Network security

Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.

Top Stories

Opinion 24 Oct 2025
Cybersecurity Awareness Month: The endpoint security issue

Device diversity and hybrid work models challenge IT teams. New research reveals the gap between managed endpoints and actual security coverage. Continue Reading
By
- Gabe Knuth, Principal Analyst
- Omdia
  Intelligence and advice powered by decades of global expertise and comprehensive coverage of the tech markets.
Opinion 21 Oct 2025
How single-vendor SASE can deliver better security results

SASE vendor deployment trends show gradual change, with single-vendor adoption rising from 2% in 2023 to 17% in 2025, according to research findings. Continue Reading
By
- John Grady, Principal Analyst

Definition 20 Oct 2025
What is an IP address (Internet Protocol address)?

An Internet Protocol (IP) address is a unique numerical identifier for every device or network that connects to the internet. Continue Reading
By
- Paul Kirvan
- Kinza Yasar, Technical Writer
Tip 16 Oct 2025
7 top deception technology vendors for active defense

Once reserved for the most mature organizations, cyber deception technology is picking up steam on the ground and in practice. Here are seven platforms for CISOs to consider. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Tip 26 Sep 2025
What to know about 5G security threats in the enterprise

Learn about key 5G security threats facing enterprises, plus practical defense strategies for CISOs. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Definition 18 Sep 2025
What is hardware security?

Hardware security is vulnerability protection that comes in the form of a physical device rather than software installed on a computer system's hardware. It also refers to the protection of physical systems from harm. Continue Reading
By
- Nick Barney, Technology Writer
- Kinza Yasar, Technical Writer
Tutorial 17 Sep 2025
How to use arp-scan to discover network hosts

An arp-scan delivers a fast, focused scan of an organization's local subnet. It is not fancy, but it's an easily controlled method to learn exactly what's connected. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Definition 09 Sep 2025
What is crisis communication?

Crisis communication is a strategic approach to corresponding with people and organizations during a disruptive event. Continue Reading
By
- Paul Kirvan
- Rahul Awati
- Paul Crocetti, Editorial Director
Definition 03 Sep 2025
What is file integrity monitoring (FIM)?

File Integrity Monitoring (FIM) is a security process that continuously monitors and analyzes the integrity of an organization's assets by comparing them against a trusted baseline to detect unauthorized changes or suspicious activity. Continue Reading
By
- Kinza Yasar, Technical Writer
Definition 28 Aug 2025
What is network security? Definition and best practices

Network security encompasses all the steps taken to protect the integrity of a computer network and the data within it. Continue Reading
By
- Kinza Yasar, Technical Writer
- Nick Barney, Technology Writer
- Ben Lutkevich, Site Editor
Tutorial 27 Aug 2025
How to use Masscan for high-speed port scanning

Masscan delivers a quick assessment of open ports and listening services, but it helps to pair the utility with other scanning tools, such as Nmap. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Tutorial 26 Aug 2025
How to use Netdiscover to map and troubleshoot networks

Read installation info, basic commands and practical applications for Netdiscover, an ARP-based tool that identifies live hosts, detects unauthorized devices and enhances security. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Tutorial 19 Aug 2025
Use ssh-keygen to generate new key pairs: A full tutorial

Use ssh-keygen to create new key pairs, copy host keys, use a single login key pair for multiple hosts, retrieve key fingerprints and more. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Tutorial 15 Aug 2025
SSH tunneling explained: A tutorial on SSH port forwarding

SSH tunneling creates secure encrypted connections through private and untrusted networks, enabling remote access, bypassing restrictions and protecting sensitive data transfers. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Feature 11 Aug 2025
How to use Nmap to scan ports: A complete tutorial

Nmap is a versatile open source security tool that scans ports to identify vulnerabilities, test firewall rules, inventory networks and troubleshoot connectivity issues. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Tip 08 Aug 2025
How to prevent DoS attacks and what to do if they happen

The worst DoS attacks are like digital tsunamis that put critical business operations at risk. Learn how they work, ways to stop them and how systems can withstand the flood. Continue Reading
By
- Rob Shapland
Feature 08 Aug 2025
Experts weigh in on securing AI effectively

Using AI comes with security risks. Learn what the top attack vectors and privacy threats are, then discover how to mitigate them through proper strategy, monitoring and more. Continue Reading
By
- Brenda L. Horrigan, Executive Managing Editor
Definition 07 Aug 2025
What is COMSEC (communications security)?

Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic or to any written information that is transmitted or transferred. Continue Reading
By
- Paul Kirvan
- Ben Cole, Executive Editor
Definition 07 Aug 2025
What is the Mitre ATT&CK framework?

The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies. Continue Reading
By
- Paul Kirvan
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
News 07 Aug 2025

U.S. still prioritizing zero-trust migration to limit hacks' damage

The zero-trust initiative, which gained steam during the Biden administration, is still underway. Continue Reading

— Cybersecurity Dive
Video 06 Aug 2025
An explanation of quantum cryptography

Quantum cryptography uses photons to transmit keys securely through quantum properties, creating an unhackable system that outperforms traditional math-based encryption methods. Continue Reading
By
- Sabrina Polin, Managing Editor
Video 05 Aug 2025
AI security: Top experts weigh in on the why and how

AI is everywhere, so security focus on this new technology is essential. In this podcast episode, three top security experts review the risks and discuss ways to mitigate them. Continue Reading
By
- Staff report
Definition 05 Aug 2025
What is IoT security?

IoT security is the technology segment focused on safeguarding connected devices and networks in the internet of things. Continue Reading
By
- Paul Kirvan
- Kinza Yasar, Technical Writer
- Sharon Shea, Executive Editor
Answer 30 Jul 2025
The differences between inbound and outbound firewall rules

Firewalls can support both inbound and outbound firewall rules, but there are important differences between the two. Learn more about each and their uses. Continue Reading
By
- Michael Cobb
- Kevin Beaver, Principle Logic, LLC
Tip 28 Jul 2025
How mobile firewalls protect against enterprise threats

Firewalls are an essential part of network security. As more employees use mobile devices for work, mobile firewalls are an increasingly vital security tool for organizations. Continue Reading
By
- Reda Chouffani, Biz Technology Solutions
Definition 28 Jul 2025
What is a content delivery network?

A content delivery network (CDN), also called a content distribution network, is a group of geographically distributed and interconnected servers. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Kinza Yasar, Technical Writer
Tip 25 Jul 2025
How to discover and manage shadow APIs

Connecting applications, especially if external-facing, with unapproved APIs is a recipe for disaster. Detecting and managing shadow APIs is vital to keeping the company secure. Continue Reading
By
- Dave Shackleford, Voodoo Security
Video 22 Jul 2025
An explanation of firewall types and uses

Firewalls protect networks by stopping malware at the perimeter. The various types can be deployed with other security measures but can also be used unethically to prohibit access. Continue Reading
By
- Sabrina Polin, Managing Editor
Tip 15 Jul 2025
What is cybersecurity mesh? Key applications and benefits

Is it time to consider a different approach to security architecture? Cybersecurity mesh might be an effective way to address complex, distributed environments. Continue Reading
By
- Ed Moyle, SecurityCurve
Definition 08 Jul 2025
What is the domain name system (DNS)?

The domain name system (DNS) is a naming database in which internet domain names are located and translated into Internet Protocol (IP) addresses. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Ben Lutkevich, Site Editor
- John Burke, Nemertes Research
Feature 08 Jul 2025
How to implement zero trust: 7 expert steps

Zero trust means a lot more than determining how users access resources. Successful implementation takes time, commitment and ongoing support. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
- Alissa Irei, Senior Site Editor
Feature 07 Jul 2025
What is the future of cybersecurity?

As cyberthreats grow more sophisticated, enterprises face mounting challenges. What does the future of cybersecurity hold, and how can organizations stay ahead? Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Definition 02 Jul 2025
What is a message authentication code (MAC)? How it works and best practices

A message authentication code (MAC) is a cryptographic checksum applied to a message to guarantee its integrity and authenticity. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Robert Sheldon
Definition 02 Jul 2025
What is SIEM (security information and event management)?

SIEM (security information and event management) is software that helps organizations detect, analyze, and respond to security threats by collecting and correlating security event data from across the IT environment in real time. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Linda Rosencrance
Tip 02 Jul 2025
How to build a cybersecurity strategy and plan in 4 steps

A cybersecurity strategy isn't meant to be perfect, but this high-level plan must be proactive, effective, actively supported and evolving. Here are four key steps to get there. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Definition 30 Jun 2025
What is the ISO 31000 Risk Management standard?

