Network security
Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.
Top Stories
-
News
26 Nov 2024
New York fines Geico, Travelers $11.3M over data breaches
The two insurance giants were fined millions by New York state regulators and are required to enhance security protocols around authentication and penetration testing. Continue Reading
By- Arielle Waldman, News Writer
-
News
22 Nov 2024
Volexity details Russia's novel 'Nearest Neighbor Attack'
The security company warned that the new attack style highlights the importance of securing Wi-Fi networks, implementing MFA and patching known vulnerabilities. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
25 Nov 2024
What is IPsec (Internet Protocol Security)?
IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network. Continue Reading
By- Katie Terrell Hanna
- Peter Loshin, Former Senior Technology Editor
-
Definition
25 Nov 2024
What is Extensible Authentication Protocol (EAP)?
Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the internet. Continue Reading
-
News
22 Nov 2024
Volexity details Russia's novel 'Nearest Neighbor Attack'
The security company warned that the new attack style highlights the importance of securing Wi-Fi networks, implementing MFA and patching known vulnerabilities. Continue Reading
By- Arielle Waldman, News Writer
-
Tutorial
21 Nov 2024
How to test firewall rules with Nmap
Using Nmap to identify potential shortfalls in the rules used to govern firewall performance gives teams an easy and cost-effective way to plug holes in their security frameworks. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Tip
20 Nov 2024
4 types of access control
Access management is the gatekeeper, making sure a device or person can gain entry only to the systems or applications to which they have been granted permission. Continue Reading
By- Amy Larsen DeCarlo, GlobalData
-
News
19 Nov 2024
2 Palo Alto Networks zero-day vulnerabilities under attack
CVE-2024-9474 marks the second zero-day vulnerability in Palo Alto Networks' PAN-OS firewall management interface to come under attack in the last week. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
18 Nov 2024
What CISOs need to know to build an OT cybersecurity program
More companies are tasking CISOs with operational technology security. But this oversight means a new strategy for those unfamiliar with building an effective OT security program. Continue Reading
By- Amy Larsen DeCarlo, GlobalData
- Sharon Shea, Executive Editor
-
News
18 Nov 2024
Chinese APT exploited unpatched Fortinet zero-day flaw
Volexity reported that a Chinese APT actor exploited a zero-day vulnerability in Fortinet's Windows VPN FortiClient software that enables credentials to be stolen from a system. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
18 Nov 2024
What is data egress? How it works and how to manage costs
Data egress is when data leaves a closed or private network and is transferred to an external location. Continue Reading
By- Cameron Hashemi-Pour, Site Editor
-
Definition
18 Nov 2024
What is a spam trap?
A spam trap is an email address that's used to identify and monitor spam email. It's also a type of honeypot because it uses a fake email address to bait spammers. Continue Reading
By- Scott Robinson, New Era Technology
- Ben Lutkevich, Site Editor
-
News
15 Nov 2024
Palo Alto Networks PAN-OS management interfaces under attack
Palo Alto Networks confirmed that threat actors are exploiting a vulnerability in PAN-OS firewall management interfaces after warning customers to secure them for nearly a week. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
14 Nov 2024
Infoblox: 800,000 domains vulnerable to hijacking attack
While the 'Sitting Ducks' attack vector continues to pose a problem, Infoblox says domain registrars, DNS providers and government bodies remain inactive. Continue Reading
By- Arielle Waldman, News Writer
-
News
14 Nov 2024
CISA, FBI confirm China breached telecommunication providers
The government agencies confirmed Wall Street Journal reports that China-backed threat actors breached telecommunication providers and access data for law enforcement requests. Continue Reading
By- Arielle Waldman, News Writer
-
News
13 Nov 2024
Most widely exploited vulnerabilities in 2023 were zero days
While zero-day exploitation surged throughout 2023, CISA said threat actors continue to exploit known vulnerabilities that were disclosed and patched as far back as 2017. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
12 Nov 2024
EDR vs. XDR vs. MDR: Key differences and benefits
One of the most important goals of cybersecurity professionals is to quickly identify potential or in-progress cyberattacks. These three approaches can help. Continue Reading
By -
News
07 Nov 2024
Ransomware attacks caused prolonged disruptions in October
The Ransomhub, Rhysdia and Interlock ransomware gangs claimed responsibility for attacks that knocked victims' services offline, sometimes for several weeks. Continue Reading
By- Arielle Waldman, News Writer
-
Tutorial
07 Nov 2024
How to build a Python port scanner
Python offers beginning coders a lot of flexibility and is a novel way to build tools designed to probe port performance across your network. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Definition
01 Nov 2024
What is unified threat management (UTM)?
Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks. Continue Reading
-
Tip
01 Nov 2024
API security testing checklist: 7 key steps
APIs are a common attack vector for malicious actors. Use our API security testing checklist and best practices to protect your organization and its data. Continue Reading
By- Dave Shackleford, Voodoo Security
- Michael Cobb
-
News
30 Oct 2024
Microsoft warns of Midnight Blizzard spear phishing campaign
The tech giant is notifying users affected by a recently observed campaign, which has targeted more than 100 victim organizations globally so far. Continue Reading
By- Arielle Waldman, News Writer
-
News
29 Oct 2024
REvil convictions unlikely to curb Russian cybercrime
In a rare action against cybercrime, a court in Russia sentenced four individuals tied to the Revil ransomware gang for money laundering and malware distribution charges. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
29 Oct 2024
How to configure and customize Kali Linux settings
Learning how to use Kali Linux for ethical hacking and penetration testing? Read step by step how to configure and customize the distribution. Continue Reading
By- Kyle Johnson
-
Tip
25 Oct 2024
DDoS mitigation: How to stop DDoS attacks
A DDoS attack can wreak havoc on an organization, but a number of strategies can help stop such attacks and minimize their damage. Continue Reading
By -
News
24 Oct 2024
Cisco ASA and FTD zero day used in password spraying attacks
One day after Cisco disclosed a zero-day vulnerability discovered in its VPN software, CISA added the flaw to its Known Exploited Vulnerabilities catalog. Continue Reading
By- Arielle Waldman, News Writer
-
News
24 Oct 2024
Fortinet FortiManager zero-day flaw exploited since June
Mandiant researchers first observed exploitation activity against CVE-2024-47575 on June 27, with more than 50 FortiManager devices compromised since. Continue Reading
By- Rob Wright, Senior News Director
-
News
22 Oct 2024
Thoma Bravo-owned Sophos to acquire Secureworks for $859M
Sophos said it plans to integrate Secureworks' products into a broader portfolio that serves both large enterprises and small and medium-sized businesses. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
22 Oct 2024
How to detect DDoS attacks
DDoS attacks are on the rise -- again. While they usually strike without warning, there are some red flags to be aware of. Rapid detection is key to surviving such an attack. Continue Reading
By -
News
21 Oct 2024
Cisco confirms attackers stole data from DevHub environment
While Cisco said its systems were not breached, the vendor did confirm that attackers stole sensitive information from the public-facing portal. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
18 Oct 2024
How to prevent DDoS attacks
Organizations have many methods they can use to prevent DDoS attacks, including increasing bandwidth and server scalability, rate limiting and using a web application firewall. Continue Reading
By- Ravi Das, ML Tech Inc.
-
News
17 Oct 2024
DOJ charges alleged Anonymous Sudan ringleaders
Two Sudanese brothers are accused of leading the cybercriminal group that caused significant damage to healthcare organizations as well as other high-profile victims. Continue Reading
By- Arielle Waldman, News Writer
-
News
16 Oct 2024
Microsoft sees drop in ransomware reaching encryption phase
In its Digital Defense Report 2024, Microsoft observed a significant increase in the number of human-operated ransomware attacks, which often originated from unmanaged devices. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
11 Oct 2024
What is the Mitre ATT&CK framework?
