Network security
Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.
Top Stories
-
Tip
12 Dec 2024
9 identity and access management trends to watch in 2025
Identity threats continue to change and so, too, do the defenses developed to address those security challenges. Be ready for what's coming next in IAM. Continue Reading
By- Phil Sweeney, Industry Editor
-
News
10 Dec 2024
Citrix NetScaler devices targeted in brute force campaign
Citrix advised NetScaler customers to ensure that their devices are fully updated and properly configured to defend against the recent spike in brute force attacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
29 Nov 2023
Okta: Support system breach affected all customers
Okta warned customers that they face an 'increased risk of phishing and social engineering attacks' after new details emerged from a breach that occurred earlier this year. Continue Reading
By- Arielle Waldman, News Writer
-
News
28 Nov 2023
Europol, Ukraine police arrest alleged ransomware ringleader
Europol and Ukraine's National Police arrested the alleged leader of a ransomware gang last week, along with four accomplices, dismantling the cybercrime group. Continue Reading
By- Arielle Waldman, News Writer
-
News
16 Nov 2023
CISA, FBI issue alert for ongoing Scattered Spider activity
The government advisory follows several high-profile attacks attributed to Scattered Spider, which uses advanced social engineering techniques like SIM swapping. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
16 Nov 2023
Automated Clearing House fraud (ACH fraud)
ACH fraud is the theft of funds through the U.S. Department of the Treasury's Automated Clearing House financial transaction network. Continue Reading
By -
News
15 Nov 2023
LockBit observed exploiting critical 'Citrix Bleed' flaw
The Financial Services Information Sharing and Analysis Center warned that LockBit ransomware actors are exploiting CVE-2023-4966, also known as Citrix Bleed. Continue Reading
By- Arielle Waldman, News Writer
-
News
15 Nov 2023
VMware discloses critical, unpatched Cloud Director bug
A manual workaround is currently available for a critical VMware Cloud Director Appliance flaw, tracked as CVE-2023-34060, but no patch is available at press time. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
13 Nov 2023
SD-WAN deployments feed SASE network and security convergence
Enterprise Strategy Group's Bob Laliberte discusses the latest findings in his newly released report and why SD-WAN's direct cloud connectivity feeds SASE business initiatives. Continue Reading
By- Ron Karjian, Industry Editor
-
Definition
09 Nov 2023
crisis communication
Crisis communication is a strategic approach to corresponding with people and organizations during a disruptive event. Continue Reading
By- Rahul Awati
- Paul Crocetti, Executive Editor
-
Tip
07 Nov 2023
7 useful hardware pen testing tools
Penetration testers use a variety of hardware to conduct security assessments, including a powerful laptop, Raspberry Pi, Rubber Ducky and more. Continue Reading
By -
News
06 Nov 2023
Ransomware continues to rise in October across all sectors
Ransomware disclosures and reports surged last month, leading in some cases to bankruptcy filing, prolonged business disruptions and ambulance diversions for hospitals. Continue Reading
By- Arielle Waldman, News Writer
-
News
31 Oct 2023
SEC charges SolarWinds for security failures, fraud
The SEC accused SolarWinds and CISO Timothy Brown of hiding known cybersecurity risks that were further highlighted by the supply chain attack revealed in 2020. Continue Reading
By- Arielle Waldman, News Writer
-
News
31 Oct 2023
Dual ransomware attacks on the rise, but causes are unclear
While the FBI warned enterprises of an increase in dual ransomware attacks, infosec experts said there's insufficient data to consider the threat a trend. Continue Reading
By- Arielle Waldman, News Writer
-
News
26 Oct 2023
NCC Group details 153% spike in September ransomware attacks
NCC Group analysts warned the significant year-over-year increase will likely continue. Organizations may see 4,000 ransomware attacks by the end of 2023. Continue Reading
By- Arielle Waldman, News Writer
-
News
24 Oct 2023
1Password stops attack linked to Okta breach
1Password said a threat actor used a HAR file stolen in the recent Okta breach to access the password manager's Okta tenant, but the activity was detected and blocked. Continue Reading
By- Arielle Waldman, News Writer
-
Answer
20 Oct 2023
What to know about UDP vulnerabilities and security
UDP is a simple protocol, but it has inherent vulnerabilities that make it prone to attacks, such as limited packet verification, IP spoofing and DDoS attacks. Continue Reading
