[Blake]

NTA Monitor has put together a list of the top ten flaws that put a government or business entity at risk. This is following a business report by Verizon that the real threat is from outside the wall, which smashed many security professionals pre-conceived notions that the main threat was from inside. Though the face of exploits and compromises seems to be changing, the original rules stay the same. Patch, firewall, and monitor your systems. Here is the list, do you agree with them?

1. Internet Information Servers internet printing protocol is enabled
2. Open Secure Shell (SSH) buffer management flaw below version 3.7.1
3. Open Secure Socket Layer (SSL) certificate parsing vulnerability
4. Chunked Encoding Vulnerability in Apache
5. Apache mod_ssl Log Function Format String vulnerability
6. Apache mod_ssl CRL Handling Off-By-One Buffer Overflow
7. Berkeley Internet Name Domain version vulnerable to buffer overflow
8. Microsoft Exchange 2000 MS03-46 Heap Overflow
9. Vulnerabilities in mod_ssl
10. Sendmail Remote memory leak buffer overflows

READ MORE