The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies. Continue Reading
By- Paul Kirvan
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
-
News
10 Oct 2024
Coalition: Ransomware severity up 68% in first half of 2024
The cyber insurance carrier examined claims trends for the first half of 2024, which showed policyholders experienced disruptive and increasingly costly ransomware attacks. Continue Reading
By- Arielle Waldman, News Writer
-
Tutorial
04 Oct 2024
How to conduct firewall testing and analyze test results
A misconfigured firewall can wreak havoc throughout your organization. Firewall testing to ensure rules are written correctly and that any changes are validated is critical. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Feature
03 Oct 2024
'Defunct' DOJ ransomware task force raises questions, concerns
A report from the Office of the Inspector General reviewed the U.S. Department of Justice's efforts against ransomware and found its task force was largely ineffective. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
02 Oct 2024
What is Android System WebView and should you uninstall it?
Android System WebView is a system component for the Android operating system (OS) that enables Android apps to display web content directly inside an application. Continue Reading
By- Gavin Wright
- Ben Lutkevich, Site Editor
- Madelyn Bacon, TechTarget
-
Podcast
30 Sep 2024
Risk & Repeat: Inside the Microsoft SFI progress report
The first Secure Future Initiative progress report highlighted improvements to Microsoft's security posture. But the company still faces major SecOps challenges. Continue Reading
By- Rob Wright, Senior News Director
-
Definition
30 Sep 2024
What is WPA3 (Wi-Fi Protected Access 3)?
WPA3, also known as Wi-Fi Protected Access 3, is the third iteration of a security certification standard developed by the Wi-Fi Alliance. WPA3 is the latest updated implementation of WPA2, which has been in use since 2004. Continue Reading
By- Gavin Wright
- Alexander S. Gillis, Technical Writer and Editor
-
Definition
27 Sep 2024
What is access control?
Access control is a security technique that regulates who or what can view or use resources in a computing environment. Continue Reading
By- Gavin Wright
- Ben Lutkevich, Site Editor
-
News
27 Sep 2024
CUPS vulnerabilities could put Linux systems at risk
Security researcher Simone Margaritelli discovered vulnerabilities in the Common UNIX Printing System that attackers could exploit during print jobs against Linux systems. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
26 Sep 2024
What is ICMP (Internet Control Message Protocol)?
ICMP (Internet Control Message Protocol) is a network layer error-reporting protocol that's used to communicate data transmission problems. Continue Reading
By- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
-
News
26 Sep 2024
Ransomware Task Force finds 73% attack increase in 2023
The Institute for Security and Technology's Ransomware Task Force says a shift to big game hunting tactics led to a significant rise in attacks last year. Continue Reading
By- Arielle Waldman, News Writer
-
News
24 Sep 2024
Arkansas City water treatment facility hit by cyberattack
While disruptions are limited, the attack on the water treatment facility highlights how the critical infrastructure sector remains a popular target for threat actors. Continue Reading
By- Arielle Waldman, News Writer
-
Tutorial
24 Sep 2024
How to use tcpreplay to replay network packet files
The suite of tools that comprise tcpreplay offers administrators a variety of network security options. Learn some of the benefits of this free utility. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Tip
19 Sep 2024
DNS security best practices to implement now
DNS is a key component in any enterprise network. Auditing DNS servers and encrypting DNS traffic are just two of the steps to take to protect your organization's DNS deployment. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Podcast
19 Sep 2024
SecOps' new frontier in the remote work era: HR
A CISO shares the story of how his SOC staff caught and contained a North Korean agent posing as a software engineer, saying he hopes to raise awareness of a growing threat. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
19 Sep 2024
FBI disrupts another Chinese state-sponsored botnet
The FBI said the massive botnet, which included 260,000 connected devices, was developed and operated by a publicly traded Chinese company named Integrity Technology Group. Continue Reading
By- Rob Wright, Senior News Director
-
News
18 Sep 2024
Orca: AI services, models falling short on security
New research from Orca Security shows that AI services and models in cloud contain a number of risks and security shortcomings that could be exploited by threat actors. Continue Reading
By- Arielle Waldman, News Writer
-
News
13 Sep 2024
Fortinet confirms data breach, extortion demand
Fortinet confirmed that a threat actor stole data from a third-party cloud-based shared file drive, which affected a small number of customers, but many questions remain. Continue Reading
By- Arielle Waldman, News Writer
-
Answer
11 Sep 2024
HTTP vs. HTTPS: What's the difference?