By- David Jacobs, The Jacobs Group
-
News
19 Oct 2023
North Korean hackers exploit critical TeamCity vulnerability
While a patch is available, Microsoft and JetBrains confirmed TeamCity users have been compromised in attacks that leverage CVE-2023-42793 as an initial attack vector. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
19 Oct 2023
Cloud-native firewalls are the next step in network security
The network security challenges associated with cloud provider and virtual firewalls are leading to third parties introducing cloud-native firewalls. Continue Reading
By- John Grady, Principal Analyst
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Definition
18 Oct 2023
antispoofing
Antispoofing is a technique for identifying and dropping packets that have a false source address. Continue Reading
By- Paul Kirvan
- Sharon Shea, Executive Editor
-
Feature
17 Oct 2023
10 cybersecurity experts to follow on social media
Cybersecurity experts provide valuable insights into the security landscape. Follow this curated list of recognized authorities to stay informed and safeguard your digital assets. Continue Reading
By- Kinza Yasar, Technical Writer
-
Podcast
12 Oct 2023
Risk & Repeat: Rapid Reset and the future of DDoS attacks
This podcast episode covers the record-breaking DDoS attack Rapid Reset, why it stands out among other DDoS campaigns and whether it will be widely replicated in the future. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
10 Oct 2023
'Rapid Reset' DDoS attacks exploiting HTTP/2 vulnerability
Cloudflare said the Rapid Reset DDoS attack was three times larger than the attack it had on record. Google similarly called it 'the largest DDoS attack to date.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
10 Oct 2023
Security posture management a huge challenge for IT pros
Enterprise Strategy Group's John Oltsik explains why executing security hygiene and posture management at scale remains an uphill battle for organizations, despite automation. Continue Reading
By- Linda Tucci, Industry Editor -- CIO/IT Strategy
-
News
06 Oct 2023
MGM faces $100M loss from ransomware attack
MGM's 8-K filing revealed some personal customer data was stolen during the September attack and said the company expects cyber insurance to sufficiently cover the losses. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
05 Oct 2023
Microsoft Schannel (Microsoft Secure Channel)
The Microsoft Secure Channel, or Schannel, is a security support package that facilitates the use of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encryption on Windows platforms. Continue Reading
By- Madelyn Bacon, TechTarget
-
Definition
04 Oct 2023
What is ransomware? How it works and how to remove it
Ransomware is a type of malware that locks and encrypts a victim's data, files, devices or systems, rendering them inaccessible and unusable until the attacker receives a ransom payment. Continue Reading
By- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
-
News
03 Oct 2023
Ransomware disrupts hospitality, healthcare in September
Ransomware disclosures and reports last month were headlined by attacks on MGM Resorts and Caesars Entertainment, which proved costly to the Las Vegas hospitality giants. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
03 Oct 2023
security posture
Security posture refers to an organization's overall cybersecurity strength and how well it can predict, prevent and respond to ever-changing cyberthreats. Continue Reading
By- Cameron Hashemi-Pour, Site Editor
- Linda Rosencrance
-
Definition
02 Oct 2023
ISO 31000 Risk Management
The ISO 31000 Risk Management framework is an international standard that provides organizations with guidelines and principles for risk management. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
- Brien Posey
-
Opinion
02 Oct 2023
Transitioning to single-vendor SASE will take time
New Enterprise Strategy Group research reveals enterprises are interested in single-vendor SASE -- but with multiple tools on hand, the transition will take planning and time. Continue Reading
By- John Grady, Principal Analyst
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Tip
29 Sep 2023
How to use Wireshark to sniff and scan network traffic
Wireshark continues to be a critical tool for security practitioners. Learning how to use it to scan network traffic should be on every security pro's to-do list. Continue Reading
By- Ed Moyle, Drake Software
-
News
28 Sep 2023
US, Japan warn China-linked 'BlackTech' targeting routers
CISA said BlackTech has targeted Cisco and other router makers by using a variety of tools and techniques to modify and even replace devices' firmware. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
