Network security

Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.

Top Stories

Answer 13 May 2025
How can an enterprise mobile VPN fit into a mobility plan?

Organizations that need to secure mobile users and provide remote access to corporate resources should consider an on-premises or cloud-hosted mobile VPN. Continue Reading
By
- Brien Posey
- Robert Sheldon
Opinion 07 May 2025
Key network security takeaways from RSAC 2025

Themes on display at the conference reflected the cybersecurity industry's effort to streamline security operations, while adapting to emerging technologies and threats. Continue Reading
By
- John Grady, Principal Analyst

Tip 19 Aug 2022
How does SD-access work?

SD-access is a combination of two elements: SDN and the access edge. The result is a network with a centralized management system and improved security policies. Continue Reading
By
- John Burke, Nemertes Research
News 18 Aug 2022
Russian cyber attacks on Ukraine driven by government groups

Researchers with Trustwave say the cyber attacks against Ukraine are not the work of enlisted private hacking groups but Russian government intelligence agencies. Continue Reading
By
- Shaun Nichols
News 16 Aug 2022
Mailchimp suffers second breach in 4 months

While the source of the breach has not been confirmed, an attacker got into Mailchimp and gained access to the customer account of cloud hosting provider DigitalOcean. Continue Reading
By
- Arielle Waldman, News Writer
News 16 Aug 2022
For cyber insurance, some technology leads to higher premiums

Though cyber insurance demand is exceeding supply and companies might receive less coverage with higher premiums, experts say there are ways enterprises can reduce risk. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Aug 2022
Rapid7: Cisco ASA and ASDM flaws went unpatched for months

While several of the vulnerabilities were reported to Cisco in February, they remained unpatched until Thursday when Rapid7's Jake Baines discussed the flaws at Black Hat USA 2022. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Aug 2022
Cisco hacked by access broker with Lapsus$ ties

No Cisco employee or customer personal information was stolen in the hack, though some data did make it onto the dark web. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 11 Aug 2022
SentinelOne discusses the rise of data-wiping malware

During a Black Hat 2022 session, researchers showed how expectations of cyber war may differ from the reality. Continue Reading
By
- Arielle Waldman, News Writer
Feature 11 Aug 2022
What is data security? The ultimate guide

Dig into the essentials of data security, from must-have tools, technologies and processes to best practices for keeping data safe. Continue Reading
By
- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
News 10 Aug 2022
Industroyer2: How Ukraine avoided another blackout attack

A Black Hat 2022 session explained how the latest attack on Ukraine's energy grid was thwarted this spring, thanks to quick responses and timely sharing of threat data. Continue Reading
By
- Rob Wright, Senior News Director
Tip 08 Aug 2022
10 top open source security testing tools

From Kali Linux to Mimikatz to Metasploit, learn about 10 open source penetration testing tools organizations can use to determine how secure their network is. Continue Reading
By
- Ed Moyle, SecurityCurve
Tip 01 Aug 2022
Top 10 UEBA enterprise use cases

The top user and entity behavior analytics use cases fall in cybersecurity, network and data center operations, management and business operations. Check out the risks. Continue Reading
By
- John Burke, Nemertes Research
Tip 29 Jul 2022
SSH key management best practices and implementation tips

SSH connects key systems and the people and processes necessary to keep them functioning. Learn how to use SSH key management best practices to protect your systems and network. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Tip 27 Jul 2022
SSH2 vs. SSH1 and why SSH versions still matter

The Secure Shell protocol, SSH, was redesigned and released as SSH2 in 2006. While SSH1 lingers for legacy uses, find out how the protocols differ and why it's important. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
- Mike Chapple, University of Notre Dame
News 21 Jul 2022
NCC Group observes a drop in ransomware attacks -- for now

Changes in top ransomware-as-a-service groups like LockBit 2.0 and Conti accounted for the decline in activity, though NCC Group anticipates attacks will ramp back up. Continue Reading
By
- Arielle Waldman, News Writer
Tip 14 Jul 2022
3 steps for getting started with security service edge

Before getting started with security service edge (SSE), formulate a migration strategy. Check out these three expert tips for tackling SSE with maximum efficiency and ease. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Tutorial 11 Jul 2022
How to use SSH tunnels to cross network boundaries