HTTP and HTTPS are web communication protocols. HTTP lacks security, while HTTPS encrypts data to adhere to the security standards of confidentiality, integrity and authenticity. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
News
09 Sep 2024
Akira ransomware gang targeting SonicWall VPN accounts
Arctic Wolf recently observed the Akira ransomware gang compromising SonicWall SSL VPN accounts, which could be connected to a critical vulnerability in SonicOS. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
06 Sep 2024
What is network detection and response (NDR)?
Network detection and response (NDR) technology continuously scrutinizes network traffic to identify suspicious activity and potentially disrupt an attack. Continue Reading
-
News
06 Sep 2024
Ransomware rocked healthcare, public services in August
Ransomware remained a highly disruptive threat last month, as notable attacks claimed victims in healthcare, technology, manufacturing and the public sector. Continue Reading
By- Arielle Waldman, News Writer
-
News
04 Sep 2024
White House unveils plan to improve BGP security
The Office of the National Cyber Director has published a roadmap for internet routing security that outlines recommendations for mitigating BGP hijacking and other threats. Continue Reading
By- Rob Wright, Senior News Director
-
News
03 Sep 2024
FBI: North Korean hackers targeting cryptocurrency employees
North Korean state-sponsored threat actors have been conducting successful social engineering campaigns against cryptocurrency employees over the last several months. Continue Reading
By- Arielle Waldman, News Writer
-
News
29 Aug 2024
Russia's APT29 using spyware exploits in new campaigns
A new report from Google TAG suggests that Russia's APT29 is using vulnerability exploits first developed from spyware vendors to target Mongolian government websites. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
22 Aug 2024
GuidePoint talks ransomware negotiations, payment bans
GuidePoint Security's Mark Lance discusses the current ransomware landscape and the steps that go into negotiating potential payments with cybercriminal gangs. Continue Reading
By- Arielle Waldman, News Writer
-
News
21 Aug 2024
Microchip Technology discloses cyberattack, business delays
The microprocessor manufacturer says it detected malicious activity in its network over the weekend, which disrupted business operations and impaired its ability to fulfill orders. Continue Reading
By- Arielle Waldman, News Writer
-
Video
21 Aug 2024
An explanation of cybersecurity
Cybersecurity protects internet-connected systems from attacks, covering hardware, software and data. Continue Reading
By- Tommy Everson, Assistant Editor
-
Definition
16 Aug 2024
What is an endpoint protection platform (EPP)?
An endpoint protection platform (EPP) is a security technology that safeguards endpoint devices. Continue Reading
-
Feature
15 Aug 2024
The 5 different types of firewalls explained
The firewall remains a core fixture in network security. But, with five types of firewalls, three firewall deployment models and multiple placement options, things can get confusing. Continue Reading
By- Amy Larsen DeCarlo, GlobalData
-
Tip
15 Aug 2024
How to select an MDR security service
With the threat landscape as challenging as it is, organizations are looking for reinforcements. One option is to bolster detection and response via third-party MDR services. Continue Reading
-
News
07 Aug 2024
Akamai warns enterprises that VPN attacks will only increase
During Black Hat USA 2024, Akamai's Ori David revealed new VPN post-exploitation techniques that open the attack vector to threat actors of all skill levels. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
07 Aug 2024
12 types of endpoint security
With the rise of remote work, mobile devices and IoT, the traditional security perimeter extends beyond corporate networks, making endpoint security crucial for organizations. Continue Reading
-
Tutorial
07 Aug 2024
Examine a captured packet using Wireshark
Wireshark is a useful tool for capturing network traffic data. Network pros can make the most of the tool by analyzing captured packets to see what that data means for troubleshooting. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Definition
02 Aug 2024
What is endpoint security? How does it work?
