Network Security

Gone are the days when a protected OS kept the bad guys out. Hardening authentication, the help desk, and log files in place is now needed to beat the bad guys.

By Susan Bradley

22 Nov 20237 mins

PhishingWindows SecurityNetwork Security

9 in 10 organizations have embraced zero-trust security globally

By John P. Mello Jr.

22 Nov 20234 mins

Zero TrustNetwork Security

AT&T’s mysterious MSSP spinoff could have upsides for its security consulting business

By Jon Gold

21 Nov 20233 mins

Managed Service ProvidersNetwork Security

Articles

New research reveals most-attacked, most-vulnerable assets

While medical devices are the most susceptible to unpatched CVEs, operational technology assets are the most attacked.

By Michael Hill

05 Sep 2023 4 mins

Critical InfrastructureNetwork SecurityVulnerabilities

Recently patched Juniper firewall flaws allow remote code execution

Researchers have chained two medium severity vulnerabilities to execute "world ending" remote code execution, and a real-world exploit has been found.

By Lucian Constantin

29 Aug 2023 6 mins

Remote Access SecurityNetwork SecurityVulnerabilities

Proxyjacking campaign LABRAT targets vulnerable GitLab deployments

Sophisticated attack employs stealthy and evasive techniques and tools to make defense and detection more challenging.

By Lucian Constantin

17 Aug 2023 5 mins

HackingGitLabNetwork Security

Check Point beefs up SASE offering with $490M Perimeter 81 acquisition

Check Point Software will integrate Perimater 81's zero trust network access and rapid deployment technology into its existing Infinity product architecture.

By Jon Gold

10 Aug 2023 3 mins

Zero TrustMergers and AcquisitionsNetwork Security

IBM launches open-source detection and response framework for MFT attacks

The goal is to help defenders more quickly detect attacks enabled by managed file transfer application vulnerabilities and provide an incident response playbook.

By Lucian Constantin

09 Aug 2023 5 mins

CyberattacksNetwork SecurityVulnerabilities

Attackers use Cloudflare Tunnel to proxy into victim networks

Exploiting Cloudflare Tunnel requires little skill and potentially could compromise and entire network.

By Lucian Constantin

08 Aug 2023 6 mins

CyberattacksCloud SecurityNetwork Security

Kubernetes clusters under attack in hundreds of organizations

Malware and backdoors used in attacks affecting some Fortune 500 companies.

By Michael Hill

08 Aug 2023 5 mins

Cloud SecurityNetwork SecurityOpen Source

Vectra AI unveils XDR platform with real-time attack signal intelligence

XDR platform uses native and third-party attack signals across hybrid cloud domains including AWS, Microsoft Azure, and Google Cloud as well as networks and endpoints.

By Michael Hill

08 Aug 2023 4 mins

Threat and Vulnerability ManagementCloud SecurityNetwork Security

Beware of overly permissive Azure AD cross-tenant synchronization policies

A new proof of concept shows that attackers can use Azure AD CTS to leap to Microsoft and non-Microsoft application across tenants.

By Lucian Constantin

02 Aug 2023 6 mins

Active DirectoryAzure FunctionsCloud Security

Cisco adds new ransomware recovery capabilities to XDR solution

Features reduce the time between the beginnings of a ransomware outbreak and capturing a snapshot of business-critical information to enhance business continuity.

By Michael Hill

01 Aug 2023 3 mins

RansomwareThreat and Vulnerability ManagementNetwork Security

New vulnerabilities mean it's time to review server BMC interfaces

Two recently discovered vulnerabilities in widely used baseboard management controllers could give remote and local threat actors full control over servers.

By Lucian Constantin

28 Jul 2023 6 mins

Network SecurityVulnerabilities