28 Sep 2023
Cisco patches zero-day vulnerability under attack
Cisco said its Advanced Security Initiatives Group discovered the zero-day flaw while investigating attempted attacks on the vendor's Group Encrypted Transport VPN feature. Continue Reading
By- Arielle Waldman, News Writer
-
News
25 Sep 2023
Dallas doles out $8.5M to remediate May ransomware attack
The city of Dallas provided a detailed attack timeline that showed Royal threat actors compromised a service account a month before ransomware was deployed. Continue Reading
By- Arielle Waldman, News Writer
-
Tutorial
22 Sep 2023
How to disable removable media access with Group Policy
Removable media can pose serious security problems. But there is a way to control who has access to optical disks and USB drives through Windows' Active Directory. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Definition
21 Sep 2023
DNS over HTTPS (DoH)
DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session. Continue Reading
By -
News
20 Sep 2023
Okta: Caesars, MGM hacked in social engineering campaign
Identity management vendor Okta had previously disclosed that four unnamed customers had fallen victim to a social engineering campaign that affected victims' MFA protections. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
20 Sep 2023
Cyber insurance report shows surge in ransomware claims
Coalition's H1 2023 report shows ransomware activity increased and severity reached "historic" highs as businesses lost an average of more than $365,000 following an attack. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
19 Sep 2023
Risk & Repeat: MGM, Caesars casino hacks disrupt Las Vegas
This podcast episode compares the cyber attacks suffered by casino giants MGM Resorts and Caesars Entertainment in recent weeks and the fallout from them. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
14 Sep 2023
Caesars Entertainment breached in social engineering attack
Caesars said it took steps after the breach to "ensure that the stolen data is deleted by the unauthorized actor," suggesting it paid a ransom to the attackers. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
14 Sep 2023
Palo Alto Networks: 80% of security exposures exist in cloud
It's no surprise that organizations struggle with cloud security, but a new report reveals an alarming split between cloud and on-premise security exposures. Continue Reading
By- Arielle Waldman, News Writer
-
News
13 Sep 2023
Browser companies patch critical zero-day vulnerability
While attack details remain unknown, Chrome, Edge and Firefox users are being urged to update their browsers as an exploit for CVE-2023-4863 lurks in the wild. Continue Reading
By- Arielle Waldman, News Writer
-
News
11 Sep 2023
Cisco VPN flaw faces attempted Akira ransomware attacks
Cisco said it became aware of 'attempted exploitation' last month and referenced an Aug. 24 security advisory saying its VPNs were under attack by the Akira ransomware gang. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
07 Sep 2023
How Storm-0558 hackers stole an MSA key from Microsoft
Microsoft detailed a series of errors that led to a consumer account signing key accidentally being included in a crash dump that was later accessed by Storm-0558 actors. Continue Reading
By- Arielle Waldman, News Writer
-
News
05 Sep 2023
Ransomware attacks on education sector spike in August
While data breach notifications for MoveIt Transfer customers continued to rise, August also saw ransomware ramp up against schools and universities as classes resumed. Continue Reading
By- Arielle Waldman, News Writer
-
News
30 Aug 2023
FBI, Justice Department dismantle Qakbot malware
The FBI operation, one of the largest U.S.-led botnet disruption efforts ever, included international partners such as France, Germany, the Netherlands and the United Kingdom. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
29 Aug 2023
Microsoft Teams attack exposes collab platform security gaps
Criminal and state-sponsored hackers are ramping up cyberattacks on instant messaging platforms and other workplace collaboration tools. Meanwhile, enterprises' readiness lags. Continue Reading
By- Shaun Sutner, News Director
-
News
29 Aug 2023
Mandiant reveals new backdoors used in Barracuda ESG attacks
Further investigations show threat actors were prepared for Barracuda Networks' remediation efforts, including an action notice to replace all compromised devices. Continue Reading
By- Arielle Waldman, News Writer
-
News
24 Aug 2023
FBI: Suspected Chinese actors continue Barracuda ESG attacks