Endpoint security is the protection of endpoint devices against cybersecurity threats. Continue Reading
-
News
01 Aug 2024
InfoSec community sounds off on CrowdStrike outage, next steps
Security experts offered their thoughts on the recent IT outage, praising CrowdStrike's response time but saying the outage highlights issues in the software updating process. Continue Reading
By- Arielle Waldman, News Writer
- Alexander Culafi, Senior News Writer
-
News
30 Jul 2024
Microsoft: Ransomware gangs exploiting VMware ESXi flaw
VMware ESXi has proven to be a popular target for ransomware threat actors and a challenge for enterprises to patch. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
29 Jul 2024
How the Change Healthcare attack may affect cyber insurance
UnitedHealth's Change Healthcare attack continued to show the devastating aftermath of supply chain attacks. Experts say it could change contingent language for future policies. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
29 Jul 2024
What is SSH (Secure Shell) and How Does It Work?
SSH (Secure Shell or Secure Socket Shell) is a network protocol that gives users -- particularly systems administrators -- a secure way to access a computer over an unsecured network. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
- Peter Loshin, Former Senior Technology Editor
- Michael Cobb
-
Tutorial
25 Jul 2024
How to use PuTTY for SSH key-based authentication
This tutorial on the open source PuTTY SSH client covers how to install it, its basic use and step-by-step instructions for configuring key-based authentication. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
News
24 Jul 2024
KnowBe4 catches North Korean hacker posing as IT employee
KnowBe4 says it hired a new principal security engineer for its internal AI team, but quickly detected suspicious activity originating from the employee's workstation. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
24 Jul 2024
What is ERP security and why is it critical?
An ERP system is vulnerable whether it's on premises or in the cloud, and supply chain attacks continue to increase. Learn why it's important to secure your company's ERP software. Continue Reading
By- Kevin Beaver, Principle Logic, LLC
-
Tutorial
23 Jul 2024
Intro: How to use BlackArch Linux for pen testing
BlackArch Linux offers a lot of pen testing and security benefits, but it requires knowledgeable and independent professionals who can put the distribution to work. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Video
23 Jul 2024
WPA2 vs. WPA3
Wireless security has evolved from WEP to WPA protocols and play a pivotal role in safeguarding against cyberattacks. Continue Reading
By- Sabrina Polin, Managing Editor
-
News
23 Jul 2024
Dragos: New ICS malware FrostyGoop abuses Modbus
Dragos published research Tuesday unveiling an industrial control systems-focused malware it dubbed FrostyGoop that targets Modbus to disrupt critical infrastructure. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
22 Jul 2024
Microsoft: Faulty CrowdStrike update affected 8.5M devices
Microsoft says less than 1% of all Windows machines were affected by a defective CrowdStrike Falcon update on Friday, but the disruption has been widespread. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
22 Jul 2024
Where to place a firewall in an enterprise network
Firewalls are a foundational element of a strong security posture, and their positioning affects both enterprise performance and cyberdefense. Continue Reading
By- Amy Larsen DeCarlo, GlobalData
-
Answer
19 Jul 2024
How to protect port 139 from SMB attacks
Keeping port 139 open is perfectly normal -- but only for good reason. Without the proper protections, it can present a major security risk. Continue Reading
By -
News
18 Jul 2024
Fin7 helps ransomware gangs with EDR bypass
SentinelOne found the Russia-based cybercriminal group is helping other threat actors, including ransomware gangs, to evade detection with a custom tool named AvNeutralizer. Continue Reading
By- Arielle Waldman, News Writer
-
News
11 Jul 2024
Ransomware gangs increasingly exploiting vulnerabilities
New research from Cisco Talos highlighted three of the most popular known vulnerabilities that were exploited by ransomware gangs for initial access during 2023 and 2024. Continue Reading
By- Arielle Waldman, News Writer
-
Answer
11 Jul 2024
CASB vs. SASE: What's the difference?