The ISO 31000 Risk Management framework is an international standard that provides organizations with guidelines and principles for risk management. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Brien Posey
Video 30 Jun 2025
Ransomware: Examples, prevention and mitigating the damage

Top cybersecurity experts gathered to discuss the latest threats from ransomware and how organizations, large and small, can prevent or, at least, mitigate an attack. Continue Reading
By
- Staff report
Tip 27 Jun 2025
Cybersecurity skills gap: Why it exists and how to address it

The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Tip 25 Jun 2025
10 remote work cybersecurity risks and how to prevent them

Larger attack surfaces, limited oversight of data use, AI-driven attacks and vulnerable enterprise technologies are among the security risks faced in remote work environments. Continue Reading
By
- Mary K. Pratt
Tip 24 Jun 2025
Cybersecurity governance: A guide for businesses to follow

Cybersecurity governance is now critical, with NIST CSF 2.0 recently adding it as a dedicated function. Learn why governance is core to an effective cyber strategy. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Definition 23 Jun 2025
What is a SYN flood DoS attack?

A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server. This exploit is also known as a 'half-open attack.' Continue Reading
By
- Scott Robinson, New Era Technology
- Ben Lutkevich, Site Editor
Tip 23 Jun 2025
How to choose a cybersecurity vendor: 12 key criteria

Choosing a cybersecurity vendor entails a two-phase approach: shortlisting vendors using clear requirements, then conducting thorough evaluations based on key criteria. Here's how. Continue Reading
By
- Leah Zitter, Ph.D.
Definition 20 Jun 2025
What is perfect forward secrecy (PFS)?

Perfect forward secrecy (PFS), also known as forward secrecy, is an encryption style known for producing temporary private key exchanges between clients and servers. Continue Reading
By
- Gavin Wright
- Sarah Lewis
Definition 18 Jun 2025
What is an advanced persistent threat (APT)?

An advanced persistent threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Kinza Yasar, Technical Writer
- Linda Rosencrance
Opinion 16 Jun 2025
Zscaler delivers network, data security tools at Zenith Live

Zscaler has expanded beyond ZTNA with three strategic pillars and aims to challenge traditional security infrastructure. Continue Reading
By
- John Grady, Principal Analyst
- Omdia
  Intelligence and advice powered by decades of global expertise and comprehensive coverage of the tech markets.
News 11 Jun 2025
Cisco Isovalent Load Balancer takes aim at Broadcom's VMware

The new product promises to simplify disparate network traffic across cloud, hybrid and on-premises workloads. Continue Reading
By
- Shane Snider, Senior News Writer
Definition 11 Jun 2025
What is ransomware as a service (RaaS)?

Ransomware as a service (RaaS) is a subscription-based business model that enables threat actors, also called affiliates, to launch ransomware attacks by accessing and using predeveloped ransomware tools. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Kinza Yasar, Technical Writer
- Sean Michael Kerner
Feature 06 Jun 2025
How to choose and set up a mobile VPN for an Android phone

A tailored approach to network security is crucial when managing smartphones in the enterprise. IT teams should consider Android VPN options for their organization. Continue Reading
By
- Robert Sheldon
Definition 05 Jun 2025
What is the WannaCry ransomware attack?

WannaCry ransomware is a cyberattack that spread by exploiting vulnerabilities in earlier and unpatched versions of the Windows operating system (OS). Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Linda Rosencrance
Definition 02 Jun 2025
What is a next-generation firewall (NGFW)?

A next-generation firewall (NGFW) is a network security device that combines traditional firewall capabilities with advanced features to detect and block sophisticated cyberattacks. Continue Reading
By
- Casey Clark, TechTarget
- Sharon Shea, Executive Editor
Feature 29 May 2025
How to choose and set up a mobile VPN for an iPhone

Many users perform work tasks on their iPhones, relying on mobile VPNs to securely access corporate resources. Learn about VPN options for iPhones and how to set up these systems. Continue Reading
By
- Robert Sheldon
Definition 28 May 2025
What is double extortion ransomware? How to defend your organization

Double extortion ransomware is a type of cyberattack that encrypts a victim's data, like in a traditional ransomware attack, while also adding a second attack vector of stealing that data. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Sean Michael Kerner
Tip 20 May 2025
How to create a remote access policy, with template

Remote work, while beneficial, presents numerous security risks. Help keep your organization's systems safe with a remote access policy. Continue Reading
By
- Paul Kirvan
Definition 19 May 2025
What is a firewall and why do I need one?

A firewall is a network security device that prevents unauthorized access to a network by inspecting incoming and outgoing traffic using a set of predetermined security rules. Continue Reading
By
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
Answer 13 May 2025
How can an enterprise mobile VPN fit into a mobility plan?