The Secure Shell protocol authenticates and encrypts network connections. Find out how it's used to build tunnels while crossing private networks and even firewalls. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
News 06 Jul 2022
5G networks vulnerable to adversarial ML attacks

A team of academic researchers introduced an attack technique that could disrupt 5G networks, requiring new ways to protect against adversarial machine learning attacks. Continue Reading
By
- Shaun Nichols
News 06 Jul 2022
HackerOne incident raises concerns for insider threats

While the threat actor's motivation appears to be financial, it shows just how damaging an insider threat could be for vulnerability disclosure and bug bounty systems. Continue Reading
By
- Arielle Waldman, News Writer
Feature 29 Jun 2022
A guide to MSP patch management best practices

As software patch management challenges mount, industry experts offer advice to MSPs on prioritizing system risk levels, selecting proper tools and testing patches internally. Continue Reading
By
- Esther Shein
Definition 28 Jun 2022
hardware security

Hardware security is vulnerability protection that comes in the form of a physical device rather than software that's installed on the hardware of a computer system. Continue Reading
By
- Kinza Yasar, Technical Writer
Feature 27 Jun 2022
How to determine out-of-scope bug bounty assets

What happens when a security researcher discovers a bug in an out-of-scope asset? Learn how to handle bug bounty scope in this excerpt from 'Corporate Cybersecurity.' Continue Reading
By
- Kyle Johnson, Technology Editor
- Wiley Publishing
Feature 27 Jun 2022
An enterprise bug bounty program vs. VDP: Which is better?

Creating a bug bounty or vulnerability disclosure program? Learn which option might prove more useful, and get tips on getting a program off the ground. Continue Reading
By
- Kyle Johnson, Technology Editor
Tutorial 23 Jun 2022
Use ssh-keygen to create SSH key pairs and more

Learn how to use ssh-keygen to create new key pairs, copy host keys, use a single login key pair for multiple hosts, retrieve key fingerprints and more in this tutorial. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
News 23 Jun 2022
Access management issues may create security holes

Employees who aren't credentialed to access corporate systems to do their jobs find ways around the red tape that could lead to security breaches. Continue Reading
By
- Shaun Nichols
News 22 Jun 2022
Ongoing PowerShell security threats prompt a call to action

Although PowerShell poses an ongoing risk to enterprise security as a post-exploitation tool, authorities strongly advise against disabling it completely. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 22 Jun 2022
What's driving converged endpoint management and security?

Security and IT teams face challenges in managing and securing a growing number of endpoints, which is driving organizations to look for converged capabilities, according to ESG. Continue Reading
By
- Mark Bowker, Senior Analyst
News 20 Jun 2022
Paige Thompson found guilty in 2019 Capital One data breach

The former Amazon engineer who hacked AWS and gained access to sensitive data belonging to Capital One customers has been convicted. Continue Reading
By
- Arielle Waldman, News Writer
Tip 15 Jun 2022
How to evaluate security service edge products

As organizations become more cloud-centric and adapt to remote work, a new technique known as security service edge is gaining traction. Continue Reading
By
- Ed Moyle, SecurityCurve
News 13 Jun 2022
Skyhigh Security CEO, VP talk life after McAfee

Gee Rittenhouse discusses the process of building Skyhigh Security, a new company created by Symphony Technology Group as a rebirth of McAfee's enterprise cloud security portfolio. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 10 Jun 2022
3 types of PKI certificates and their use cases

Public key infrastructure helps authenticate senders via cryptography and digital certificates. Learn about three types of PKI certificates and their use cases. Continue Reading
By
- Isabella Harford, TechTarget
News 09 Jun 2022
Mandiant: Cyberextortion schemes increasing pressure to pay

At RSA Conference 2022, Mandiant executives discussed how attackers are pulling out all the stops to pressure victims to pay, from DDoS attacks to harassing victims' customers. Continue Reading
By
- Arielle Waldman, News Writer
Feature 07 Jun 2022
Using SSH tunneling for good and evil

Secure Shell tunneling takes the secure application protocol to the next level for bypassing firewalls and creating secure connections everywhere. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
News 07 Jun 2022
Microsoft details zero-trust transition, challenges