CASB and SASE enhance network and SaaS application security. CASB acts as a security layer for cloud services, while SASE integrates networking and security into one framework. Continue Reading
By- Evgeniy Kharam, EK Cyber and Media Consulting
- Dmitry Raidman, Cybeats & Security Architecture Podcast
-
Tip
11 Jul 2024
Understand the uses of blockchain in data centers
Blockchain is most famous for its cryptocurrency applications, but data centers can employ it for a variety of business-related reasons -- including increased security. Continue Reading
By -
News
09 Jul 2024
Governments issue warning on China's APT40 attacks
Government agencies say APT40 continues to pose significant risk to organizations across the globe by exploiting vulnerabilities in public-facing applications. Continue Reading
By- Arielle Waldman, News Writer
-
News
08 Jul 2024
Ransomware hits CDK Global, public sector targets in June
The prevalent threat continued to cause disruptions last month as city halls were forced to close and auto dealerships faced downstream effects after an attack against CDK Global. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
05 Jul 2024
What is a cyber attack? How they work and how to stop them
A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
- Mary K. Pratt
-
Feature
01 Jul 2024
Compare 5 single-vendor SASE providers
SASE has broad enterprise appeal because it combines security and connectivity. With so many vendor options available, enterprises might need help narrowing the search. Continue Reading
By- Amy Larsen DeCarlo, GlobalData
-
News
27 Jun 2024
Supply chain attacks conducted through Polyfill.io service
In February, a Chinese company named Funnell bought the Polyfill.io domain, which sparked concerns in the infosec community about potential supply chain threats. Continue Reading
By- Arielle Waldman, News Writer
-
Answer
26 Jun 2024
SPF, DKIM and DMARC: What are they and how do they work together?
Internet protocols for email authentication -- SPF, DKIM and DMARC -- coordinate defense against spammers, phishing and other spoofed email problems. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Definition
25 Jun 2024
What is security information and event management (SIEM)?
Security information and event management (SIEM) is an approach to security management that combines security information management (SIM) and security event management (SEM) functions into one security management system. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
- Linda Rosencrance
-
News
21 Jun 2024
Biden administration bans Kaspersky Lab products in US
The Biden administration announced a ban on Kaspersky Lab products inside the United States due to the antivirus vendor's ties with the Russian government. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
20 Jun 2024
SolarWinds Serv-U vulnerability under attack
The Centre for Cybersecurity Belgium observed exploitation against CVE-2024-28995, a high-severity vulnerability in SolarWind's Serv-U file transfer product. Continue Reading
By- Arielle Waldman, News Writer
-
News
20 Jun 2024
Phoenix SecureCore UEFI firmware bug affects Intel processors
Multiple Intel processors and hundreds of PC models are potentially vulnerable to a recently disclosed vulnerability in Phoenix SecureCore UEFI firmware. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
18 Jun 2024
EPAM denies link to Snowflake customer attacks
EPAM, a Belarusian software company, said an investigation found no evidence that it was connected to recent attacks against Snowflake customer databases. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
18 Jun 2024
DNS attack
A DNS attack is an exploit in which an attacker takes advantage of vulnerabilities in the domain name system. Continue Reading
By -
Feature
17 Jun 2024
CASB vs. CSPM vs. CWPP: Comparing cloud security tool types
Let's break down some cloud security alphabet soup. CASB, CSPM and CWPP overlap to an extent, but you'll want to pay close attention to how they accomplish different things. Continue Reading
By- Amy Larsen DeCarlo, GlobalData
-
Definition
13 Jun 2024
Transmission Control Protocol (TCP)
Transmission Control Protocol (TCP) is a standard protocol on the internet that ensures the reliable transmission of data between devices on a network. Continue Reading
By- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
-
Definition
13 Jun 2024
secure access service edge (SASE)
Secure access service edge (SASE), pronounced sassy, is a cloud architecture model that bundles together network and cloud-native security technologies and delivers them as a single cloud service. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
- Kinza Yasar, Technical Writer
-
News
12 Jun 2024
Black Basta might have exploited Microsoft flaw as zero-day
While investigating a ransomware attack, Symantec found evidence that suggests Black Basta threat actors exploited a Microsoft vulnerability as a zero-day. Continue Reading
By- Arielle Waldman, News Writer
-
Answer
12 Jun 2024
Zero trust vs. defense in depth: What are the differences?
Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks complement each other. Continue Reading
By- Andrew Froehlich, West Gate Networks