Vulnerability management can feel like an endless climb.
Learn how to focus your efforts, prove the value of your program, and gain trust, budget, and recognition in 4 doable steps.
Penetration Testing has been around for years, but many organizations are missing the mark when it comes to utilizing this security powerhouse. While they understand the need for a penetration test, organizations are challenged with understanding the right level of risk assessment for the organization, the ROI...
Security teams are dealing with more vulnerabilities than they can handle. Spreading these limited resources too thin can quickly lead to inefficiency and burnout. Don't waste precious time remediating vulnerabilities that pose little to no risk.
With risk-based vulnerability management, you'll know exactly which...
To battle against a surge in cybercrime during the COVID-19 pandemic, enterprises need to take several steps, including periodic vulnerability and risk assessment tests and regular audits, says Rajan Pant, founder of IT-SERT of Nepal. Pant also is calling on the government to take action.
The average enterprise has thousands, if not millions, of vulnerabilities. How can you know which are most likely to be exploited - and which pose the biggest risk?
Traditional vulnerability management tools can't answer these questions. A risk-based approach is needed. Read the whitepaper to see how Predictive...
The main methods that organizations use to verify that their systems and data are protected, are vulnerability scans and penetration tests. However, these do not provide a continuous and complete evaluation of an organization's security posture; especially when it comes to more sophisticated, multi-vector...
How much do you know about the supply chain that takes a vulnerability and turns it into an exploit?
In this new report, Tenable Research explores the lifecycle of exploits - from discovery to utilization in a breach. Their analysis of cybercrime economics will help you better protect your organization.
Read the...
The government of India is testing a new instant messaging service for government officials to help ensure the confidentiality of official communications and prevent the leaking of sensitive information.
Iowa prosecutors have dropped all charges against two penetration testers who were contracted to test the electronic and physical security of three judicial facilities, only to be arrested for trespassing. The case highlights how a lack of communication before penetration tests can have serious consequences.
How much do you know about the supply chain that takes a vulnerability and turns it into an exploit?
In this new report, Tenable Research explores the lifecycle of exploits - from discovery to utilization in a breach. Their analysis of cybercrime economics will help you better protect your organization. Read the...
Mitsubishi Electric says hackers exploited a zero-day vulnerability in its anti-virus software, prior to the vendor patching the flaw, and potentially stole trade secrets and employee data. The Japanese multinational firm announced the breach more than six months after detecting it in June 2019.
Microsoft says it's prepping a patch to fix a memory corruption flaw in multiple versions of Internet Explorer that is being exploited by in-the-wild attackers, and it's issued mitigation guidance. Security firm Qihoo 360 says the zero-day flaw has been exploited by the DarkHotel APT gang.
Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
Complex, manual processes and disparate, disconnected tools make it difficult for security and IT teams to mount a cohesive response. Bryce Schroeder of ServiceNow discusses a more effective approach to vulnerability response.
The DHS says the defacement of a U.S. government website over the weekend is not linked to Iranian state-sponsored actors. Attackers posted a pro-Iran message with a photo of President Donald Trump being punched in the face. The website, belonging to the Federal Depository Library Program, is now offline.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