Over the past three years, Microsoft has moved to a zero-trust framework. Security engineers outlined the transition and its challenges during a session at RSA Conference 2022. Continue Reading
By
- Arielle Waldman, News Writer
News 07 Jun 2022
Cybereason: Paying ransoms leads to more ransomware attacks

Cybereason found that the majority of organizations that pay threat actors to decrypt data are attacked again -- usually within a month and at the hands of the same attackers. Continue Reading
By
- Arielle Waldman, News Writer
News 06 Jun 2022
Major DDoS attacks increasing after invasion of Ukraine

DDoS attacks are a growing threat to both government and commercial entities across the globe, as Russia's invasion of Ukraine has increased the rate of attacks in 2022. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
Tip 01 Jun 2022
How zero trust unifies network virtualization

The combination of zero trust and network virtualization creates opportunities to strengthen security policies, increase cross-domain collaboration and improve overall visibility. Continue Reading
By
- John Burke, Nemertes Research
Feature 01 Jun 2022
Implementing wireless security in the enterprise

Learn how to properly secure your enterprise wireless network while considering UX, zero trust and commonly overlooked architectural mistakes. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 01 Jun 2022
How to design architecture for enterprise wireless security

Learn about a five-phase design methodology that will help your company plan for and create an enterprise wireless security architecture. Continue Reading
By
- Kyle Johnson, Technology Editor
- Wiley Publishing
News 25 May 2022
Verizon DBIR: Stolen credentials led to nearly 50% of attacks

The Verizon 2022 Data Breach Investigations Report revealed enterprises' ongoing struggle with securing credentials and avoiding common mistakes such as misconfigurations. Continue Reading
By
- Arielle Waldman, News Writer
News 24 May 2022
Verizon DBIR: Ransomware dominated threat landscape in 2021

Though ransomware became an increasingly large threat to enterprises last year, Verizon's Data Breach Investigations Report found the model may not be as profitable as expected. Continue Reading
By
- Arielle Waldman, News Writer
News 18 May 2022
CISA calls out security misconfigurations, common mistakes

Poor security practices and misconfigured controls are allowing threat actors to compromise enterprise networks. Continue Reading
By
- Arielle Waldman, News Writer
Definition 17 May 2022
man in the browser (MitB)

Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is capable of modifying that user's web transactions. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 16 May 2022
Critical bug in Zyxel firewalls, VPNs exploited in the wild

Initially discovered by Rapid7, the vulnerability poses a critical risk to enterprise networks and could allow attackers to gain remote access to Zyxel security products. Continue Reading
By
- Arielle Waldman, News Writer
Definition 16 May 2022
SWIFT FIN message

SWIFT FIN is a message type (MT) that transmits financial information from one financial institution to another. Continue Reading
By
- Robert Sheldon
Answer 12 May 2022
Zero trust vs. zero-knowledge proof: What's the difference?

Zero-knowledge proofs can help companies implement a zero-trust framework. Learn about the two concepts and how they come together to better secure networks. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 11 May 2022
Critical F5 vulnerability under exploitation in the wild

A remote code vulnerability in F5 BIG-IP network appliances is now being scanned for by threat actors, and some experts have observed exploitation in the wild. Continue Reading
By
- Shaun Nichols
News 11 May 2022
US, allies warn of nation-state attacks against MSPs

The joint advisory did not name any specific nation-states, though co-sponsor agencies expect threat actors to 'step up their targeting' of managed service providers (MSPs). Continue Reading
By
- Alexander Culafi, Senior News Writer
News 10 May 2022
US, EU attribute Viasat hack to Russia

The U.S. and U.K. governments, along with the EU, confirmed the suspicions around the attack that disrupted satellite services for customers in Ukraine as Russia invaded the country. Continue Reading
By
- Arielle Waldman, News Writer
Definition 04 May 2022
SYN flood attack

A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server. Continue Reading
By
- Ben Lutkevich, Site Editor
News 03 May 2022
Trend Micro discovers AvosLocker can disable antivirus software

AvosLocker operators are using legitimate tools and previously disclosed vulnerabilities to disable antivirus software and evade detection on infected machines. Continue Reading
By
- Arielle Waldman, News Writer
News 03 May 2022
RCE vulnerabilities found in Avaya, Aruba network switches

Armis told SearchSecurity that depending on device model, it was 'not too hard to develop an exploit' for the Avaya and Aruba flaws, heightening concern for administrators. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 02 May 2022
Cyberespionage group exploiting network and IoT blind spots

Researchers with Mandiant have uncovered a new espionage-focused hacking operation that takes advantage of IoT and networking gear that security tools don't cover. Continue Reading
By
- Shaun Nichols
Definition 28 Apr 2022
Sender Policy Framework (SPF)

Sender Policy Framework (SPF) is a protocol designed to restrict who can use an organization's domain as the source of an email message. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
News 27 Apr 2022
REvil ransomware attacks resume, but operators are unknown

The notorious REvil ransomware gang appears to be up and running once more, as new attacks and malware samples have been observed, but it's unclear who is behind the operation. Continue Reading
By
- Shaun Nichols
News 26 Apr 2022
Cisco Talos observes 'novel increase' in APT activity in Q1

The security vendor uncovered new trends during Q1, including increased APT attacks, 'democratized' ransomware threats and significant exploitation of Log4j bugs. Continue Reading
By
- Arielle Waldman, News Writer
Answer 25 Apr 2022
What are the benefits and challenges of microsegmentation?

Administrators are assessing microsegmentation to beef up access control and security. But deploying microsegmentation can be complex. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 25 Apr 2022
LemonDuck botnet evades detection in cryptomining attacks

While the botnet is not new, it appears operators are honing their skills and evading Alibaba Cloud's monitoring service to take advantage of rising cryptocurrency prices. Continue Reading
By
- Arielle Waldman, News Writer
News 21 Apr 2022
Cryptocurrency theft leaves Beanstalk Farms' future in doubt

Beanstalk Farms' founders confirmed they found many aspects of activity during the attack 'strange' but saw no reason for concern. Now, the company's future is uncertain. Continue Reading
By
- Arielle Waldman, News Writer
Answer 21 Apr 2022
Comparing network segmentation vs. microsegmentation

Network segmentation and microsegmentation both control access but vary in how they do it, as well as how granular their approach is. Learn the differences here. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 20 Apr 2022
U.S. warns of 'increased' threats from Russian hacking groups

The U.S. government and its Five Eyes intelligence partners issued a joint advisory warning of the dangers posed by both state-sponsored hackers and cybercriminal crews in Russia. Continue Reading
By
- Shaun Nichols
News 20 Apr 2022
Kaspersky releases decryptor for Yanluowang ransomware

Kaspersky is offering users and admins a tool to decrypt data that had been locked away by the emerging Yanluowang ransomware gang, which was first revealed in December. Continue Reading
By
- Shaun Nichols
News 18 Apr 2022
Pegasus spyware discovered on U.K. government networks

Citizen Lab confirmed it spotted the notorious spyware running on systems within the U.K. prime minister's office, and it believes the United Arab Emirates is to blame. Continue Reading
By
- Shaun Nichols
News 18 Apr 2022
Attack on Beanstalk Farms results in $182M loss

High payouts and security weaknesses make cryptocurrency a growing target, which was highlighted even further in the latest attack involving virtual currency and a DeFi platform. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Apr 2022
Critical Windows RPC vulnerability raises alarm

Security experts warn that a newly disclosed vulnerability in a critical Windows networking component is opening the door for remote takeover attacks. Continue Reading
By
- Shaun Nichols
News 14 Apr 2022
US government, security vendors warn of new ICS malware

As attacks on critical infrastructure increase, experts warn that threat actors have developed new malware designed to take control of ICS and SCADA systems in the energy sector. Continue Reading
By
- Arielle Waldman, News Writer
News 13 Apr 2022
Microsoft dismantles ZLoader botnet

Microsoft and ESET security teams explained how they were able to identify and dismantle the command and control infrastructure of the notorious ZLoader malware network. Continue Reading
By
- Shaun Nichols
News 13 Apr 2022
Sophos: LockBit affiliates hacked regional government agency

Sophos said attackers spent at least five months inside an unnamed regional government agency's network, remotely Googling for hacking tools before deploying LockBit ransomware. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 12 Apr 2022
Ukraine energy grid hit by Russian Industroyer2 malware