The alert comes after Barracuda Networks issued an advisory stating that patches for CVE-2023-2868 were insufficient and all affected ESG devices need to be replaced. Continue Reading
By- Arielle Waldman, News Writer
-
News
23 Aug 2023
Sophos: RDP played a part in 95% of attacks in H1 2023
While Sophos observed increasing activity around Active Directory and Remote Desktop Protocol abuse, it recommended simple mitigation steps can limit the attack surface. Continue Reading
By- Arielle Waldman, News Writer
- Rob Wright, Senior News Director
-
Definition
23 Aug 2023
network vulnerability scanning
Network vulnerability scanning is the process of inspecting and reporting potential vulnerabilities and security loopholes on a computer, network, web application or other device, including firewalls, switches, routers and wireless access points. Continue Reading
By- Kinza Yasar, Technical Writer
-
News
17 Aug 2023
CISA, vendors warn Citrix ShareFile flaw under attack
A vulnerability in the managed file transfer product that enterprises use is being actively exploited two months after Citrix released a fix. Continue Reading
By- Arielle Waldman, News Writer
-
News
09 Aug 2023
Onapsis researchers detail new SAP security threats
At Black Hat 2023, Onapsis researchers demonstrated how attackers could chain a series of SAP vulnerabilities impacting the P4 protocol to gain root access to a target network. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
09 Aug 2023
Types of Nmap scans and best practices
Nmap scanning helps network teams with network reconnaissance and vulnerability discovery. Common types of scans include TCP SYN, OS detection, vulnerability and version detection. Continue Reading
-
Definition
07 Aug 2023
IoT security (internet of things security)
IoT security (internet of things security) is the technology segment focused on safeguarding connected devices and networks in IoT. Continue Reading
By- Kinza Yasar, Technical Writer
- Sharon Shea, Executive Editor
- Ivy Wigmore
-
News
03 Aug 2023
MoveIt Transfer attacks dominate July ransomware disclosures
Traditional ransomware attacks took a back seat last month, as Clop operators continued to claim victims from the zero-day attacks on MoveIt Transfer customers. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
01 Aug 2023
Top 5 benefits of SASE to enhance network security
A cloud-based distributed architecture, centralized management and endpoint-specific security policies are just some of the benefits of Secure Access Service Edge. Continue Reading
By- Terry Slattery, NetCraftsmen
-
News
27 Jul 2023
Google: 41 zero-day vulnerabilities exploited in 2022
While attackers increasingly exploited zero-day flaws last year, one of the most notable findings from the report emphasized how inadequate patches led to new variants. Continue Reading
By- Arielle Waldman, News Writer
-
News
25 Jul 2023
Thoma Bravo sells Imperva to Thales Group for $3.6B
With the acquisition, Thales looks to expand its Digital Security and Identity business with an increased focus on protecting web applications and API. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
25 Jul 2023
5 steps to approach BYOD compliance policies
It can be difficult to ensure BYOD endpoints are compliant because IT can't configure them before they ship to users. Admins must enforce specific policies to make up for this. Continue Reading
By- Will Kelly
- Mike Chapple, University of Notre Dame
-
News
20 Jul 2023
Cyber insurers adapting to data-centric ransomware threats
Cyber insurance carriers and infosec vendors weigh in on how the shift in ransomware tactics is affecting policies and coverage, presenting challenges for enterprises. Continue Reading
By- Arielle Waldman, News Writer
-
News
17 Jul 2023
Microsoft still investigating stolen MSA key from email attacks
While Microsoft provided additional attack details and techniques used by Storm-0558, it remains unclear how the Microsoft account signing key was acquired. Continue Reading
By- Arielle Waldman, News Writer
-
News
13 Jul 2023
Microsoft: Government agencies breached in email attacks
While Microsoft mitigated the attacks and found no evidence of further access beyond the email accounts, the Outlook breaches raised questions for the software giant. Continue Reading
By- Arielle Waldman, News Writer
-
News
12 Jul 2023
Russia-based actor exploited unpatched Office zero day
Microsoft investigated an ongoing phishing campaign that leverages Word documents to deliver malicious attachments to targeted organizations in the U.S. and Europe. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
11 Jul 2023
Risk & Repeat: How bad is Clop's MoveIt Transfer campaign?
Clop's data theft and extortion campaign against MoveIt Transfer customers marks some of the most high-profile threat activity this year, but its success level remains unclear. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
10 Jul 2023
TPG Capital acquires Forcepoint's government unit for $2.45B
Forcepoint's Global Governments and Critical Infrastructure unit will operate independently under TPG, while the commercial business will remain at Francisco Partners. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
10 Jul 2023
Wi-Fi AP placement best practices and security policies
From a security standpoint, Wi-Fi network designers should consider the physical and logical placement of APs, as well as management, segmentation and rogue devices. Continue Reading
By -
Definition
07 Jul 2023
bridge
A bridge is a class of network device designed to connect networks at OSI Level 2, which is the data link layer of a local area network. Continue Reading
By- Tom Nolle, Andover Intel
-
Definition
07 Jul 2023
network intrusion protection system (NIPS)
A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity. Continue Reading
By -
News
05 Jul 2023
June saw flurry of ransomware attacks on education sector
As the school year culminated, ransomware attacks surged across K-12 schools and universities, causing class disruptions and putting sensitive data at risk. Continue Reading
By- Arielle Waldman, News Writer
-
Tutorial
05 Jul 2023
3 ways to troubleshoot using Wireshark and tcpdump
Protocol analyzer tools, such as Wireshark and tcpdump, can help network administrators identify protocols in the network, analyze network performance and discover network devices. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
News
28 Jun 2023
DDoS attacks surging behind new techniques, geopolitical goals
A rise in massive DDoS attacks, some of which target the application layer and cause significant disruptions, might require new defense strategies from cybersecurity vendors. Continue Reading
By- Arielle Waldman, News Writer
-
News
27 Jun 2023
Censys finds hundreds of exposed devices in federal orgs
Censys found exposed instances of Progress Software's MoveIt Transfer and Barracuda Networks' Email Security Gateway appliances during its analysis of FCEB agency networks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
21 Jun 2023
Critical VMware Aria Operations bug under active exploitation
Reports of exploitation for a critical command injection flaw in VMware Aria Operations for Networks came roughly a week after a researcher published a proof-of-concept for it. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
21 Jun 2023
Nessus
Nessus is a platform developed by Tenable that scans for security vulnerabilities in devices, applications, operating systems, cloud services and other network resources. Continue Reading
By -
News
21 Jun 2023
May ransomware activity rises behind 8base, LockBit gangs
LockBit was the most active group last month, but NCC Group researchers were surprised by 8base, which started listing victims from attacks that occurred beginning in April 2022. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
20 Jun 2023
Risk & Repeat: More victims emerge from MoveIt Transfer flaw
CISA last week said several federal agencies suffered data breaches resulting from a MoveIt Transfer zero-day vulnerability, though it's unclear what type of data was stolen. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
19 Jun 2023
Microsoft: DDoS attacks caused M365, Azure disruptions
Microsoft confirmed widespread service disruptions earlier this month were caused by layer 7 DDoS attacks by a threat group it identified as Storm-1359. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
15 Jun 2023
Risk & Repeat: Mandiant sheds light on Barracuda ESG attacks
Barracuda Networks attempted to fix the critical ESG zero-day vulnerability, but a Chinese nation-state threat actor was able to maintain access on compromised devices. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
15 Jun 2023
Chinese nation-state actor behind Barracuda ESG attacks
Mandiant said the zero-day attacks on Barracuda Email Security Gateway appliances were part of a 'wide-ranging campaign in support of the People's Republic of China.' Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
14 Jun 2023
Cisco releases new security offerings at Cisco Live 2023
At Cisco Live 2023, Cisco emphasized its plans to emphasize security, rolling out a host of new initiatives from secure access to AI-aided security to cloud-native app security. Continue Reading
By- Melinda Marks, Practice Director
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
13 Jun 2023
Fortinet warns critical VPN vulnerability 'may' be under attack
Fortinet said the heap buffer overflow flaw might have been exploited already and warned that Chinese nation-state threat group Volt Typhoon would likely attack the vulnerability. Continue Reading
By- Arielle Waldman, News Writer
-
News
08 Jun 2023
Barracuda: Replace vulnerable ESG devices 'immediately'
Customers with email security gateway appliances affected by a recent zero-day flaw, CVE-2023-2868, are being urged to replace devices, even if the hardware has been patched. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
