Network security

Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.

Top Stories

Answer 13 May 2025
How can an enterprise mobile VPN fit into a mobility plan?

Organizations that need to secure mobile users and provide remote access to corporate resources should consider an on-premises or cloud-hosted mobile VPN. Continue Reading
By
- Brien Posey
- Robert Sheldon
Opinion 07 May 2025
Key network security takeaways from RSAC 2025

Themes on display at the conference reflected the cybersecurity industry's effort to streamline security operations, while adapting to emerging technologies and threats. Continue Reading
By
- John Grady, Principal Analyst

Feature 03 Oct 2024
'Defunct' DOJ ransomware task force raises questions, concerns

A report from the Office of the Inspector General reviewed the U.S. Department of Justice's efforts against ransomware and found its task force was largely ineffective. Continue Reading
By
- Arielle Waldman, News Writer
Definition 02 Oct 2024
What is Android System WebView and should you uninstall it?

Android System WebView is a system component for the Android operating system (OS) that enables Android apps to display web content directly inside an application. Continue Reading
By
- Gavin Wright
- Ben Lutkevich, Site Editor
- Madelyn Bacon, TechTarget
Podcast 30 Sep 2024
Risk & Repeat: Inside the Microsoft SFI progress report

The first Secure Future Initiative progress report highlighted improvements to Microsoft's security posture. But the company still faces major SecOps challenges. Continue Reading
By
- Rob Wright, Senior News Director
Definition 30 Sep 2024
What is WPA3 (Wi-Fi Protected Access 3)?

WPA3, also known as Wi-Fi Protected Access 3, is the third iteration of a security certification standard developed by the Wi-Fi Alliance. WPA3 is the latest updated implementation of WPA2, which has been in use since 2004. Continue Reading
By
- Gavin Wright
- Alexander S. Gillis, Technical Writer and Editor
Definition 27 Sep 2024
What is access control?

Access control is a security technique that regulates who or what can view or use resources in a computing environment. Continue Reading
By
- Gavin Wright
- Ben Lutkevich, Site Editor
News 27 Sep 2024
CUPS vulnerabilities could put Linux systems at risk

Security researcher Simone Margaritelli discovered vulnerabilities in the Common UNIX Printing System that attackers could exploit during print jobs against Linux systems. Continue Reading
By
- Arielle Waldman, News Writer
Definition 26 Sep 2024
What is ICMP (Internet Control Message Protocol)?

ICMP (Internet Control Message Protocol) is a network layer error-reporting protocol that's used to communicate data transmission problems. Continue Reading
By
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
News 26 Sep 2024
Ransomware Task Force finds 73% attack increase in 2023

The Institute for Security and Technology's Ransomware Task Force says a shift to big game hunting tactics led to a significant rise in attacks last year. Continue Reading
By
- Arielle Waldman, News Writer
News 24 Sep 2024
Arkansas City water treatment facility hit by cyberattack

While disruptions are limited, the attack on the water treatment facility highlights how the critical infrastructure sector remains a popular target for threat actors. Continue Reading
By
- Arielle Waldman, News Writer
Tutorial 24 Sep 2024
How to use tcpreplay to replay network packet files

The suite of tools that comprise tcpreplay offers administrators a variety of network security options. Learn some of the benefits of this free utility. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Tip 19 Sep 2024
DNS security best practices to implement now

DNS is a key component in any enterprise network. Auditing DNS servers and encrypting DNS traffic are just two of the steps to take to protect your organization's DNS deployment. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Podcast 19 Sep 2024
SecOps' new frontier in the remote work era: HR

A CISO shares the story of how his SOC staff caught and contained a North Korean agent posing as a software engineer, saying he hopes to raise awareness of a growing threat. Continue Reading
By
- Beth Pariseau, Senior News Writer
News 19 Sep 2024
FBI disrupts another Chinese state-sponsored botnet

The FBI said the massive botnet, which included 260,000 connected devices, was developed and operated by a publicly traded Chinese company named Integrity Technology Group. Continue Reading
By
- Rob Wright, Senior News Director
News 18 Sep 2024
Orca: AI services, models falling short on security

New research from Orca Security shows that AI services and models in cloud contain a number of risks and security shortcomings that could be exploited by threat actors. Continue Reading
By
- Arielle Waldman, News Writer
News 13 Sep 2024
Fortinet confirms data breach, extortion demand

Fortinet confirmed that a threat actor stole data from a third-party cloud-based shared file drive, which affected a small number of customers, but many questions remain. Continue Reading
By
- Arielle Waldman, News Writer
Answer 11 Sep 2024
HTTP vs. HTTPS: What's the difference?

HTTP and HTTPS are web communication protocols. HTTP lacks security, while HTTPS encrypts data to adhere to the security standards of confidentiality, integrity and authenticity. Continue Reading
By
- Damon Garn, Cogspinner Coaction
News 09 Sep 2024
Akira ransomware gang targeting SonicWall VPN accounts

Arctic Wolf recently observed the Akira ransomware gang compromising SonicWall SSL VPN accounts, which could be connected to a critical vulnerability in SonicOS. Continue Reading
By
- Arielle Waldman, News Writer
Definition 06 Sep 2024
What is network detection and response (NDR)?

Network detection and response (NDR) technology continuously scrutinizes network traffic to identify suspicious activity and potentially disrupt an attack. Continue Reading
By
- Michael Levan
News 06 Sep 2024
Ransomware rocked healthcare, public services in August

Ransomware remained a highly disruptive threat last month, as notable attacks claimed victims in healthcare, technology, manufacturing and the public sector. Continue Reading
By
- Arielle Waldman, News Writer
News 04 Sep 2024
White House unveils plan to improve BGP security

The Office of the National Cyber Director has published a roadmap for internet routing security that outlines recommendations for mitigating BGP hijacking and other threats. Continue Reading
By
- Rob Wright, Senior News Director
News 03 Sep 2024
FBI: North Korean hackers targeting cryptocurrency employees

North Korean state-sponsored threat actors have been conducting successful social engineering campaigns against cryptocurrency employees over the last several months. Continue Reading
By
- Arielle Waldman, News Writer
News 29 Aug 2024
Russia's APT29 using spyware exploits in new campaigns

A new report from Google TAG suggests that Russia's APT29 is using vulnerability exploits first developed from spyware vendors to target Mongolian government websites. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 22 Aug 2024
GuidePoint talks ransomware negotiations, payment bans

GuidePoint Security's Mark Lance discusses the current ransomware landscape and the steps that go into negotiating potential payments with cybercriminal gangs. Continue Reading
By
- Arielle Waldman, News Writer
News 21 Aug 2024
Microchip Technology discloses cyberattack, business delays

The microprocessor manufacturer says it detected malicious activity in its network over the weekend, which disrupted business operations and impaired its ability to fulfill orders. Continue Reading
By
- Arielle Waldman, News Writer
Video 21 Aug 2024
An explanation of cybersecurity

Cybersecurity protects internet-connected systems from attacks, covering hardware, software and data. Continue Reading
By
- Tommy Everson, Assistant Editor
Definition 16 Aug 2024
What is an endpoint protection platform (EPP)?

An endpoint protection platform (EPP) is a security technology that safeguards endpoint devices. Continue Reading
By
- Sean Michael Kerner
Feature 15 Aug 2024
The 5 different types of firewalls explained

The firewall remains a core fixture in network security. But, with five types of firewalls, three firewall deployment models and multiple placement options, things can get confusing. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Tip 15 Aug 2024
How to select an MDR security service

With the threat landscape as challenging as it is, organizations are looking for reinforcements. One option is to bolster detection and response via third-party MDR services. Continue Reading
By
- Sean Michael Kerner
News 07 Aug 2024
Akamai warns enterprises that VPN attacks will only increase

During Black Hat USA 2024, Akamai's Ori David revealed new VPN post-exploitation techniques that open the attack vector to threat actors of all skill levels. Continue Reading
By
- Arielle Waldman, News Writer
Tip 07 Aug 2024
12 types of endpoint security

With the rise of remote work, mobile devices and IoT, the traditional security perimeter extends beyond corporate networks, making endpoint security crucial for organizations. Continue Reading
By
- Sean Michael Kerner
Tutorial 07 Aug 2024
Examine a captured packet using Wireshark

Wireshark is a useful tool for capturing network traffic data. Network pros can make the most of the tool by analyzing captured packets to see what that data means for troubleshooting. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Definition 02 Aug 2024
What is endpoint security? How does it work?

Endpoint security is the protection of endpoint devices against cybersecurity threats. Continue Reading
By
- Sean Michael Kerner
News 01 Aug 2024
InfoSec community sounds off on CrowdStrike outage, next steps

Security experts offered their thoughts on the recent IT outage, praising CrowdStrike's response time but saying the outage highlights issues in the software updating process. Continue Reading
By
- Arielle Waldman, News Writer
- Alexander Culafi, Senior News Writer
News 30 Jul 2024
Microsoft: Ransomware gangs exploiting VMware ESXi flaw

VMware ESXi has proven to be a popular target for ransomware threat actors and a challenge for enterprises to patch. Continue Reading
By
- Arielle Waldman, News Writer
Feature 29 Jul 2024
How the Change Healthcare attack may affect cyber insurance

UnitedHealth's Change Healthcare attack continued to show the devastating aftermath of supply chain attacks. Experts say it could change contingent language for future policies. Continue Reading
By
- Arielle Waldman, News Writer
Definition 29 Jul 2024
What is SSH (Secure Shell) and How Does It Work?

SSH (Secure Shell or Secure Socket Shell) is a network protocol that gives users -- particularly systems administrators -- a secure way to access a computer over an unsecured network. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Peter Loshin, Former Senior Technology Editor
- Michael Cobb
Tutorial 25 Jul 2024
How to use PuTTY for SSH key-based authentication

This tutorial on the open source PuTTY SSH client covers how to install it, its basic use and step-by-step instructions for configuring key-based authentication. Continue Reading
By
- Damon Garn, Cogspinner Coaction
News 24 Jul 2024
KnowBe4 catches North Korean hacker posing as IT employee

KnowBe4 says it hired a new principal security engineer for its internal AI team, but quickly detected suspicious activity originating from the employee's workstation. Continue Reading
By
- Arielle Waldman, News Writer
Tip 24 Jul 2024
What is ERP security and why is it critical?

An ERP system is vulnerable whether it's on premises or in the cloud, and supply chain attacks continue to increase. Learn why it's important to secure your company's ERP software. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
Tutorial 23 Jul 2024
Intro: How to use BlackArch Linux for pen testing

BlackArch Linux offers a lot of pen testing and security benefits, but it requires knowledgeable and independent professionals who can put the distribution to work. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Video 23 Jul 2024
WPA2 vs. WPA3

Wireless security has evolved from WEP to WPA protocols and play a pivotal role in safeguarding against cyberattacks. Continue Reading
By
- Sabrina Polin, Managing Editor
News 23 Jul 2024
Dragos: New ICS malware FrostyGoop abuses Modbus

Dragos published research Tuesday unveiling an industrial control systems-focused malware it dubbed FrostyGoop that targets Modbus to disrupt critical infrastructure. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 22 Jul 2024
Microsoft: Faulty CrowdStrike update affected 8.5M devices

Microsoft says less than 1% of all Windows machines were affected by a defective CrowdStrike Falcon update on Friday, but the disruption has been widespread. Continue Reading
By
- Arielle Waldman, News Writer
Tip 22 Jul 2024
Where to place a firewall in an enterprise network

Firewalls are a foundational element of a strong security posture, and their positioning affects both enterprise performance and cyberdefense. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Answer 19 Jul 2024
How to protect port 139 from SMB attacks

Keeping port 139 open is perfectly normal -- but only for good reason. Without the proper protections, it can present a major security risk. Continue Reading
By
- Michael Cobb
News 18 Jul 2024
Fin7 helps ransomware gangs with EDR bypass

SentinelOne found the Russia-based cybercriminal group is helping other threat actors, including ransomware gangs, to evade detection with a custom tool named AvNeutralizer. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Jul 2024
Ransomware gangs increasingly exploiting vulnerabilities

New research from Cisco Talos highlighted three of the most popular known vulnerabilities that were exploited by ransomware gangs for initial access during 2023 and 2024. Continue Reading
By
- Arielle Waldman, News Writer
Answer 11 Jul 2024
CASB vs. SASE: What's the difference?

CASB and SASE enhance network and SaaS application security. CASB acts as a security layer for cloud services, while SASE integrates networking and security into one framework. Continue Reading
By
- Evgeniy Kharam, EK Cyber and Media Consulting
- Dmitry Raidman, Cybeats & Security Architecture Podcast
Tip 11 Jul 2024
Understand the uses of blockchain in data centers

Blockchain is most famous for its cryptocurrency applications, but data centers can employ it for a variety of business-related reasons -- including increased security. Continue Reading
By
- Jacob Roundy
News 09 Jul 2024
Governments issue warning on China's APT40 attacks

Government agencies say APT40 continues to pose significant risk to organizations across the globe by exploiting vulnerabilities in public-facing applications. Continue Reading
By
- Arielle Waldman, News Writer
News 08 Jul 2024
Ransomware hits CDK Global, public sector targets in June

The prevalent threat continued to cause disruptions last month as city halls were forced to close and auto dealerships faced downstream effects after an attack against CDK Global. Continue Reading
By
- Arielle Waldman, News Writer
Definition 05 Jul 2024
What is a cyber attack? How they work and how to stop them

A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Mary K. Pratt
Feature 01 Jul 2024
Compare 5 single-vendor SASE providers

SASE has broad enterprise appeal because it combines security and connectivity. With so many vendor options available, enterprises might need help narrowing the search. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
News 27 Jun 2024
Supply chain attacks conducted through Polyfill.io service

In February, a Chinese company named Funnell bought the Polyfill.io domain, which sparked concerns in the infosec community about potential supply chain threats. Continue Reading
By
- Arielle Waldman, News Writer
Answer 26 Jun 2024
SPF, DKIM and DMARC: What are they and how do they work together?

Internet protocols for email authentication -- SPF, DKIM and DMARC -- coordinate defense against spammers, phishing and other spoofed email problems. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Definition 25 Jun 2024
What is SIEM (Security Information and Event Management)?

Security information and event management (SIEM) is an approach to security management that combines security information management (SIM) and security event management (SEM) functions into one security management system. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Linda Rosencrance
News 21 Jun 2024
Biden administration bans Kaspersky Lab products in US

The Biden administration announced a ban on Kaspersky Lab products inside the United States due to the antivirus vendor's ties with the Russian government. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Jun 2024
SolarWinds Serv-U vulnerability under attack

The Centre for Cybersecurity Belgium observed exploitation against CVE-2024-28995, a high-severity vulnerability in SolarWind's Serv-U file transfer product. Continue Reading
By
- Arielle Waldman, News Writer
News 20 Jun 2024
Phoenix SecureCore UEFI firmware bug affects Intel processors

Multiple Intel processors and hundreds of PC models are potentially vulnerable to a recently disclosed vulnerability in Phoenix SecureCore UEFI firmware. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 18 Jun 2024
EPAM denies link to Snowflake customer attacks

EPAM, a Belarusian software company, said an investigation found no evidence that it was connected to recent attacks against Snowflake customer databases. Continue Reading
By
- Arielle Waldman, News Writer
Definition 18 Jun 2024
DNS attack

A DNS attack is an exploit in which an attacker takes advantage of vulnerabilities in the domain name system. Continue Reading
By
- Rahul Awati
Feature 17 Jun 2024
CASB vs. CSPM vs. CWPP: Comparing cloud security tool types

Let's break down some cloud security alphabet soup. CASB, CSPM and CWPP overlap to an extent, but you'll want to pay close attention to how they accomplish different things. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Definition 13 Jun 2024
secure access service edge (SASE)

Secure access service edge (SASE), pronounced sassy, is a cloud architecture model that bundles together network and cloud-native security technologies and delivers them as a single cloud service. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Kinza Yasar, Technical Writer
Definition 13 Jun 2024
Transmission Control Protocol (TCP)

Transmission Control Protocol (TCP) is a standard protocol on the internet that ensures the reliable transmission of data between devices on a network. Continue Reading
By
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
News 12 Jun 2024
Black Basta might have exploited Microsoft flaw as zero-day

While investigating a ransomware attack, Symantec found evidence that suggests Black Basta threat actors exploited a Microsoft vulnerability as a zero-day. Continue Reading
By
- Arielle Waldman, News Writer
Answer 12 Jun 2024
Zero trust vs. defense in depth: What are the differences?

Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks complement each other. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Tip 11 Jun 2024
SASE vs. SSE: Explaining the differences

Most security professionals are familiar with secure access service edge, but now, there's a new tool for administrators to consider: security service edge. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 10 Jun 2024
Why it's SASE and zero trust, not SASE vs. zero trust

When it comes to adopting SASE or zero trust, it's not a question of either/or, but using SASE to establish and enable zero-trust network access. Continue Reading
By
- Dave Shackleford, Voodoo Security
- Mike Chapple, University of Notre Dame
Guest Post 07 Jun 2024
SASE operational pain points and how to fix them

SASE offers companies a compelling security strategy, but it takes time to ensure network teams have the visibility and management oversight they need. Continue Reading
By
- Shamus McGillicuddy, Enterprise Management Associates
Definition 07 Jun 2024
proof of concept (PoC) exploit

A proof of concept (PoC) exploit is a nonharmful attack against a computer or network. PoC exploits are not meant to cause harm, but to show security weaknesses within software. Continue Reading
By
- Kinza Yasar, Technical Writer
News 06 Jun 2024
Critical Progress Telerik vulnerability under attack

Threat actors are targeting vulnerable Progress Telerik Report Server systems just days after a proof of concept was published detailing a vulnerability exploit chain. Continue Reading
By
- Arielle Waldman, News Writer
News 06 Jun 2024
Ransomware ravaged schools and cities in May

The public sector took the brunt of ransomware in May, while another damaging attack against a healthcare company disrupted patient access to pharmacy services. Continue Reading
By
- Arielle Waldman, News Writer
News 03 Jun 2024
Mandiant: Ransomware investigations up 20% in 2023

The cybersecurity company observed a sharp rise in activity on data leak sites in 2023 as well as an increase in ransomware actors using legitimate commercial tools during attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 30 May 2024
Law enforcement conducts 'largest ever' botnet takedown

An international law enforcement effort called 'Operation Endgame' disrupted several infamous malware loaders and botnets used by ransomware gangs and other cybercriminals. Continue Reading
By
- Arielle Waldman, News Writer
Answer 30 May 2024
Top 6 benefits of zero-trust security for businesses

The zero-trust security model demands infosec leaders take a holistic approach to IT infrastructure security. Learn about the top six business benefits of zero trust here. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 29 May 2024
Check Point discovers vulnerability tied to VPN attacks

While Check Point identified CVE-2024-24919 as the root cause behind recent attack attempts on its VPN products, it's unclear if threat actors gained access to customer networks. Continue Reading
By
- Alexander Culafi, Senior News Writer
- Rob Wright, Senior News Director
News 28 May 2024
Check Point warns of threat actors targeting VPNs

Check Point said threat actors were targeting a small number of customers by attempting to compromise local VPN accounts that only utilized passwords for authentication. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 28 May 2024
How AI could bolster software supply chain security

Supply chain risks have become more complicated and continue to affect a variety of organizations, but Synopsys' Tim Mackey believes AI could help create more secure software. Continue Reading
By
- Arielle Waldman, News Writer
Definition 23 May 2024
wireless intrusion prevention system (WIPS)

A wireless intrusion prevention system (WIPS) is a dedicated security device or integrated software application that monitors a wireless local area network (WLAN) or Wi-Fi network's radio spectrum for rogue access points (APs) and other wireless threats. Continue Reading
By
- Rahul Awati
Definition 23 May 2024
virtual firewall

A virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment. Continue Reading
By
- Kinza Yasar, Technical Writer
- Linda Rosencrance
News 21 May 2024
Rapid7 warns of alarming zero-day vulnerability trends

The cybersecurity vendor tracked vulnerabilities that were used by threat actors in mass compromise events and found more than half were exploited as zero days. Continue Reading
By
- Arielle Waldman, News Writer
News 20 May 2024
CyberArk to acquire Venafi from Thoma Bravo for $1.5B

CyberArk said it intends to help enterprises with the growing number of machine identities, which the company said surpasses human identities by a ratio of 40 to 1. Continue Reading
By
- Arielle Waldman, News Writer
News 16 May 2024
What LockBitSupp charges mean for ransomware investigations

At RSA Conference 2024, Recorded Future's Allan Liska discussed evolving ransomware trends and how authorities recently exposed the LockBit ransomware group ringleader. Continue Reading
By
- Arielle Waldman, News Writer
News 16 May 2024
IBM sells QRadar SaaS assets to Palo Alto Networks

The deal with Palo Alto Networks comes one year after IBM announced QRadar Suite, an AI-enhanced security platform that combined existing SIEM and XDR products. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 May 2024
AI-driven attacks seen as chief cloud security threat

Tried and true cloud security threats are on the rise. But according to a new report from Palo Alto Networks, the specter of generative AI threats has organizations concerned. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 May 2024
SonicWall CEO talks transformation, security transparency

SonicWall's CEO said that following a string of serious vulnerabilities the company responded to in 2021, product development and quality assurance operations were overhauled. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 10 May 2024
Pegasus malware

Pegasus malware is spyware that can hack any iOS or Android device and steal a variety of data from the infected device, including text messages, emails, key logs, audio and information from installed applications, such as Facebook or Instagram. Continue Reading
By
- Andrew Zola
- Linda Rosencrance
Feature 09 May 2024
Build a resilient network: What I learned from 5 thought leaders

At the 2024 'Strategies for a Resilient Network' summit, five thought leaders shared best practices to help you achieve optimal network resiliency. Learn more. Continue Reading
By
- Natasha Carter, Director of Partnerships and Event Content
News 08 May 2024
National Security Agency warns against paying ransoms

Rob Joyce and David Luber, former and current directors of cybersecurity at the NSA, discuss how the ransomware attack on Change Healthcare exemplified the cons of paying ransoms. Continue Reading
By
- Arielle Waldman, News Writer
News 08 May 2024
White House: Threats to critical infrastructure are 'severe'

While the White House released the new National Cybersecurity Strategy last year to help combat threats to critical infrastructure organizations, attacks have continued. Continue Reading
By
- Arielle Waldman, News Writer
News 07 May 2024
SentinelOne: Ransomware actors are adapting to EDR

At RSA Conference 2024, SentinelOne's Alex Stamos discussed ongoing global threats such as ransomware and how threat actors are changing their techniques. Continue Reading
By
- Arielle Waldman, News Writer
News 07 May 2024
U.S. agencies continue to observe Volt Typhoon intrusions

A panel of experts at RSA Conference 2024 discussed Volt Typhoon and warned the Chinese nation-state threat group is still targeting and compromising U.S. organizations. Continue Reading
By
- Arielle Waldman, News Writer
Definition 06 May 2024
social engineering penetration testing

Social engineering penetration testing is the practice of deliberately conducting typical social engineering scams on employees to ascertain the organization's level of vulnerability to this type of exploit. Continue Reading
By
- Rahul Awati
News 06 May 2024
Cisco details Splunk security integrations, AI developments

Just two months after Cisco completed its $28 billion acquisition of analytics giant Splunk, the company added XDR capabilities into Splunk Enterprise Security. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 01 May 2024
U.S. warns of pro-Russian hacktivist attacks against OT systems

CISA calls on OT device manufacturers to implement more effective security protocols as attacks against critical infrastructure organizations continue. Continue Reading
By
- Arielle Waldman, News Writer
Definition 01 May 2024
remote access

Remote access is the ability for an authorized person to access a computer or network from a geographical distance through a network connection. Continue Reading
By
- Paul Kirvan
- TechTarget Contributor
News 30 Apr 2024
Change Healthcare breached via Citrix portal with no MFA

UnitedHealth Group CEO Andrew Witty's opening statement for Wednesday's congressional hearing shed more light on the ransomware attack against Change Healthcare. Continue Reading
By
- Arielle Waldman, News Writer
Tip 30 Apr 2024
How SASE convergence affects organizational silos

Most enterprises have siloed departments, but SASE's convergence of network and security functions is disrupting those constructs and driving the need for more team communication. Continue Reading
By
- John Cavanaugh, BlueAlly
Definition 25 Apr 2024
disaster recovery (DR)

Disaster recovery (DR) is an organization's ability to respond to and recover from an event that negatively affects business operations. Continue Reading
By
- Kinza Yasar, Technical Writer
- Erin Sullivan, Senior Site Editor
- Paul Crocetti, Executive Editor
News 25 Apr 2024
Dymium scares ransomware attacks with honeypot specters

Dymium, a security startup that recently emerged from stealth, offers ransomware defense for data stores with a network of honeypot traps for spoofing attackers. Continue Reading
By
- Tim McCarthy, News Writer