services Provider Lighthouse Security Group
Simplifies Identity Protection in the Age of Mobile, Social and Cloud
ICANN Approves Name Collision Occurrence Management Framework
Special IP Address (127.0.53.53) Alerts System Administrators of Potential Issue
Thoma Bravo to Make Significant Investment in SailPoint
SailPoint Poised for Continued Aggressive Growth
Porticor Enhances Microsoft SQL Server Encryption With Cloud Key Management Security For Complete Database Protection
Porticor virtual private data system leverages software-defined key management to eliminate complexities and risks found in traditional hardware encryption security modules
Pwnie Express Announces “Pwn Pulse” SaaS Security Assessment Solution
Solution Enterprise-class Offering Combines Pwnie Express Sensors with Central Management for Remote Location Intelligence
Survey: 80 Percent of IT Security Professionals Say They Can Detect a Data Breach on Critical Systems Within a Week
Tripwire survey examines views of information security professionals at annual IT security conference
New Visa Service to Help Gas Station Retailers Reduce Fraud at the Pump
Intelligent analytics help merchants identify fraud before it happens;
Fraud rate dropped more than 20 percent in pilot test
Vectra Networks Raises $25M to Empower Enterprises in Their Battle Against Cyber Attacks
Accel Partners Leads Series C Funding with Eric Wolford Joining the Vectra Board; Latest Financing Further Validates Vectra’s Unique Approach of Detecting and Prioritizing Cyber Attacks in Real Time
Whitebox Security’s New Version Accelerates Compliance & Data Governance
WhiteOPSTM increases management oversight, delivers 360O forensics, and provides “What If” analysis
BlackBerry Further Expands Security Credentials with New Government Approval for Multi-Platform Management
Secure Work Space for iOS and Android receives Security Technical Implementation Guide approval for the U.S. Department of Defense
SilverSky partners w/ CTC
Partnership with Leading IT Solutions Provider in Japan will drive global growth of SilverSky’s Managed Security Services
Oracle Customers Secure Critical Encryption Keys With Oracle Key Vault
New solution enables centralized management of Oracle Database encryption master keys, Oracle wallet files, Java KeyStores, and more.
Core Security Helps Customers Protect Critical Business Assets At Risk
Think Like An Attacker technology uses advanced analytics to identify and prioritize vulnerabilities for remediation.
6Scan Announces Automated Malware Quarantine for Websites
New protection works at the web application layer to respond
in real time to emerging malware threats
RiskIQ Provides X-Ray Visibility Into Security Threats Outside The Firewall
Platform automates global discovery, assessment and intelligence gathering to remediate malware planted in companies' websites and mobile apps.
Microsemi Continues its FPGA Security Leadership for Secure Boot
Significantly Increasing Security for Critical Communication, Industrial and Defense Applications, Patent Solution Provides Resistance to DPA Attacks
Digital Guardian Debuts at Black Hat Security Conference
Verdasys re-launches under company’s flagship product name, reflecting its focus on guarding data as the network perimeter dissolves and attacks from insiders and outsiders grow more sophisticated
OpenDNS Makes 3D Cyber-Attack Detection Technology Freely Available
OpenGraphiti Enables Security Researchers to Easily Analyze Massive Amounts of Data to Detect Patterns and Uncover Threats
Gillibrand Introduces New Cyber-Security Legislation After New 9/11 Commission Report Released Last Week Concluded A "9/10 Ability To Protect Against Cyber-Attacks"
New Cyber Information Sharing Tax Credit Would Incentivize Critical Infrastructure Businesses to Join Information-Sharing Organizations to Strengthen Their Cyber Security
Onapsis Research Labs releases six new critical security advisories for companies using SAP
Latest threats target key administration capabilities for SAP HANA and allow remote attackers to access restricted functionality to gain access to any organization’s secure information
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
