Network Intrusion Prevention (IPS)
Top Stories
-
Quiz
28 Jul 2020
IDS/IPS quiz: Intrusion detection and prevention systems
Want a baseline of your intrusion detection and prevention system knowledge? Test your insights with this IDS/IPS quiz. Continue Reading
-
Answer
19 Dec 2019
Host IDS vs. network IDS: Which is better?
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective enterprise security. Continue Reading
-
Answer
22 Nov 2021
What are the most important email security protocols?
Email was designed without security considerations, but these top email security protocols add mechanisms to keep messaging safe from threats. Continue Reading
-
News
19 Nov 2021
Cybercriminals discuss new business model for zero-day exploits
Digital Shadows observed increased chatter on dark web forums about the possible emergence of a new business model that would rent out zero-day exploits as a service. Continue Reading
-
News
19 Nov 2021
How enterprises need to prepare for 'cyberwar' conflicts
Infosec expert Tarah Wheeler said increasing international conflicts are posing new compliance and regulatory standards, but adapting the changes may be difficult for enterprises. Continue Reading
-
News
18 Nov 2021
CISA, Microsoft warn of rise in cyber attacks from Iran
CISA and Microsoft this week issued alerts about increased threat activity Iranian nation-state hacking groups, including ransomware attacks on enterprises. Continue Reading
-
News
18 Nov 2021
New side channel attack resurrects DNS poisoning threat
A new side channel attack would potentially allow attackers to poison DNS servers and reroute traffic to malicious sites. Continue Reading
-
News
17 Nov 2021
Malwarebytes slams Apple for inconsistent patching
At the center of the Apple criticism is an exploit chain that utilized two vulnerabilities -- one of which was only patched in macOS Big Sur for several months. Continue Reading
-
Podcast
17 Nov 2021
Risk & Repeat: Are ransomware busts having an effect?
International law enforcement agencies this year have stepped up efforts to address the ransomware threat with arrests, indictments and multimillion-dollar rewards. Continue Reading
-
Guest Post
16 Nov 2021
How to create security metrics business leaders care about
Security metrics must be clear, actionable and resonate with business leadership. Learn how to create metrics that business leaders care about and will act upon. Continue Reading
-
Guest Post
16 Nov 2021
3 ways to balance app innovation with app security
New innovations come with an onslaught of risks and vulnerabilities. Use these three concepts to promote innovation, while ensuring web application security. Continue Reading
-
News
15 Nov 2021
Microsoft releases out-of-band update for Windows Server
Less than a week after November's Patch Tuesday, Microsoft released an unscheduled security update for Windows Server to address an authentication vulnerability. Continue Reading
-
News
15 Nov 2021
FBI email system compromised to issue fake alerts
An unknown threat actor sent emails warning of a supply chain attack through an FBI portal used by law enforcement agencies to communicate with one another. Continue Reading
-
News
15 Nov 2021
ProxyShell leads to domain-wide ransomware attack
The domain-wide ransomware attack utilized "almost no malware," and the threat actor accomplished the attack with the months-old ProxyShell vulnerabilities. Continue Reading
-
Guest Post
15 Nov 2021
Reduce the risk of cyber attacks with frameworks, assessments
Don't rely on a compliance mandate to reduce the risk of cyber attacks or on a cyber insurer to cover an attack's aftermath. Assessments and frameworks are key to staying safe. Continue Reading
-
News
11 Nov 2021
Aruba Central breach exposed customer data
HPE-owned Aruba Networks said one of its cloud databases was accessed by hackers who were able to make off with location and telemetry data for its customers' Wi-Fi gear. Continue Reading
-
Feature
11 Nov 2021
Tools to conduct security chaos engineering tests
Security teams are becoming curious about how chaos engineering can benefit them. Read about the security chaos engineering tools available for early adopters. Continue Reading
-
News
11 Nov 2021
Trend Micro reveals 'Void Balaur' cybermercenary group
New Trend Micro research revealed a cybermercenary group that has been actively targeting high-profile organizations and individuals across the globe since 2015. Continue Reading
-
News
11 Nov 2021
Citrix DDOS bug leaves networks vulnerable
Citrix patched a critical bug in its Application Delivery Controller and Gateway software that left networks open to DDOS attacks. It also fixed a less-severe SD-WAN WANOP bug. Continue Reading
-
News
11 Nov 2021
'King of Fraud' sentenced for Methbot botnet operation
Aleksandr Zhukov was sentenced to 10 years in prison for the theft of $7 million in a massive digital advertising fraud operation using his 'Methbot' botnet. Continue Reading
-
News
10 Nov 2021
US targets REvil, DarkSide ransomware with $10M rewards
Infosec experts weigh in on the U.S. government's latest tactic to thwart ransomware operations -- the offering of rewards of up to $10 million for information on operators. Continue Reading
-
Guest Post
10 Nov 2021
4 concepts that help balance business and security goals
The goal of enterprise security is to maintain connectivity, while remaining protected. Use these four concepts to balance business and security goals. Continue Reading
-
News
09 Nov 2021
Medical devices at risk from Siemens Nucleus vulnerabilities
Thirteen bugs, including a critical security flaw, have been patched in the Siemens Nucleus TCP/IP stack, a vital component for millions of connected medical devices. Continue Reading
-
Tip
09 Nov 2021
How to overcome 3 multi-tenancy security issues
Explore three major multi-tenancy security challenges and how to fix them, including lack of visibility, privilege overallocation and poor data security management. Continue Reading
-
Feature
09 Nov 2021
API security strategies must evolve to include API protection
An API security strategy must include the ability to protect APIs post-deployment, but questions abound about ownership, which tools to use and how to get started. Continue Reading
-
News
08 Nov 2021
DOJ charges REvil ransomware members, seizes $6.1M
One of the accused cybercriminals, who was directly involved in the ransomware attack on Kaseya earlier this year, was arrested and faces extradition from Poland. Continue Reading
-
News
08 Nov 2021
REvil ransomware affiliates arrested in international takedown
Europol said the two suspected REvil affiliates were allegedly responsible for 5,000 ransomware infections and received approximately half a million euros in ransom payments. Continue Reading
-
News
08 Nov 2021
Bug bounty programs in 2021: High payouts, higher stakes
Bug bounty programs today offer high monetary rewards for researchers, but they can also suffer from communication issues, delays and inaction that may portend bigger problems. Continue Reading
-
News
05 Nov 2021
Routers, NAS and phones hacked in Pwn2Own competition
Security researchers have spent the week attempting to break into network-connected hardware and other devices in hopes of winning recognition and big payouts. Continue Reading
-
News
05 Nov 2021
MVSP: Will Google's security baseline work?
In response to data breaches involving third-party vendors, Google worked alongside vendors to developed what it refers to as a 'vendor-neutral security baseline.' Continue Reading
-
Tip
05 Nov 2021
Steps for building a privacy program, plus checklist
Organizations need to prioritize privacy now more than ever. Follow these steps, and use our checklist to create a privacy program that ensures compliance and mitigates threats. Continue Reading
-
Tip
04 Nov 2021
7 best practices to ensure GDPR compliance
Complying with the EU's GDPR data privacy mandates remains challenging. These best practices -- such as hiring a data protection officer and classifying data -- can help. Continue Reading
-
News
04 Nov 2021
DDoS botnet exploiting known GitLab vulnerability
A botnet is using a critical GitLab vulnerability, which was disclosed and patched in April, to launch powerful DDoS attacks that have surpassed 1 Tbps. Continue Reading
-
News
03 Nov 2021
CISA requires agencies to patch nearly 300 vulnerabilities
The Cybersecurity and Infrastructure Security Agency issued a directive for government agencies that requires patching for hundreds of known software security vulnerabilities. Continue Reading
-
News
03 Nov 2021
BlackMatter claims to shut down ransomware operations
Operators behind the ransomware, known to target critical infrastructure, attributed the shutdown to pressure from authorities and the disappearance of team members. Continue Reading
-
Feature
03 Nov 2021
Why chaos engineering testing makes sense for cybersecurity
Using the concept of chaos engineering, teams can determine whether systems perform as intended in time of need. But how does it relate to security? Continue Reading
-
Guest Post
03 Nov 2021
To improve resilience, augment zero-trust models
Zero-trust models are a start, but to improve resilience, they should be augmented and extended to include verification procedures, supply chain security and open source software. Continue Reading
-
News
02 Nov 2021
Trojan Source bugs enable 'invisible' source code poisoning
A pair of flaws in nearly every popular programming language enables attackers to hide malicious code in plain sight without the ability to be detected prior to compiling. Continue Reading
-
News
02 Nov 2021
FBI: Ransomware gangs using financial info to target companies
The FBI assessed that ransomware threat actors are likely using information like mergers, acquisitions and stock valuations to determine vulnerable enterprise targets. Continue Reading
-
News
02 Nov 2021
Why cloud bugs don't get CVEs, and why it's an issue
Lack of public disclosures for cloud bugs can allow vendors to sit on vulnerability reports and can prevent researchers from getting acknowledgement and payouts. Continue Reading
-
Tip
01 Nov 2021
Adopt 5 best practices for hybrid workplace model security
As hybrid workforce models become the norm due to the pandemic, enterprises should look to best practices to ensure secure unified access for on-premises and WFH employees. Continue Reading
-
News
29 Oct 2021
Europol 'targets' 12 suspects in ransomware bust
Europol has not said whether the suspected ransomware actors were arrested or detained, but the 12 were allegedly involved in attacks that affected 1,800 victims in 71 countries. Continue Reading
-
News
28 Oct 2021
Hackers upping SSL usage for encrypted attacks, communications
A report from cloud security vendor Zscaler found that cybercriminals are using secure connections to evade detection while carrying out network attacks. Continue Reading
-
News
28 Oct 2021
Avast releases decryptors for multiple ransomware strains
Victims of three separate ransomware families can now recover data using tools developed by the antivirus vendor with help from a malware analyst and an alleged Babuk developer. Continue Reading
-
Feature
28 Oct 2021
Amid explosive growth, API security a growing concern
APIs are expanding exponentially across the technology landscape and creating a vast attack surface that enterprise security teams are struggling to understand and defend. Continue Reading
-
News
28 Oct 2021
Twitter details internal Yubico security key rollout
Following last year's breach, Twitter obtained 100% security key enrollment from its 5,500 internal employee accounts within a month of the cutover date. Continue Reading
-
Guest Post
28 Oct 2021
Applying security to operating models requires collaboration
Balancing business needs with security is more important than ever. Integrating operating models with reference architectures is a key step in the process. Continue Reading
-
Tip
27 Oct 2021
5 IT security policy best practices
As businesses and technologies grow and evolve, it's important IT security policies do, too. Follow these five best practices to ensure policies are fresh and relevant. Continue Reading
-
Feature
26 Oct 2021
