Network Security
Network Security | News, how-tos, features, reviews, and videos
Microsoft reports jump in business email compromise activity
Thirty-five million business email compromise (BEC) attempts were detected in the last year, according to the latest Microsoft Cyber Signals report.
Critical remote code execution flaws patched in Cisco small business switches
Some of the vulnerabilities could lead to complete compromise of the device as a proof of concept is publicly available.
Aviatrix is transforming cloud network security with distributed firewalling
The new distributed cloud firewall offering distributes both inspection and policy enforcement into the original path of application traffic, eliminating the need to redirect traffic to centralized firewalls.
Researchers show ways to abuse Microsoft Teams accounts for lateral movement
Attackers have several ways to enable lateral movement within a network via a compromised Teams account.
New security tool lets you bypass SSL inspection errors
With Dope Security’s new SSL error resolution feature, admins can now bypass SSL inspection for applications without manual overload.
Israeli threat group uses fake company acquisitions in CEO fraud schemes
The group targets multinational firms using email display name spoofing and multiple fake personas.
Microsoft fixes bypass for critical Outlook zero-click flaw patch
Microsoft rates the new Outlook vulnerability as medium severity, but Akamai researchers say it should be higher.
7 VPN alternatives for securing remote network access
Virtual private networks have shortcomings when it comes to protecting remote network connections. These technologies can replace or supplement it.
Review your on-prem ADCS infrastructure before attackers do it for you
Attacks through Active Directory Certificate Services are fairly easy for bad actors to perform but basic vigilance and built-in Windows protections can help mitigate the risk of a breach.
Attacks increasingly use malicious HTML email attachments
New research shows that up to a half of all HTML email attachments are malicious, and not just because of a few massive campaigns.
oneM2M IoT security specifications granted ITU approval
The oneM2M specifications enable secure IoT data exchange and information interoperability across different vertical sectors, service providers, and use cases.
Abnormal Security expands threat protection to Slack, Teams and Zoom
The new tools include message security, account takeover protection, and security posture management for cloud communication applications to protect against multi-channel threats.
Thousands of misconfigured container and artifact registries expose sensitive credentials
Shadow IT or careless configuration of container and artifact registries could give attackers access to sensitive data and inject malicious code.
Cisco patches high and critical flaws across several products
Left unmitigated, the vulnerabilities could lead to unauthorized remote access, denial of service attacks, or privilege escalation.
Russian cyber spy group APT28 backdoors Cisco routers via SNMP
The spy agency has been exploiting an old vulnerability that allows bad actors to gain access through simple network management protocol credentials.
New Qbot campaign delivers malware by hijacking business emails
The new Qbot email campaign uses a combination of PDF and WSF to install the malware and steal the victim’s banking credentials.
video