The 2016 malware known as 'Industroyer' has resurfaced in a new series of targeted attacks against industrial controller hardware at a Ukraine power company. Continue Reading
By
- Shaun Nichols
News 12 Apr 2022
Synopsys: Enterprises struggling with open source software

To curb open source risk, Synopsys advises enterprises to keep a comprehensive inventory of all software within its environment and to understand that securing open source requires strong management. Continue Reading
By
- Arielle Waldman, News Writer
News 12 Apr 2022
Law enforcement takedowns continue with RaidForums seizure

The hacker forum, which used to sell and purchase sensitive information including login credentials, has been dismantled, and its alleged founder was arrested and indicted. Continue Reading
By
- Arielle Waldman, News Writer
News 08 Apr 2022
Fortinet, Cato Networks add security for distributed SD-WANs

Fortinet updated FortiOS with an inline sandbox and a cloud access security broker. Cato has added new network access controls to its SASE service. Continue Reading
By
- Madelaine Millar, TechTarget
News 07 Apr 2022
How the FBI took down the Cyclops Blink botnet

The FBI's operation copied and removed Cyclops Blink's malware from victims' systems that were used as command and control devices, severing Sandworm's control of the botnet. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 07 Apr 2022
Open System Authentication (OSA)

Open System Authentication (OSA) is a process by which a computer could gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. Continue Reading
By
- Paul Kirvan
News 06 Apr 2022
US sanctions Garantex for laundering over $100M

The latest action follows a string of sanctions imposed during the past year against cryptocurrency exchanges operating out of Russia. Continue Reading
By
- Arielle Waldman, News Writer
News 06 Apr 2022
Conti ransomware leaks show a low-tech but effective model

The Conti ransomware gang runs largely on elbow grease, according to Akamai security researchers who analyzed the group's training materials and operating policies. Continue Reading
By
- Shaun Nichols
Definition 06 Apr 2022
AAA server (authentication, authorization and accounting)

An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization and accounting (AAA) services. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Definition 04 Apr 2022
Luhn algorithm (modulus 10)

The Luhn algorithm, also called modulus 10 or modulus 10 algorithm, is a simple mathematical formula used to validate a user's identification numbers. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Tip 01 Apr 2022
The pros and cons of Netskope SASE

Netskope is undoubtedly a leader in the CASB market, but its limited security capabilities and lack of SD-WAN make Netskope an incomplete SASE offering. Continue Reading
By
- Steve Garson, SD-WAN Experts
News 31 Mar 2022
New 'AcidRain' malware may be connected to Viasat attack

SentinelOne did not directly attribute the malware to the Viasat attack. That said, researchers argued the "AcidRain" malware's functionality matches open source intelligence. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 30 Mar 2022
Viasat confirms cyber attack on Ukraine customers

The U.S.-based satellite internet provider said a 'multifaceted and deliberate cyber attack' struck Viasat's KA-SAT network on the first day of Russia's invasion of Ukraine. Continue Reading
By
- Arielle Waldman, News Writer
Tip 29 Mar 2022
How to put cybersecurity sustainability into practice

Cybersecurity sustainability practices involve mitigating cyber-risk without burning out people -- or burning through resources. Explore what that looks like on the ground. Continue Reading
By
- Diana Kelley, SecurityCurve
- Deepayan Chanda, Cubic Consulting
News 25 Mar 2022
US indicts Russian nationals for critical infrastructure attacks

One defendant is accused of deploying the infamous Trisis or Triton malware against energy-sector companies, including a petrochemical plant in Saudi Arabia in a 2017 attack. Continue Reading
By
- Arielle Waldman, News Writer
Feature 24 Mar 2022
SecOps and cybersecurity basics for NetOps teams

To bridge the gap between NetOps and SecOps teams, network pros should know security fundamentals, including different types of attackers, attacks and available security services. Continue Reading
By
- Michaela Goss, Senior Site Editor
News 22 Mar 2022
F-Secure splits in two as WithSecure launches

The Finnish security vendor's enterprise business sets off on its own as a new brand called WithSecure, while F-Secure will continue to operate the consumer side of the business. Continue Reading
By
- Shaun Nichols
News 22 Mar 2022
STG launches Skyhigh Security from McAfee cloud assets

