Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Survey Shows a Security Conundrum
Newest First  |  Oldest First  |  Threaded View
kalexandra
kalexandra,
User Rank: Author
5/8/2019 | 3:45:46 PM
Re: My survey
Users will continue to be the weakest link, which is why doing the top 5 security initiatives will significantly reduce the attack surface in a measurable mannor.
Dr.T
Dr.T,
User Rank: Ninja
4/28/2019 | 3:59:55 PM
Re: My survey
Its important to stress, as you stated, there is no silver bullet. This makes sense. It has to be layered security model to minimize the risks.
Dr.T
Dr.T,
User Rank: Ninja
4/28/2019 | 3:58:24 PM
Re: My survey
Now Malwarebytes is decent but not foolproof, ever and Crowdstrike, Splunk and Carbon Black are acceptable defense walls. That makes sense. These tools may help however when it comes user behavior even those are bypassed in certain cases.
Dr.T
Dr.T,
User Rank: Ninja
4/28/2019 | 3:56:06 PM
Re: My survey
Antivirus doesn't do it, never really has and has only gotten worse. I agree. Attacks are more sophisticated that AV is not capable of catching, so becoming more irrelevant.
Dr.T
Dr.T,
User Rank: Ninja
4/28/2019 | 3:54:18 PM
Re: My survey
End users ARE the cause of almost all problens with phishing still the primary attack and infection entry. That makes sense. We just need to provide better tools so risks coming from employees behaviors are minimized.
Dr.T
Dr.T,
User Rank: Ninja
4/28/2019 | 3:52:52 PM
Employees
found that 85% rely heavily on employees as part of their defense This makes sense as we know employees are the weakest link in the security model.
RyanSepe
RyanSepe,
User Rank: Ninja
4/26/2019 | 9:35:24 AM
Re: My survey
This sentiment needs to be echoed. I always stress actionable intelligence through the reduction of alert fatigue. If you have a proficient security team, you can make optimizations towards automated your toolsets based on the comprehension of the environment. Your forementioned toolsets are viable. But funneling them into a single pane of glass is ideal (SIEM). 

Its important to stress, as you stated, there is no silver bullet. But you need to maximize your Security workforce by maximiing your actionable intelligence. It is grueling work that takes its toll. So its important to do some work upfront to preserve this workforce while preserving an acceptable security posture.
REISEN1955
REISEN1955,
User Rank: Ninja
4/24/2019 | 2:16:27 PM
My survey
I have "complete confidence" in nothing, not 100% ever.  Nothing is comprehensive.  End users ARE the cause of almost all problens with phishing still the primary attack and infection entry.  They still open emails and click on links.  Antivirus doesn't do it, never really has and has only gotten worse.  Now Malwarebytes is decent but not foolproof, ever and Crowdstrike, Splunk and Carbon Black are acceptable defense walls.  You need good security staff with knowledge and ability too.  You have to respond fast and faster.  And your security staff NEEDS a rest from it all too - it is demanding work and soul-breaking in many ways.  The days of Peter Norton are long gone.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Promise and Reality of Cloud Security
Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises address the associated security risks. This report - a compilation of cutting-edge Black Hat research, in-depth Omdia analysis, and comprehensive Dark Reading reporting - explores how cloud security is rapidly evolving.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-0658
PUBLISHED: 2023-02-03
A vulnerability, which was classified as critical, was found in Multilaser RE057 and RE170 2.1/2.2. This affects an unknown part of the file /param.file.tgz of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The ide...
CVE-2022-38389
PUBLISHED: 2023-02-03
IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233975.
CVE-2022-22486
PUBLISHED: 2023-02-03
IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226328.
CVE-2023-0634
PUBLISHED: 2023-02-02
An uncontrolled process operation was found in the newgrp command provided by the shadow-utils package. This issue could cause the execution of arbitrary code provided by a user when running the newgrp command.
CVE-2022-48114
PUBLISHED: 2023-02-02
RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable.