Network security

Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.

Top Stories

Tip 18 Oct 2024
How to prevent DDoS attacks

Organizations have many methods they can use to prevent DDoS attacks, including increasing bandwidth and server scalability, rate limiting and using a web application firewall. Continue Reading
By
- Ravi Das, ML Tech Inc.
News 17 Oct 2024
DOJ charges alleged Anonymous Sudan ringleaders

Two Sudanese brothers are accused of leading the cybercriminal group that caused significant damage to healthcare organizations as well as other high-profile victims. Continue Reading
By
- Arielle Waldman, News Writer

Definition 04 Oct 2023
What is ransomware? How it works and how to remove it

Ransomware is a type of malware that locks and encrypts a victim's data, files, devices or systems, rendering them inaccessible and unusable until the attacker receives a ransom payment. Continue Reading
By
- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
News 03 Oct 2023
Ransomware disrupts hospitality, healthcare in September

Ransomware disclosures and reports last month were headlined by attacks on MGM Resorts and Caesars Entertainment, which proved costly to the Las Vegas hospitality giants. Continue Reading
By
- Arielle Waldman, News Writer
Definition 03 Oct 2023
security posture

Security posture refers to an organization's overall cybersecurity strength and how well it can predict, prevent and respond to ever-changing cyberthreats. Continue Reading
By
- Cameron Hashemi-Pour, Site Editor
- Linda Rosencrance
Definition 02 Oct 2023
ISO 31000 Risk Management

The ISO 31000 Risk Management framework is an international standard that provides organizations with guidelines and principles for risk management. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Brien Posey
Opinion 02 Oct 2023
Transitioning to single-vendor SASE will take time

New Enterprise Strategy Group research reveals enterprises are interested in single-vendor SASE -- but with multiple tools on hand, the transition will take planning and time. Continue Reading
By
- John Grady, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 29 Sep 2023
How to use Wireshark to sniff and scan network traffic

Wireshark continues to be a critical tool for security practitioners. Learning how to use it to scan network traffic should be on every security pro's to-do list. Continue Reading
By
- Ed Moyle, Drake Software
News 28 Sep 2023
US, Japan warn China-linked 'BlackTech' targeting routers

CISA said BlackTech has targeted Cisco and other router makers by using a variety of tools and techniques to modify and even replace devices' firmware. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 28 Sep 2023
Cisco patches zero-day vulnerability under attack

Cisco said its Advanced Security Initiatives Group discovered the zero-day flaw while investigating attempted attacks on the vendor's Group Encrypted Transport VPN feature. Continue Reading
By
- Arielle Waldman, News Writer
News 25 Sep 2023
Dallas doles out $8.5M to remediate May ransomware attack

The city of Dallas provided a detailed attack timeline that showed Royal threat actors compromised a service account a month before ransomware was deployed. Continue Reading
By
- Arielle Waldman, News Writer
Tutorial 22 Sep 2023
How to disable removable media access with Group Policy

Removable media can pose serious security problems. But there is a way to control who has access to optical disks and USB drives through Windows' Active Directory. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Definition 21 Sep 2023
DNS over HTTPS (DoH)

DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session. Continue Reading
By
- Brien Posey
News 20 Sep 2023
Okta: Caesars, MGM hacked in social engineering campaign

Identity management vendor Okta had previously disclosed that four unnamed customers had fallen victim to a social engineering campaign that affected victims' MFA protections. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Sep 2023
Cyber insurance report shows surge in ransomware claims

Coalition's H1 2023 report shows ransomware activity increased and severity reached "historic" highs as businesses lost an average of more than $365,000 following an attack. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 19 Sep 2023
Risk & Repeat: MGM, Caesars casino hacks disrupt Las Vegas

This podcast episode compares the cyber attacks suffered by casino giants MGM Resorts and Caesars Entertainment in recent weeks and the fallout from them. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Sep 2023
Caesars Entertainment breached in social engineering attack

Caesars said it took steps after the breach to "ensure that the stolen data is deleted by the unauthorized actor," suggesting it paid a ransom to the attackers. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Sep 2023
Palo Alto Networks: 80% of security exposures exist in cloud

It's no surprise that organizations struggle with cloud security, but a new report reveals an alarming split between cloud and on-premise security exposures. Continue Reading
By
- Arielle Waldman, News Writer
News 13 Sep 2023
Browser companies patch critical zero-day vulnerability

While attack details remain unknown, Chrome, Edge and Firefox users are being urged to update their browsers as an exploit for CVE-2023-4863 lurks in the wild. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Sep 2023
Cisco VPN flaw faces attempted Akira ransomware attacks

Cisco said it became aware of 'attempted exploitation' last month and referenced an Aug. 24 security advisory saying its VPNs were under attack by the Akira ransomware gang. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 07 Sep 2023
How Storm-0558 hackers stole an MSA key from Microsoft

Microsoft detailed a series of errors that led to a consumer account signing key accidentally being included in a crash dump that was later accessed by Storm-0558 actors. Continue Reading
By
- Arielle Waldman, News Writer
News 05 Sep 2023
Ransomware attacks on education sector spike in August

While data breach notifications for MoveIt Transfer customers continued to rise, August also saw ransomware ramp up against schools and universities as classes resumed. Continue Reading
By
- Arielle Waldman, News Writer
News 30 Aug 2023
FBI, Justice Department dismantle Qakbot malware

The FBI operation, one of the largest U.S.-led botnet disruption efforts ever, included international partners such as France, Germany, the Netherlands and the United Kingdom. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 29 Aug 2023
Microsoft Teams attack exposes collab platform security gaps

Criminal and state-sponsored hackers are ramping up cyberattacks on instant messaging platforms and other workplace collaboration tools. Meanwhile, enterprises' readiness lags. Continue Reading
By
- Shaun Sutner, News Director
News 29 Aug 2023
Mandiant reveals new backdoors used in Barracuda ESG attacks

Further investigations show threat actors were prepared for Barracuda Networks' remediation efforts, including an action notice to replace all compromised devices. Continue Reading
By
- Arielle Waldman, News Writer
News 24 Aug 2023
FBI: Suspected Chinese actors continue Barracuda ESG attacks

The alert comes after Barracuda Networks issued an advisory stating that patches for CVE-2023-2868 were insufficient and all affected ESG devices need to be replaced. Continue Reading
By
- Arielle Waldman, News Writer
News 23 Aug 2023
Sophos: RDP played a part in 95% of attacks in H1 2023

While Sophos observed increasing activity around Active Directory and Remote Desktop Protocol abuse, it recommended simple mitigation steps can limit the attack surface. Continue Reading
By
- Arielle Waldman, News Writer
- Rob Wright, Senior News Director
Definition 23 Aug 2023
network vulnerability scanning

Network vulnerability scanning is the process of inspecting and reporting potential vulnerabilities and security loopholes on a computer, network, web application or other device, including firewalls, switches, routers and wireless access points. Continue Reading
By
- Kinza Yasar, Technical Writer
News 17 Aug 2023
CISA, vendors warn Citrix ShareFile flaw under attack

A vulnerability in the managed file transfer product that enterprises use is being actively exploited two months after Citrix released a fix. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Aug 2023
Onapsis researchers detail new SAP security threats

At Black Hat 2023, Onapsis researchers demonstrated how attackers could chain a series of SAP vulnerabilities impacting the P4 protocol to gain root access to a target network. Continue Reading
By
- Arielle Waldman, News Writer
Tip 09 Aug 2023
Types of Nmap scans and best practices

Nmap scanning helps network teams with network reconnaissance and vulnerability discovery. Common types of scans include TCP SYN, OS detection, vulnerability and version detection. Continue Reading
By
- Verlaine Muhungu
Definition 07 Aug 2023
IoT security (internet of things security)

IoT security (internet of things security) is the technology segment focused on safeguarding connected devices and networks in IoT. Continue Reading
By
- Kinza Yasar, Technical Writer
- Sharon Shea, Executive Editor
- Ivy Wigmore
News 03 Aug 2023
MoveIt Transfer attacks dominate July ransomware disclosures

Traditional ransomware attacks took a back seat last month, as Clop operators continued to claim victims from the zero-day attacks on MoveIt Transfer customers. Continue Reading
By
- Arielle Waldman, News Writer
Tip 01 Aug 2023
Top 5 benefits of SASE to enhance network security