Organizations that need to secure mobile users and provide remote access to corporate resources should consider an on-premises or cloud-hosted mobile VPN. Continue Reading
By
- Brien Posey
- Robert Sheldon
Opinion 07 May 2025
Key network security takeaways from RSAC 2025

Themes on display at the conference reflected the cybersecurity industry's effort to streamline security operations, while adapting to emerging technologies and threats. Continue Reading
By
- John Grady, Principal Analyst
Tutorial 07 May 2025
How to use arpwatch to monitor network changes

The arpwatch utility flags administrators in the event of any unexpected changes or unauthorized devices, which could signal ARP spoofing or credential-harvesting attacks. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Definition 23 Apr 2025
What is ransomware? Definition and complete guide

Ransomware is malware that locks and encrypts a victim's data, files, devices or systems, rendering them inaccessible and unusable until the attacker receives a ransom payment. Continue Reading
By
- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
Definition 21 Apr 2025
What is a mobile VPN?

A mobile virtual private network (mobile VPN) is a type of VPN specifically designed to maintain a stable and secure connection while a user moves across different networks. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Tip 15 Apr 2025
How to ensure OT secure remote access and prevent attacks

OT systems face threats from attackers targeting their remote access capabilities. Segmenting networks is one important step. Learn other ways to safeguard your OT systems. Continue Reading
By
- Amanda Scheldt
Tip 04 Apr 2025
IPsec vs. SSL VPNs: What are the differences?

New technologies get all the headlines, but VPNs aren't going away anytime soon. Speed and security are among the factors to consider when determining what type of VPN to use. Continue Reading
By
- John Burke, Nemertes Research
Opinion 03 Apr 2025
Palo Alto Networks pushes platformization, AI for security

At Ignite in New York, the vendor laid out plans to use AI and platformization to consolidate cybersecurity tools and data to combat increasingly sophisticated attacks. Continue Reading
By
- John Grady, Principal Analyst
- Omdia
  Intelligence and advice powered by decades of global expertise and comprehensive coverage of the tech markets.
Definition 02 Apr 2025
What is a uniform resource identifier (URI)?

A uniform resource identifier (URI) is a character sequence that identifies a logical (abstract) or physical resource -- usually, but not always, connected to the internet. Continue Reading
By
- Rahul Awati
- Fred Churchville, TechTarget
Tip 31 Mar 2025
How to prevent a data breach: 11 best practices and tactics

When it comes to data breach prevention, the stakes are high. While it's impossible to eliminate the risk, organizations can minimize it by following these best practices. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Definition 26 Mar 2025
What is a web application firewall (WAF)? WAF explained

A web application firewall (WAF) is a firewall that is meant to protect web applications against common web-based threats. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Kinza Yasar, Technical Writer
Definition 21 Mar 2025
What is network topology?

A network topology is the physical and logical arrangement of nodes and connections in a network. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Tom Nolle, Andover Intel
Tip 17 Mar 2025
How to avoid and prevent social engineering attacks

Organizations and employees must both do their part to prevent and avoid social engineering attacks. A combination of security controls, policies, procedures and training is necessary. Continue Reading
By
- Paul Kirvan
Tip 07 Mar 2025
Top 14 open source penetration testing tools

From Aircrack-ng to ZAP, these open source penetration testing tools are essential additions to any security pro's toolbox. Continue Reading
By
- Ed Moyle, SecurityCurve
Definition 06 Mar 2025
What is promiscuous mode in networking?

In computer networking, promiscuous mode is a mode of operation in which a network device, such as a network interface card (NIC) or an adapter on a host system, can intercept and read in its entirety each network packet that arrives instead of just the packets addressed to the host. Continue Reading
By
- Rahul Awati
Tip 04 Mar 2025
Types of DNS servers and how they work, plus security threats

DNS security is a critical component of system administration. Learn about five types of DNS servers, what each does and the security threats each server faces. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Definition 28 Feb 2025
What is FCAPS (fault, configuration, accounting, performance and security)?

FCAPS (fault, configuration, accounting, performance and security) is a network management framework and model created by the International Organization for Standardization (ISO). Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Andrew Zola
News 27 Feb 2025
FBI: Lazarus Group behind $1.5 billion Bybit heist

Researchers say the heist, in which North Korean state-sponsored hackers stole funds from a cold wallet, is the biggest theft in the history of the cryptocurrency industry. Continue Reading
By
- Arielle Waldman, Features Writer, Dark Reading
Definition 27 Feb 2025
What is a DMZ in networking?