5 cybersecurity personality traits for a successful career
In this excerpt of 'Confident Cyber Security,' author Jessica Barker outlines five cybersecurity personality traits employers look for in job candidates. Continue Reading
-
Feature
26 Oct 2021
How to start a career in cybersecurity from the human side
Discover how the co-founder of an infosec consultancy and author of 'Confident Cyber Security' started her career and became a leader in the human nature side of security. Continue Reading
-
News
26 Oct 2021
Researcher cracks 70% of neighborhood Wi-Fi passwords
A CyberArk researcher showed that $50 worth of hardware and some attack scripts are all you need to break into home and small business Wi-Fi networks. Continue Reading
-
News
25 Oct 2021
Emsisoft cracked BlackMatter ransomware, recovered victims' data
Emsisoft developed a decryptor for BlackMatter and also found vulnerabilities in about a dozen other ransomware families that can be used to recover victims' data. Continue Reading
-
News
25 Oct 2021
SolarWinds hackers attacking more IT supply chain targets
According to Microsoft, the Russian threat group known as Nobelium has already compromised 14 technology service providers across the United States and Europe. Continue Reading
-
Feature
25 Oct 2021
How to use Python for privilege escalation in Windows
Penetration testers can use Python to write scripts and services to discover security vulnerabilities. In this walkthrough, learn how to escalate privileges in Windows. Continue Reading
-
Feature
25 Oct 2021
Why hackers should learn Python for pen testing
The authors of 'Black Hat Python' explain the importance of learning Python for pen testing, how it helps create scripts to hack networks and endpoints, and more. Continue Reading
-
Podcast
22 Oct 2021
Risk & Repeat: Apple bug bounty frustrations boil over
Security researchers criticized the Apple Security Bounty program and claimed the company ignored bug reports, denied bounty payments and silently patched vulnerabilities. Continue Reading
-
News
20 Oct 2021
Chris Krebs weighs in on zero trust, FBI web shell removal
Regarding the FBI action to silently remove web shells from vulnerable Exchange Servers, former CISA director Chris Krebs said he expects to see the action again if appropriate. Continue Reading
-
News
20 Oct 2021
Gartner analysts debate ransomware payments
During Gartner's IT Symposium, analysts discussed the complex factors companies face when deciding whether or not to give into ransom demands. Continue Reading
-
Guest Post
20 Oct 2021
5 questions to ask when creating a ransomware recovery plan
These 'five W's of ransomware' will help organizations ask the right questions when creating a ransomware-specific disaster recovery plan. Continue Reading
-
News
20 Oct 2021
'LightBasin' hackers spent 5 years hiding on telco networks
A state-sponsored hacking group has been moving undetected on the networks of more than a dozen telecommunications providers, observing traffic and collecting data for years. Continue Reading
-
News
19 Oct 2021
Federal agencies issue warning on BlackMatter ransomware
U.S. government agencies say a new family of malware could create problems for critical infrastructure by shutting down critical networks and disrupting commerce. Continue Reading
-
News
18 Oct 2021
FinCEN: 2021 ransomware activity outpaces 2020 in 6 months
The U.S. Treasury's financial crimes bureau has seen a rise in anonymity-enhanced cryptocurrencies like Monero, though Bitcoin remains the most used. Continue Reading
-
News
18 Oct 2021
Sinclair Broadcast Group suffers ransomware attack, breach
The media giant disclosed a ransomware attack Monday that caused massive disruptions across networks and saw threat actors obtain corporate data. Continue Reading
-
News
15 Oct 2021
Accenture sheds more light on August data breach
The IT services giant disclosed in an SEC filing that threat actors stole and leaked proprietary data during a LockBit ransomware attack earlier this year. Continue Reading
-
News
15 Oct 2021
Burned by Apple, researchers mull selling zero days to brokers
Security researchers have grown frustrated with Apple's lack of communication, ‘silent patching’ of vulnerabilities, denial of bug bounty rewards and other issues. Continue Reading
-
News
14 Oct 2021
Google digs into Iran's APT35 hacking group
Covert phishing tactics and cleverly disguised notifications are among the calling cards of the increasingly sophisticated operation aimed at Iran's opponents. Continue Reading
-
News
14 Oct 2021
Enterprises ask Washington to step up cyber collaboration
During CISA's National Cybersecurity Summit, critical infrastructure companies said they need better information on cyberthreats from the federal government. Continue Reading
-
Tip
14 Oct 2021
What is attack surface management and why is it necessary?