A cloud-based distributed architecture, centralized management and endpoint-specific security policies are just some of the benefits of Secure Access Service Edge. Continue Reading
By
- Terry Slattery, NetCraftsmen
News 27 Jul 2023
Google: 41 zero-day vulnerabilities exploited in 2022

While attackers increasingly exploited zero-day flaws last year, one of the most notable findings from the report emphasized how inadequate patches led to new variants. Continue Reading
By
- Arielle Waldman, News Writer
News 25 Jul 2023
Thoma Bravo sells Imperva to Thales Group for $3.6B

With the acquisition, Thales looks to expand its Digital Security and Identity business with an increased focus on protecting web applications and API. Continue Reading
By
- Arielle Waldman, News Writer
Tip 25 Jul 2023
5 steps to approach BYOD compliance policies

It can be difficult to ensure BYOD endpoints are compliant because IT can't configure them before they ship to users. Admins must enforce specific policies to make up for this. Continue Reading
By
- Will Kelly
- Mike Chapple, University of Notre Dame
News 20 Jul 2023
Cyber insurers adapting to data-centric ransomware threats

Cyber insurance carriers and infosec vendors weigh in on how the shift in ransomware tactics is affecting policies and coverage, presenting challenges for enterprises. Continue Reading
By
- Arielle Waldman, News Writer
News 17 Jul 2023
Microsoft still investigating stolen MSA key from email attacks

While Microsoft provided additional attack details and techniques used by Storm-0558, it remains unclear how the Microsoft account signing key was acquired. Continue Reading
By
- Arielle Waldman, News Writer
News 13 Jul 2023
Microsoft: Government agencies breached in email attacks

While Microsoft mitigated the attacks and found no evidence of further access beyond the email accounts, the Outlook breaches raised questions for the software giant. Continue Reading
By
- Arielle Waldman, News Writer
News 12 Jul 2023
Russia-based actor exploited unpatched Office zero day

Microsoft investigated an ongoing phishing campaign that leverages Word documents to deliver malicious attachments to targeted organizations in the U.S. and Europe. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 11 Jul 2023
Risk & Repeat: How bad is Clop's MoveIt Transfer campaign?

Clop's data theft and extortion campaign against MoveIt Transfer customers marks some of the most high-profile threat activity this year, but its success level remains unclear. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 10 Jul 2023
TPG Capital acquires Forcepoint's government unit for $2.45B

Forcepoint's Global Governments and Critical Infrastructure unit will operate independently under TPG, while the commercial business will remain at Francisco Partners. Continue Reading
By
- Arielle Waldman, News Writer
Feature 10 Jul 2023
Wi-Fi AP placement best practices and security policies

From a security standpoint, Wi-Fi network designers should consider the physical and logical placement of APs, as well as management, segmentation and rogue devices. Continue Reading
By
- Lee Badman
Definition 07 Jul 2023
bridge

A bridge is a class of network device designed to connect networks at OSI Level 2, which is the data link layer of a local area network. Continue Reading
By
- Tom Nolle, Andover Intel
Definition 07 Jul 2023
network intrusion protection system (NIPS)

A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity. Continue Reading
By
- Paul Kirvan
News 05 Jul 2023
June saw flurry of ransomware attacks on education sector

As the school year culminated, ransomware attacks surged across K-12 schools and universities, causing class disruptions and putting sensitive data at risk. Continue Reading
By
- Arielle Waldman, News Writer
Tutorial 05 Jul 2023
3 ways to troubleshoot using Wireshark and tcpdump

Protocol analyzer tools, such as Wireshark and tcpdump, can help network administrators identify protocols in the network, analyze network performance and discover network devices. Continue Reading
By
- Damon Garn, Cogspinner Coaction
News 28 Jun 2023
DDoS attacks surging behind new techniques, geopolitical goals

A rise in massive DDoS attacks, some of which target the application layer and cause significant disruptions, might require new defense strategies from cybersecurity vendors. Continue Reading
By
- Arielle Waldman, News Writer
News 27 Jun 2023
Censys finds hundreds of exposed devices in federal orgs

Censys found exposed instances of Progress Software's MoveIt Transfer and Barracuda Networks' Email Security Gateway appliances during its analysis of FCEB agency networks. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 21 Jun 2023
Critical VMware Aria Operations bug under active exploitation

Reports of exploitation for a critical command injection flaw in VMware Aria Operations for Networks came roughly a week after a researcher published a proof-of-concept for it. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 21 Jun 2023
Nessus

Nessus is a platform developed by Tenable that scans for security vulnerabilities in devices, applications, operating systems, cloud services and other network resources. Continue Reading
By
- Rahul Awati
News 21 Jun 2023
May ransomware activity rises behind 8base, LockBit gangs

LockBit was the most active group last month, but NCC Group researchers were surprised by 8base, which started listing victims from attacks that occurred beginning in April 2022. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 20 Jun 2023
Risk & Repeat: More victims emerge from MoveIt Transfer flaw

CISA last week said several federal agencies suffered data breaches resulting from a MoveIt Transfer zero-day vulnerability, though it's unclear what type of data was stolen. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 19 Jun 2023
Microsoft: DDoS attacks caused M365, Azure disruptions

Microsoft confirmed widespread service disruptions earlier this month were caused by layer 7 DDoS attacks by a threat group it identified as Storm-1359. Continue Reading
By
- Arielle Waldman, News Writer
Tip 16 Jun 2023
Use IoT hardening to secure vulnerable connected devices

IoT and industrial IoT innovation continue to thrive, but IoT device security continues to be an afterthought. Companies should harden connected devices to remain protected. Continue Reading
By
- Michael Cobb
Podcast 15 Jun 2023
Risk & Repeat: Mandiant sheds light on Barracuda ESG attacks

Barracuda Networks attempted to fix the critical ESG zero-day vulnerability, but a Chinese nation-state threat actor was able to maintain access on compromised devices. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 Jun 2023
Chinese nation-state actor behind Barracuda ESG attacks

Mandiant said the zero-day attacks on Barracuda Email Security Gateway appliances were part of a 'wide-ranging campaign in support of the People's Republic of China.' Continue Reading
By
- Arielle Waldman, News Writer
Opinion 14 Jun 2023
Cisco releases new security offerings at Cisco Live 2023

At Cisco Live 2023, Cisco emphasized its plans to emphasize security, rolling out a host of new initiatives from secure access to AI-aided security to cloud-native app security. Continue Reading
By
- Melinda Marks, Practice Director
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 13 Jun 2023
Fortinet warns critical VPN vulnerability 'may' be under attack

Fortinet said the heap buffer overflow flaw might have been exploited already and warned that Chinese nation-state threat group Volt Typhoon would likely attack the vulnerability. Continue Reading
By
- Arielle Waldman, News Writer
News 08 Jun 2023
Barracuda: Replace vulnerable ESG devices 'immediately'

Customers with email security gateway appliances affected by a recent zero-day flaw, CVE-2023-2868, are being urged to replace devices, even if the hardware has been patched. Continue Reading
By
- Arielle Waldman, News Writer
Tip 07 Jun 2023
6 blockchain use cases for cybersecurity

Is blockchain secure by design, or should blockchains be designed for security? Learn more through these six security and privacy use cases for blockchain. Continue Reading
By
- Jessica Groopman, Kaleido Insights
News 06 Jun 2023
Ransomware takes down multiple municipalities in May

City and local governments experienced severe disruptions to public services due to ransomware attacks in May, particularly from the Royal ransomware group. Continue Reading
By
- Arielle Waldman, News Writer
Definition 05 Jun 2023
security analytics

Security analytics is a cybersecurity approach that uses data collection, data aggregation and analysis tools for threat detection and security monitoring. Continue Reading
By
- Linda Rosencrance
News 01 Jun 2023
Zyxel vulnerability under 'widespread exploitation'

Researchers warn that threat actors are widely exploiting an unauthenticated command injection vulnerability to target multiple Zyxel network devices. Continue Reading
By
- Alexis Zacharakos
Definition 01 Jun 2023
NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)

The NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers. Continue Reading
By
- Linda Rosencrance
News 01 Jun 2023
Mitiga warns free Google Drive license lacks logging visibility

The ability to view logs is critical for enterprises to detect and attribute malicious activity. Mitiga said the Google Drive issue allows data exfiltration without a trace. Continue Reading
By
- Arielle Waldman, News Writer
News 31 May 2023
Barracuda zero-day bug exploited months prior to discovery

Barracuda said a zero-day flaw used to target its email security gateway appliance customers is a remote command injection vulnerability exploited since at least October 2022. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 31 May 2023
Many Gigabyte PC models affected by major supply chain issue