In computer networks, a DMZ, or demilitarized zone, is a physical or logical subnet that separates a local area network (LAN) from other untrusted networks -- usually, the public internet. DMZs are also known as perimeter networks or screened subnetworks. Continue Reading
By
- Nick Barney, Technology Writer
- Ben Lutkevich, Site Editor
News 27 Feb 2025
CrowdStrike: China hacking has reached 'inflection point'

In its 2025 Global Threat Report, CrowdStrike observed an increase in China's cyber capabilities, with a focus on espionage and 'pre-positioning' itself in critical environments. Continue Reading
By
- Alexander Culafi, Senior News Writer, Dark Reading
Definition 27 Feb 2025
What is federated identity management (FIM)? How does it work?

Federated identity management (FIM) is an arrangement between multiple enterprises or domains that enables their users to use the same identification data (digital identity) to access all their networks. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Rahul Awati
- Linda Rosencrance
News 26 Feb 2025
NCC Group tracks alarming ransomware surge in January

NCC Group found ransomware activity in January surpassed previous monthly highs with 590 attacks, as one notorious gang experienced a notable resurgence. Continue Reading
By
- Arielle Waldman, Features Writer, Dark Reading
News 25 Feb 2025
Dragos: Ransomware attacks against industrial orgs up 87%

Ransomware attacks continue to be a major pain point for industrial organizations, as the sector has historically struggled with vulnerability management. Continue Reading
By
- Alexander Culafi, Senior News Writer, Dark Reading
News 21 Feb 2025
Palo Alto Networks vulnerabilities exploited in chained attack

The cybersecurity vendor urges customers to take immediate action to mitigate recently disclosed vulnerabilities that are being actively exploited in the wild. Continue Reading
By
- Arielle Waldman, Features Writer, Dark Reading
Definition 20 Feb 2025
What is TLS (Transport Layer Security)? Definition & Uses

Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications. Continue Reading
By
- Scott Robinson, New Era Technology
- Andrew Froehlich, West Gate Networks
- Kevin Beaver, Principle Logic, LLC
Tip 20 Feb 2025
Penetration testing vs. vulnerability scanning: What's the difference?

Confused by the distinctions between penetration testing and vulnerability scanning? You're not alone. Learn the key differences between the two and when to use each. Continue Reading
By
- Kyle Johnson, Technology Editor
- Andrew Froehlich, West Gate Networks
Definition 19 Feb 2025
What is an attack vector?

An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server to deliver a payload or malicious outcome. Continue Reading
By
- Scott Robinson, New Era Technology
- Mary E. Shacklett, Transworld Data
News 18 Feb 2025
Palo Alto Networks PAN-OS vulnerability exploited in the wild

Palo Alto Networks says threat actors used a publicly available PoC exploit in attack attempts against firewall customers with PAN-OS management interfaces exposed to the internet. Continue Reading
By
- Alexander Culafi, Senior News Writer, Dark Reading
Definition 18 Feb 2025
What is the Nessus vulnerability scanning platform?

Nessus is a platform developed by Tenable that scans for security vulnerabilities in devices, applications, operating systems, cloud services and other network resources. Continue Reading
By
- Rahul Awati
News 13 Feb 2025
Salt Typhoon compromises telecom providers' Cisco devices

Salt Typhoon's latest campaign exploits older vulnerabilities in Cisco edge devices to gain access to the networks of several telecom companies, including two based in the U.S. Continue Reading
By
- Alexander Culafi, Senior News Writer, Dark Reading
Definition 13 Feb 2025
What is a denial-of-service attack?

A denial-of-service (DoS) attack is a security threat that occurs when an attacker makes it impossible for legitimate users to access computer systems, networks, services or other IT resources. Continue Reading
By
- Scott Robinson, New Era Technology
- Kevin Ferguson
- Peter Loshin, Former Senior Technology Editor
Definition 12 Feb 2025
What is cyber hijacking?

Cyber hijacking, or computer hijacking, is a type of network security attack in which the threat actor takes control of computer systems, software programs and network communications. Continue Reading
By
- Scott Robinson, New Era Technology
Definition 11 Feb 2025
What is a honeypot? How it protects against cyberattacks

A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to help organizations detect, deflect and study hacking attempts to gain unauthorized access to IT. Continue Reading
By
- Scott Robinson, New Era Technology
- Ben Lutkevich, Site Editor
- Casey Clark, TechTarget
Tutorial 11 Feb 2025
How to use pfSense: Use cases and initial configurations

Open source firewall and routing software pfSense offers a compelling mix of capabilities that can work for organizations large and small. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Definition 11 Feb 2025
What is the RSA algorithm?

The RSA algorithm (Rivest-Shamir-Adleman) is a public key cryptosystem that uses a pair of keys for securing digital communication and transactions over insecure networks, such as the internet. Continue Reading
By
- Kinza Yasar, Technical Writer
- Michael Cobb
Definition 10 Feb 2025
What is ISO 27001?

ISO 27001, formally known as ISO/IEC 27001:2022, is an information security standard jointly created by the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC). Continue Reading
By
- Paul Kirvan
- Katie Terrell Hanna
News 07 Feb 2025
Ransomware hits healthcare, critical services in January

Ransomware attacks against healthcare organizations in January reflect an increasing need for threat actors to adapt and get aggressive as defenders improve. Continue Reading
By
- Alexander Culafi, Senior News Writer, Dark Reading
News 05 Feb 2025
Zyxel won't patch end-of-life routers against zero-day attacks

Networking hardware vendor Zyxel has no plans to patch multiple end-of-life routers against new zero-day flaws and advises customers to replace affected devices entirely. Continue Reading
By
- Alexander Culafi, Senior News Writer, Dark Reading
News 05 Feb 2025
Chainalysis records 35% decrease in ransom payments in 2024

While the first half of 2024 was on pace to surpass 2023's record-setting numbers, Chainalysis found that the volume of ransom payments dropped in the second half of the year. Continue Reading
By
- Arielle Waldman, Features Writer, Dark Reading
News 04 Feb 2025
WatchTowr warns abandoned S3 buckets pose supply chain risk

WatchTowr researchers found that they could reregister abandoned Amazon S3 buckets and detail alarming ways that threat actors could exploit the attack surface. Continue Reading
By
- Arielle Waldman, Features Writer, Dark Reading
News 03 Feb 2025
NSFocus: DeepSeek AI hit with 'well planned' DDoS attacks

Cybersecurity vendor NSFocus said AI startup DeepSeek endured multiple waves of DDoS attacks from attackers since its reasoning model was released Jan. 20. Continue Reading
By
- Alexander Culafi, Senior News Writer, Dark Reading
News 24 Jan 2025
DOJ indicts 5 individuals in North Korea IT worker scam

An unsealed indictment revealed threat actors working for North Korea tricked at least 64 U.S. businesses into hiring fake IT workers for financial and propriety data gains. Continue Reading
By
- Arielle Waldman, Features Writer, Dark Reading
News 23 Jan 2025
Zero-day vulnerability in SonicWall SMA series under attack

SonicWall released a hotfix for a critical pre-authentication remote code execution vulnerability in Secure Mobile Access 1000 products amidst reports of zero-day exploitation. Continue Reading
By
- Arielle Waldman, Features Writer, Dark Reading
News 23 Jan 2025
Eclypsium finds security issues in Palo Alto Networks NGFWs

Eclypsium researchers stressed how essential supply chain security is as threat actors increasingly target and exploit vulnerabilities in firewalls, VPNs and other edge devices. Continue Reading
By
- Arielle Waldman, Features Writer, Dark Reading
News 21 Jan 2025
Threat actors abusing Microsoft Teams in ransomware attacks

Sophos researchers observed two separate threat campaigns in which attackers used Microsoft Teams to pose as IT support personnel and gain access to victims' systems. Continue Reading
By
- Arielle Waldman, Features Writer, Dark Reading
News 17 Jan 2025
Treasury Department sanctions company tied to Salt Typhoon

The sanctions were in response to significant cyberattacks by Chinese nation-state threat groups against the U.S. government and critical infrastructure in recent months. Continue Reading
By
- Arielle Waldman, Features Writer, Dark Reading
News 16 Jan 2025
Threat actor publishes data of 15K hacked FortiGate firewalls

Although the threat actor published the alleged stolen Fortinet FortiGate firewall data this week, the data is apparently tied to older zero-day exploitation from 2022. Continue Reading
By
- Alexander Culafi, Senior News Writer, Dark Reading
News 16 Jan 2025
ESET details UEFI Secure Boot bypass vulnerability

ESET researchers last year discovered an unsigned binary in a third-party UEFI application that could have been abused to bypass the Secure Boot process. Continue Reading
By
- Arielle Waldman, Features Writer, Dark Reading