The new company combines the McAfee Enterprise Security Service Edge portfolio with a name reminiscent of a previous McAfee acquisition: Skyhigh Networks. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 17 Mar 2022
Sandworm APT ramps up Cyclops Blink botnet with Asus routers

Trend Micro discovered that the Cyclops Blink botnet, which had originally targeted WatchGuard devices, is now spreading to Asus and 'at least one other vendor.' Continue Reading
By
- Alexander Culafi, Senior News Writer
News 16 Mar 2022
LokiLocker ransomware crew bursts onto the scene

The mysterious LokiLocker ransomware group caught the attention of BlackBerry researchers, who say the outfit could become the next cybercrime group to menace enterprises. Continue Reading
By
- Shaun Nichols
Tip 16 Mar 2022
3 benefits of sustainable cybersecurity in the enterprise

Sustainable cybersecurity means taking the long view on cyber-risk mitigation. Explore the technical, financial, societal and reputational wins it can net for the enterprise. Continue Reading
By
- Diana Kelley, SecurityCurve
- Deepayan Chanda, Cubic Consulting
Tip 15 Mar 2022
How to secure NetOps initiatives using Agile methodology

As more NetOps teams implement Agile methods, network and security testing must be part of a holistic approach that involves developers, networking and security teams working together. Continue Reading
By
- John Cavanaugh, BlueAlly
Definition 11 Mar 2022
screened subnet

A screened subnet, or triple-homed firewall, refers to a network architecture where a single firewall is used with three network interfaces. Continue Reading
By
- Rahul Awati
News 10 Mar 2022
Log4Shell vulnerability continues to menace developers

Months after it was first disclosed, the Log4j RCE vulnerability remains widespread on code-sharing sites and open source repositories, according to security researchers. Continue Reading
By
- Shaun Nichols
Answer 10 Mar 2022
Use microsegmentation to mitigate lateral attacks

Attackers will get into a company's system sooner or later. Limit their potential damage by isolating zones with microsegmentation to prevent lateral movement. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 09 Mar 2022
Researchers disclose new Spectre V2 vulnerabilities

The Spectre class of data disclosure vulnerabilities is once again at the security forefront after researchers discovered a new variant of the side-channel attack. Continue Reading
By
- Shaun Nichols
News 08 Mar 2022
Researchers uncover vulnerabilities in APC Smart-UPS devices

Researchers with Armis found a trio of vulnerabilities in uninterruptible power supply (UPS) devices from APC that could be remotely exploited by threat actors. Continue Reading
By
- Shaun Nichols
News 01 Mar 2022
Nvidia confirms breach, proprietary data leaked online

Nvidia has confirmed some of the claims from a little-known ransomware gang that allegedly broke into the network of the GPU giant and stole corporate data. Continue Reading
By
- Shaun Nichols
News 25 Feb 2022
Arista embeds security software in campus switches

Arista Networks will embed network detection and response software in campus switches to provide AI-driven threat detection across the network. Continue Reading
By
- Madelaine Millar, TechTarget
News 25 Feb 2022
Researchers find access brokers focused on US targets

Security vendors studied 'access broker' advertisements on the dark web, which provide ransomware groups with the network and system access required for data thefts. Continue Reading
By
- Shaun Nichols
Tip 25 Feb 2022
A review of Zscaler SASE architecture

Zscaler has a strong cloud-native architecture for secure internet access. But it doesn't deliver SD-WAN or converge internet access and WAN security, leaving it with only part of a SASE platform. Continue Reading
By
- Steve Garson, SD-WAN Experts
Tip 23 Feb 2022
How to use PKI to secure remote network access

Public key infrastructure is a more secure option than password-based or multifactor authentication. Learn how those benefits can extend to remote employees and access. Continue Reading
By
- Michael Cobb
News 23 Feb 2022
IBM: REvil dominated ransomware activity in 2021

IBM X-Force's Threat Intelligence Index report also found a 'triple extortion' ransomware tactic in 2021, where threat actors use DDoS attacks to put extra pressure on victims. Continue Reading
By
- Alexander Culafi, Senior News Writer