Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
|
McAfee Report Uncovers Ransomware Resurgence
McAfee Labs sees 504 new threats per minute in Q1 2019; data breaches facilitate attacks on large organizations; majority of targeted attacks bet on victims' unwitting compliance.
Business Losses to Cybercrime Data Breaches to Exceed $5 trillion by 2024
Cybersecurity Breaches to Increase Nearly 70% Over the Next 5 years
Survey: SMBs Continue to Struggle with IT Security
SMBs cite budget constraints, paired with a lack of time and personnel to research new security threats, among the reasons.
Space ISAC and National Cybersecurity Center Announce MITRE Will Be an ISAC Founding Member
New Information Sharing and Analysis Center Adds New Founding Member to Board
Cyberbit & Purdue Partner to Advance Cybersecurity Workforce Education & Training
Cyberbit's cyberattack simulation platform will be used to enhance the skills of career professionals.
Federal Grand Jury Indicts 80 Defendants in International BEC Scams
Defendants are charged with various online frauds including business email compromise, money laundering, romance scams, and schemes targeting the elderly.
Veracode Releases Advanced Software Composition Analysis Solution Decreasing Open Source Risk
Cloud-based solution helps developers prioritize and remediate open source vulnerabilities quickly within DevSecOps environments.
Remediant Secures $15 Million in Series A Funding Round Co-led By Dell Technologies Capital and ForgePoint Capital
Remediant’s SecureONE solution addresses major industry need for more effective Privileged Access Management
JASK Integrates with Cisco Security Portfolio, Joins Cisco Security Technical Alliance
JASK’s cloud-native SIEM now integrates with Cisco ASA, Umbrella and AMP4EP.
Morphisec Announces 2019 Women in Cybersecurity Scholarship Winners
Scholarships Awarded to Three Female Students to Encourage Young Women Poised To Enter The Cybersecurity Field Globally
OwnBackup Appoints Adrian Kunzle as Head of Product & Strategy
Cloud-to-cloud backup innovator adds Salesforce veteran.
ZeroFOX Launches Election Protection Package
AI-powered solution provides continuous protection across digital and social media channels; safeguards candidates, campaigns, and political organizations from threats targeting elections and election-related activities
Global Cyber Alliance Launches Cybersecurity Development Platform for Internet of Things (IoT) Devices
New AIDE Platform Enables IoT Device Manufacturers to Test Security, Identify and Mitigate Global Attack Risks, and Identify Vulnerabilities
Deloitte and Splunk Provide Automated Security Monitoring and Response Capabilities to Organizations Worldwide
Capability is designed to enable clients to more effectively detect, defend and respond to critical cyber threats
Microsoft, Imprivata Launch Cloud Access Security Tool for Healthcare
Imprivata Identity Governance enables customers to manage the provisioning, tracking, and deprovisioning of users in hybrid on-premises and cloud environments.
70% of Financial Companies Suffered a Cybersecurity Incident in the Past 12 Months
Nearly half originated from employees failing to follow security protocol or data protection policies, according to Clearswift.
Code42's Data Loss Detection and Response Capabilities Spot Data Theft When Employees Quit
Integrates with IBM Resilient to speed incident response to data loss, leak, and theft.
New Cyber Research Records a 91% Reduction in Dwell Time for Users of Deception Technology
70% of Users Highly Familiar with Deception Technology Report a High Confidence for Detecting In-Network Threat
McAfee to Acquire NanoSec to Enhance Capabilities in Cloud Security
NanoSec's multi-cloud, zero-trust application visibility and security platform further extend McAfee's cloud access security broker (CASB) and cloud workload protection platform (CWPP) capabilities.
ZeroFOX Expands AI Capabilities to Detect Deepfakes
New video analysis features analyze content and identify risks.
Capsule8 Adds Significant Funding from Intel Capital
Strategic investment to fuel expansion of Capsule8's go-to-market efforts.
Censys To Unveil Attack Surface Visibility Platform at Black Hat
Enterprise-level attack surface management software platform provides automatic attack surface monitoring and real-time alerts.
QOMPLX Launches Identity Assurance 2.1 For Active Directory Monitoring And Security
Module can quickly detect a Kerberos-based attack.
SiteLock Announces Solution to Automatically Remove Malware & Spam from Website Databases
New enhancements to SMART Database extend support across WordPress, Joomla!, and any other web application that uses a MySQL database.
Bugcrowd Announces Platform-Enabled Cybersecurity Assessments for Marketplaces
Bugcrowd for Secure Marketplaces enables bulk adoption of crowdsourced security for marketplace and app store owners.
Bugcrowd Establishes Standard for Crowdsourced Security Workflow Management
New standardized workflows, advanced reporting, and enhanced skills matching help operationalize true security intelligence.
CrowdStrike Introduces CrowdScore Real-Time Threat-Monitoring Metric
Score helps security leaders understand the real-time state of the threat inside their organizations.
Arctic Wolf Introduces Arctic Wolf Agent for Endpoint Protection
Tool provides telemetry to understand the status of endpoints including asset information, operational metrics, and key behavioral insight from vulnerability scans.
Irdeto Unveils Mobile App Protection Service
Zero-touch mobile app protection service with machine learning empowers developers to focus on time-to-market and business logic.
Evolve Security Opens NSA'S GenCyber Cypersecurity Camp for Girl Scouts
National Security Agency's program introduces girls to cybersecurity.
Digital Guardian Releases Free Forensic Tool
DG Wingman can instantly extract key forensic artifacts, such as the Master File Table ($MFT), Windows registry, and Windows event logs for further analysis.
Everbridge Announces Acquisition of NC4
Acquisition creates the industry's only end-to-end critical event management and threat assessment platform to keep people safe and business operations running.
FireEye Expands Cloud Server Protection and Investigation Capabilities
New versions of FireEye Network and Endpoint Security work together to enhance detection and investigation capabilities, protecting cloud, on-premise, and hybrid deployments against emerging attacks
Capsule8 Announces New Investigations Capability for Securing Linux Production Networks
Capsule8 Protect now solves production security’s data warehousing problem
Zerto Research Highlights Business Need for IT Resilience Planning
Perception gap among IT and business decision makers contributing to lack of IT Resilience maturity.
|
The 10 Most Impactful Types of Vulnerabilities for Enterprises TodayManaging system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
