Security Threats and Vulnerabilities Management

Security Threats and Vulnerabilities Management News

October 26, 2010 26 Oct'10
SecTor 2010: Researchers demonstrate malware samples used in targeted attacks

Security researchers from Trustwave's Spiderlabs research team demonstrated malware,--including a Windows credential stealer--that uses automated processes to avoid detection and dupe forensics investigators.
October 14, 2010 14 Oct'10
Microsoft releases free regular expression patterns fuzzing tool

SDL RegEx Fuzzer examines regular expression patterns and whether they can be exploited causing a denial-of-service (DoS) attack.
October 13, 2010 13 Oct'10
Midmarket financial firms grapple with internal, external security threats

In the wake of the global economic crisis, many financial firms are struggling to meet tough regulations while defending against both accidental data leakage and a constant barrage of external attacks.
June 29, 2010 29 Jun'10
McAfee launches SaaS antimalware, Web filtering service

McAfee fully integrates its acquisition of MX Logic, rolling out a cloud-based antimalware Web filtering service aimed primarily at small- and mid-sized -businesses.

Bring yourself up to speed with our introductory content

network scanning

Network scanning is a procedure for identifying active devices on a network by employing a feature or features in the network protocol to signal devices and await a response. Continue Reading
malware (malicious software)

Malware, or malicious software, is any program or file that is harmful to a computer user. Continue Reading
endpoint security (endpoint security management)

Endpoint security is an approach to network protection that requires each computing device on a corporate network to comply with certain standards before network access is granted. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Midmarket security tutorials

SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge ... Continue Reading
Outsourcing data center services: SMB security best practices

Learn best practices for outsourcing data center services and about the security and compliance considerations that influence whether an SMB should outsource data center services. Continue Reading
Considering two-factor authentication? Do cost, risk analysis

One-time passwords and other technologies are effective protection, but midmarket companies have to consider the expense and management overhead. Continue Reading

Learn to apply best practices and optimize your operations.

Unix SSH example configurations that boost Unix security

Using a Secure Shell (SSH) is a better way to manage Unix servers than command-line access or Telnet, and expert Joel Snyder details three simple modifications you can make in SSH to make your servers more secure. Continue Reading
How to use an edge firewall for network bandwidth management

These five tips will help your organization apply quality-of-service controls on a network perimeter firewall. Continue Reading
Buffer overflow prevention: Add apps to Microsoft EMET with command line configuration

Adding vulnerable applications to the Microsoft Enhanced Mitigation Experience Toolkit is simple once you've mastered the command line configuration tool. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Learn how to utilize a free spam-filtering service for your SMB

Learn how a Web-based free spam-filtering service can secure email and prevent spam from attacking your enterprise. Continue Reading
A step-by-step SMB IT security risk assessment process

Assessing your organization's security threats and risks takes just five steps, says Robbie Higgins. Check out his quick guide to the SMB security risk assessment process. Continue Reading
Three pen test tools for free penetration testing

Nmap, Nessus and Nikto are penetration testing tools that security operators can use to conduct pentests on their networks and applications. Continue Reading