07 Jun 2023
6 blockchain use cases for cybersecurity
Is blockchain secure by design, or should blockchains be designed for security? Learn more through these six security and privacy use cases for blockchain. Continue Reading
By- Jessica Groopman, Kaleido Insights
-
News
06 Jun 2023
Ransomware takes down multiple municipalities in May
City and local governments experienced severe disruptions to public services due to ransomware attacks in May, particularly from the Royal ransomware group. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
05 Jun 2023
security analytics
Security analytics is a cybersecurity approach that uses data collection, data aggregation and analysis tools for threat detection and security monitoring. Continue Reading
-
News
01 Jun 2023
Zyxel vulnerability under 'widespread exploitation'
Researchers warn that threat actors are widely exploiting an unauthenticated command injection vulnerability to target multiple Zyxel network devices. Continue Reading
By- Alexis Zacharakos, Student Co-op
-
Definition
01 Jun 2023
NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)
The NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers. Continue Reading
-
News
01 Jun 2023
Mitiga warns free Google Drive license lacks logging visibility
The ability to view logs is critical for enterprises to detect and attribute malicious activity. Mitiga said the Google Drive issue allows data exfiltration without a trace. Continue Reading
By- Arielle Waldman, News Writer
-
News
31 May 2023
Barracuda zero-day bug exploited months prior to discovery
Barracuda said a zero-day flaw used to target its email security gateway appliance customers is a remote command injection vulnerability exploited since at least October 2022. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
31 May 2023
Many Gigabyte PC models affected by major supply chain issue
Eclypsium researchers say the insecure implementation of PC hardware manufacturer Gigabyte's App Center could potentially result in supply chain attacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
31 May 2023
An overview of 802.1X authentication methods and EAP
Enterprises use 802.1X authentication to manage their wireless LANs, and that process relies on the Extensible Authentication Protocol and its various types. Continue Reading
By- Jennifer English, Executive Editor
- Lisa Phifer, Core Competence
-
News
25 May 2023
Chinese hackers targeting U.S. critical infrastructure
Microsoft uncovered a Chinese nation-state threat group that is compromising Fortinet FortiGuard devices to gain access to critical infrastructure entities in the U.S. and Guam. Continue Reading
By- Arielle Waldman, News Writer
-
News
24 May 2023
Updated 'StopRansomware Guide' warns of shifting tactics
CISA's updates to the 'StopRansomware Guide' address shifts in the threat landscape as more threat actors skip the encryption step and focus on data theft and extortion. Continue Reading
By- Arielle Waldman, News Writer
-
News
24 May 2023
Barracuda discloses zero-day flaw affecting ESG appliances
Barracuda Networks said threat actors exploited the zero-day to gain 'unauthorized access to a subset of email gateway appliances,' though it did not say how many. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
23 May 2023
Threat actors leverage kernel drivers in new attacks
Fortinet detailed a campaign using a malicious driver in attacks against organizations in the Middle East, and Trend Micro detailed a driver-based attack by BlackCat ransomware. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
22 May 2023
Iowa hospital discloses breach following Royal ransomware leak
Clarke County Hospital revealed that it took network services offline after an attack in April, but did not address the reported data leak by the Royal ransomware gang. Continue Reading
By- Arielle Waldman, News Writer
-
News
18 May 2023
Gentex confirms data breach by Dunghill ransomware actors
The Dunghill ransomware gang last month claimed responsibility for an attack against Gentex Corporation, which confirmed this week that it suffered a breach several months ago. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
18 May 2023
4 key unified communications security threats to watch for
Keeping your unified communications system safe requires tools that are specifically geared to voice and video apps. Learn how to take a multilayered approach to UC security. Continue Reading
By- Kevin Tolly, The Tolly Group
-
News
16 May 2023
Chinese APT exploits TP-Link router firmware via implant
Check Point Software Technologies said the malicious implant, which it attributed to Chinese APT "Camaro Dragon," was firmware agnostic and could be used against other vendors. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
16 May 2023
Coalition: Employee actions are driving cyber insurance claims
After analyzing cyber insurance claims data, Coalition determined that phishing escalated in 2022, ransomware dropped and timely patching remained a consistent problem. Continue Reading
By- Arielle Waldman, News Writer