Eclypsium researchers say the insecure implementation of PC hardware manufacturer Gigabyte's App Center could potentially result in supply chain attacks. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 31 May 2023
An overview of 802.1X authentication methods and EAP

Enterprises use 802.1X authentication to manage their wireless LANs, and that process relies on the Extensible Authentication Protocol and its various types. Continue Reading
By
- Jennifer English, Executive Editor
- Lisa Phifer, Core Competence
News 25 May 2023
Chinese hackers targeting U.S. critical infrastructure

Microsoft uncovered a Chinese nation-state threat group that is compromising Fortinet FortiGuard devices to gain access to critical infrastructure entities in the U.S. and Guam. Continue Reading
By
- Arielle Waldman, News Writer
News 24 May 2023
Updated 'StopRansomware Guide' warns of shifting tactics

CISA's updates to the 'StopRansomware Guide' address shifts in the threat landscape as more threat actors skip the encryption step and focus on data theft and extortion. Continue Reading
By
- Arielle Waldman, News Writer
News 24 May 2023
Barracuda discloses zero-day flaw affecting ESG appliances

Barracuda Networks said threat actors exploited the zero-day to gain 'unauthorized access to a subset of email gateway appliances,' though it did not say how many. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 23 May 2023
Threat actors leverage kernel drivers in new attacks

Fortinet detailed a campaign using a malicious driver in attacks against organizations in the Middle East, and Trend Micro detailed a driver-based attack by BlackCat ransomware. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 22 May 2023
Iowa hospital discloses breach following Royal ransomware leak

Clarke County Hospital revealed that it took network services offline after an attack in April, but did not address the reported data leak by the Royal ransomware gang. Continue Reading
By
- Arielle Waldman, News Writer
Guest Post 22 May 2023
Follow a 6-phase roadmap to secure cyber-physical systems

Cyber-physical systems help bridge the digital world with the physical world, but they introduce cybersecurity risks that must be addressed. Continue Reading
By
- Katell Thielemann
News 18 May 2023
Gentex confirms data breach by Dunghill ransomware actors

The Dunghill ransomware gang last month claimed responsibility for an attack against Gentex Corporation, which confirmed this week that it suffered a breach several months ago. Continue Reading
By
- Arielle Waldman, News Writer
Tip 18 May 2023
4 key unified communications security threats to watch for

Keeping your unified communications system safe requires tools that are specifically geared to voice and video apps. Learn how to take a multilayered approach to UC security. Continue Reading
By
- Kevin Tolly, The Tolly Group
News 16 May 2023
Chinese APT exploits TP-Link router firmware via implant

Check Point Software Technologies said the malicious implant, which it attributed to Chinese APT "Camaro Dragon," was firmware agnostic and could be used against other vendors. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 16 May 2023
Coalition: Employee actions are driving cyber insurance claims

After analyzing cyber insurance claims data, Coalition determined that phishing escalated in 2022, ransomware dropped and timely patching remained a consistent problem. Continue Reading
By
- Arielle Waldman, News Writer
News 08 May 2023
Western Digital confirms ransomware actors stole customer data

Western Digital issued an update late Friday that confirmed customer data was stolen in an attack for which Alphv ransomware actors claimed responsibility. Continue Reading
By
- Arielle Waldman, News Writer
Feature 05 May 2023
How to start handling Azure network security

Before adopting Microsoft Azure, it's important to consider how to secure the cloud network. That's where network security groups and Azure Firewall come in. Continue Reading
By
- Kyle Johnson, Technology Editor
News 04 May 2023
Ransomware gangs display ruthless extortion tactics in April

Ransomware groups are pressuring enterprises into paying with harsher extortion tactics, contacting individual victims directly and leaking stolen photos and video footage. Continue Reading
By
- Arielle Waldman, News Writer
Tip 04 May 2023
Review the components of VMware SASE Platform

VMware SASE Platform provides many strong networking and security capabilities, but it comes in an offering that feels like many individual products packaged together. Continue Reading
By
- Steve Garson, SD-WAN Experts
Tip 28 Apr 2023
The pros and cons of VPNs for enterprises