Attack surface management approaches security from the attacker's perspective. Discover how ASM can help better secure your organization's sprawling assets and resources. Continue Reading
-
Guest Post
14 Oct 2021
Best practices to detect and mitigate deepfake attacks
Deepfake technology enables fraudsters to distort reality and commit financial crimes. Learn how the technology works and best practices to mitigate deepfake attacks. Continue Reading
-
Feature
13 Oct 2021
The complete guide to ransomware
Organizations in every industry can be targets of cybercrime for profit. Get expert advice on ransomware prevention, detection and recovery in our comprehensive guide. Continue Reading
-
News
13 Oct 2021
How hackers exploited RCE vulnerabilities in Atlassian, Azure
Barracuda researchers examined exploitation activity and attack patterns for two remote code execution vulnerabilities affecting Atlassian's Confluence and Microsoft's Azure. Continue Reading
-
News
12 Oct 2021
Cybereason and Google Cloud join forces for new XDR service
Cybereason and Google Cloud have teamed up to combat future security threats with accelerated XDR capabilities. Continue Reading
-
News
12 Oct 2021
Apple patches iOS vulnerability actively exploited in the wild
Apple said in a security advisory that it had received a report that the iOS flaw, which impacts kernel extension IOMobileFrameBuffer, 'may have been actively exploited.' Continue Reading
-
News
11 Oct 2021
Iranian password spraying campaign hits Office 365 accounts
The Iran-backed DEV-0343 threat group has launched a password spraying offensive against Office 365 accounts in the defense, maritime and oil industries. Continue Reading
-
Tip
11 Oct 2021
5 open source offensive security tools for red teaming
To be an effective red teamer, you need the right tools in your arsenal. These are five of the open source offensive security tools worth learning. Continue Reading
-
News
11 Oct 2021
Cyber insurance premiums, costs skyrocket as attacks surge
As cyber attacks and losses have increased, so has demand for cyber insurance. But now premiums are reflecting a harsh new reality. Continue Reading
-
News
08 Oct 2021
Senators want FTC to enforce a federal data security standard
U.S. Senators debated creating federal data privacy and security standards and providing the FTC with enough resources to enforce them. Continue Reading
-
News
08 Oct 2021
Admins: Patch management is too complex and cumbersome
A new survey from Ivanti shows a majority of administrators and infosec professionals feel the shift to decentralized workspaces has made patch management an even bigger headache. Continue Reading
-
Feature
08 Oct 2021
4 types of ransomware and a timeline of attack examples
There are four main types of ransomware, but many examples of ransomware strains. Learn how the ransomware types work, and review notable ransomware attacks and variants. Continue Reading
-
Feature
08 Oct 2021
The history and evolution of ransomware
Ransomware has evolved from a malicious floppy disk demanding $189 in ransom to a trillion-dollar industry with ransom for rent, sophisticated techniques and big-name victims. Continue Reading
-
Tip
07 Oct 2021
How to evaluate and deploy an XDR platform
Not all extended detection and response platforms are created equal. Don't take the XDR plunge before knowing exactly what to look for in an XDR platform. Continue Reading
-
News
06 Oct 2021
Apache HTTP Server vulnerability under active attack
Security experts are urging administrators to update their installations of Apache HTTP Server following the disclosure of a zero-day vulnerability that had been under attack. Continue Reading
-
News
06 Oct 2021
Iranian hackers abusing Dropbox in cyberespionage campaign
A group of hackers believed to be based in Iran is targeting organizations in the U.S. and elsewhere with a campaign that uses cloud storage service Dropbox. Continue Reading
-
News
06 Oct 2021
Twitch confirms data breach following massive leak
Leakers claim to have stolen almost 6,000 internal Git repositories, including 'the entirety of Twitch.tv' and content creator payouts. Continue Reading
-
News
04 Oct 2021
2 suspected ransomware operators arrested in Ukraine
A coordinated international law enforcement operation led to the arrest of two alleged ransomware operators, though the ransomware gang has not been identified. Continue Reading
-
Guest Post
04 Oct 2021
5 principles for AppSec program maturity
Applications remain a top cause of external data breaches. Follow these five principles to achieve application security program maturity. Continue Reading
-
Feature
30 Sep 2021
How to use Ghidra for malware analysis, reverse-engineering
The Ghidra malware analysis tool helps infosec beginners learn reverse-engineering quickly. Get help setting up a test environment and searching for malware indicators. Continue Reading
-
Feature
30 Sep 2021
Get started with the Ghidra reverse-engineering framework
Malware analysts use Ghidra to examine code to better understand how it works. Learn what to expect from the reverse-engineering framework, how to start using it and more. Continue Reading
-
News
30 Sep 2021
FireEye and McAfee Enterprise announce product mashup
Merger-happy investment firm STG has let slip that it will integrate the product lines of McAfee Enterprise and FireEye. Analysts say it will be a challenging road ahead. Continue Reading
-
Feature
30 Sep 2021
10 CCPA enforcement cases from the law's first year
It's been more than a year since CCPA enforcement began, and organizations started hearing from the California attorney general. Explore 10 early cases of alleged noncompliance. Continue Reading
-
Feature
30 Sep 2021
6 reasons unpatched software persists in the enterprise
Patching is like flossing -- everyone knows they should do it, yet too few do it often and well. Explore why unpatched software is still ubiquitous, despite the risks. Continue Reading
-
News
30 Sep 2021
Researchers hack Apple Pay, Visa 'Express Transit' mode
Academic researchers discover an attack technique that enables them to make fraudulent transactions on locked iPhones when Apple Pay and Visa cards are set up for transit mode. Continue Reading
-
Quiz
30 Sep 2021
10 CIPP/US practice questions to test your privacy knowledge
Advance your privacy career by becoming a Certified Information Privacy Professional. Use these 10 practice questions from Wiley's IAPP CIPP/US study guide to prepare for the exam. Continue Reading
-
Feature
30 Sep 2021
How to prepare for the CIPP/US exam
The co-authors of a CIPP/US study guide offer advice on the IAPP certification, including career benefits, how to prepare and how the U.S. exam differs from other regions' exams. Continue Reading
-
Tip
30 Sep 2021
How to create a ransomware incident response plan
A ransomware incident response plan may be the difference between surviving an attack and shuttering operations. Read key planning steps, and download a free template to get started. Continue Reading
-
News
29 Sep 2021
Telegram bots allowing hackers to steal OTP codes
A simplified new attack tool based on Telegram scripts is allowing criminals to steal one-time password credentials and take over user accounts and drain bank funds. Continue Reading
-
News
29 Sep 2021
Group-IB CEO Ilya Sachkov charged with treason in Russia
Group-IB maintains the innocence of CEO and founder Ilya Sachkov and said that co-founder and CTO Dmitry Volkov will assume leadership of the company. Continue Reading
-
News
28 Sep 2021
Microsoft releases emergency Exchange Server mitigation tool
Microsoft turned its attention to organizations that are slower to patch by releasing an emergency mitigation tool as a temporary fix against current threats. Continue Reading
-
News
28 Sep 2021
Ransomware: Has the U.S. reached a tipping point?
The ransomware problem has grown more severe in recent years due to a growing number of attacks against large organizations and the standardization of double-extortion tactics. Continue Reading
-
News
28 Sep 2021
SolarWinds hackers Nobelium spotted using a new backdoor
Microsoft researchers believe Nobelium, the Russian-backed group that breached SolarWinds, has been using a backdoor tool called FoggyWeb since at least April. Continue Reading
-
Answer
27 Sep 2021
What is extortionware? How does it differ from ransomware?
Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware. Continue Reading
-
News
24 Sep 2021
Spurned researcher posts trio of iOS zero days
An anonymous bug hunter critical of Apple's handling of reports to its bounty program has released details on three zero-day vulnerabilities in its iOS mobile platform. Continue Reading