VPNs use different protocols and encryption to protect data and prevent unauthorized users from accessing company resources. But those protocols come with their own benefits and challenges. Continue Reading
By
- David Jacobs, The Jacobs Group
Definition 26 Apr 2023
cloaking

Cloaking is a technique where a different version of web content is returned to users than to the search engine crawlers. Continue Reading
By
- Pat Brans, Pat Brans Associates/Grenoble Ecole de Management
News 25 Apr 2023
Google, Mandiant highlight top threats, evolving adversaries

Enterprises are struggling to keep up as adversary groups improve tactics. But one of the most difficult groups to defend against, according to Google and Mandiant, was a surprise. Continue Reading
By
- Arielle Waldman, News Writer
News 19 Apr 2023
Point32Health confirms service disruption due to ransomware

A ransomware attack interrupted access to services provided by one of New England's largest healthcare insurers, though the scope of affected customers and data remains unknown. Continue Reading
By
- Arielle Waldman, News Writer
Definition 19 Apr 2023
cloud workload protection

Cloud workload protection is the safeguarding of workloads spread out across multiple cloud environments. Businesses that use public and private clouds can use cloud workload protection platforms to help defend themselves against cyber attacks. Continue Reading
By
- Ian Palmer
Definition 19 Apr 2023
firewall

A firewall is a network security device that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of security rules to identify and block threats. Continue Reading
By
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
Definition 14 Apr 2023
CDN (content delivery network)

A CDN (content delivery network), also called a content distribution network, is a group of geographically distributed and interconnected servers. Continue Reading
By
- Kinza Yasar, Technical Writer
News 12 Apr 2023
Nokoyawa ransomware exploits Windows CLFS zero-day

The Nokoyawa ransomware attacks highlight the growing use of zero-day exploits by a variety of threat groups, including financially motivated cybercriminals. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Apr 2023
Recorded Future launches OpenAI GPT model for threat intel

The new OpenAI GPT model was trained on Recorded Future's large data set and interprets evidence to help support enterprises struggling with cyberdefense. Continue Reading
By
- Arielle Waldman, News Writer
Tip 11 Apr 2023
SD-WAN vs. VPN: How do they compare?

When comparing SD-WAN and VPN, enterprises choosing between the two technologies should consider factors like cost, management and routing intelligence. Continue Reading
By
- Robert Sturt, Netify
Definition 06 Apr 2023
war driving (access point mapping)

War driving, also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks (WLANs) while driving around a city or elsewhere. Continue Reading
By
- Rahul Awati
News 05 Apr 2023
42% of IT leaders told to maintain breach confidentiality

While transparency and prompt reporting are important steps following an attack, Bitdefender found that many IT professionals were told to maintain confidentiality after a breach. Continue Reading
By
- Arielle Waldman, News Writer
Feature 05 Apr 2023
ICS kill chain: Adapting the cyber kill chain to ICS environments

As IT/OT convergence continues to gain traction, industrial control system security cannot be ignored. Performing pen tests based on the ICS Kill Chain can help. Continue Reading
By
- Sharon Shea, Executive Editor
- Packt Publishing
Feature 05 Apr 2023
An intro to the IDMZ, the demilitarized zone for ICSes

Setting up an IDMZ -- a demilitarized zone between enterprise and industrial networks -- can prevent operational environments from becoming compromised by IT threats. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 05 Apr 2023
Reinforce industrial control system security with ICS monitoring

Monitoring an industrial control system environment isn't that different from monitoring a traditional IT environment, but there are some considerations to keep in mind. Continue Reading
By
- Sharon Shea, Executive Editor
News 04 Apr 2023
March ransomware disclosures spike behind Clop attacks

The Clop ransomware gang claimed responsibility for several disclosed ransomware attacks on major enterprises, which stemmed from a zero-day flaw in Fortra's GoAnywhere software. Continue Reading
By
- Arielle Waldman, News Writer
Definition 03 Apr 2023
Temporal Key Integrity Protocol (TKIP)

Temporal Key Integrity Protocol (TKIP) is an encryption protocol included in the Institute of Electrical and Electronics Engineers (IEEE) 802.11i standard for wireless local area networks (WLANs). Continue Reading
By
- Rahul Awati
Definition 23 Mar 2023
cyber espionage

Cyber espionage (cyberespionage) is a type of cyber attack that malicious hackers carry out against a business or government entity. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor