featureBatten down the hatches: it’s time to harden every facet of your Windows network Gone are the days when a protected OS kept the bad guys out. Hardening authentication, the help desk, and log files in place is now needed to beat the bad guys.By Susan Bradley22 Nov 20237 minsPhishingWindows SecurityNetwork Security news 9 in 10 organizations have embraced zero-trust security globallyBy John Mello Jr.22 Nov 20234 minsZero TrustNetwork Securitynews analysis AT&T’s mysterious MSSP spinoff could have upsides for its security consulting businessBy Jon Gold21 Nov 20233 minsManaged Service ProvidersNetwork Security opinionDeception technology use to grow in 2024 and proliferate in 2025By Jon Oltsik 13 Nov 20236 minsThreat and Vulnerability ManagementNetwork Security news analysisCisco patches serious flaws in Firepower and Identity Services EngineBy Lucian Constantin 06 Nov 20234 minsNetwork SecurityVulnerabilities news analysisHelloKitty ransomware deployed via critical Apache ActiveMQ flawBy Lucian Constantin 02 Nov 20234 minsRansomwareMalwareNetwork Security newsMicrosoft pledges cybersecurity overhaul to protect products and servicesBy Michael Hill 02 Nov 20239 minsInternet SecurityApplication SecurityNetwork Security featureWhat is phishing? Examples, types, and techniquesBy Josh Fruhlinger 02 Nov 202310 minsPhishingSocial EngineeringNetwork Security newsThird Wave Innovations rolls security into all-in-one NOC offeringBy Jon Gold 31 Oct 20233 minsThreat and Vulnerability ManagementNetwork Security ArticlesnewsNew research reveals most-attacked, most-vulnerable assetsWhile medical devices are the most susceptible to unpatched CVEs, operational technology assets are the most attacked.By Michael Hill 05 Sep 2023 4 minsCritical InfrastructureNetwork SecurityVulnerabilitiesnewsUK National Grid plans to use honeypots to lure attackers, improve defencesThe critical infrastructure provider is looking for a security expert to help it set honeypots and plant false documents that appear valuable to attackers.By Michael Hill 31 Aug 2023 3 minsCritical InfrastructureNetwork Securitynews analysisRecently patched Juniper firewall flaws allow remote code executionResearchers have chained two medium severity vulnerabilities to execute "world ending" remote code execution, and a real-world exploit has been found. By Lucian Constantin 29 Aug 2023 6 minsRemote Access SecurityNetwork SecurityVulnerabilitiesnewsProxyjacking campaign LABRAT targets vulnerable GitLab deploymentsSophisticated attack employs stealthy and evasive techniques and tools to make defense and detection more challenging.By Lucian Constantin 17 Aug 2023 5 minsHackingGitLabNetwork SecuritynewsCheck Point beefs up SASE offering with $490M Perimeter 81 acquisitionCheck Point Software will integrate Perimater 81's zero trust network access and rapid deployment technology into its existing Infinity product architecture.By Jon Gold 10 Aug 2023 3 minsZero TrustMergers and AcquisitionsNetwork Securitynews analysisIBM launches open-source detection and response framework for MFT attacksThe goal is to help defenders more quickly detect attacks enabled by managed file transfer application vulnerabilities and provide an incident response playbook.By Lucian Constantin 09 Aug 2023 5 minsCyberattacksNetwork SecurityVulnerabilitiesnews analysisAttackers use Cloudflare Tunnel to proxy into victim networksExploiting Cloudflare Tunnel requires little skill and potentially could compromise and entire network.By Lucian Constantin 08 Aug 2023 6 minsCyberattacksCloud SecurityNetwork SecuritynewsKubernetes clusters under attack in hundreds of organizationsMalware and backdoors used in attacks affecting some Fortune 500 companies.By Michael Hill 08 Aug 2023 5 minsCloud SecurityNetwork SecurityOpen SourcenewsVectra AI unveils XDR platform with real-time attack signal intelligenceXDR platform uses native and third-party attack signals across hybrid cloud domains including AWS, Microsoft Azure, and Google Cloud as well as networks and endpoints.By Michael Hill 08 Aug 2023 4 minsThreat and Vulnerability ManagementCloud SecurityNetwork Securitynews analysisBeware of overly permissive Azure AD cross-tenant synchronization policiesA new proof of concept shows that attackers can use Azure AD CTS to leap to Microsoft and non-Microsoft application across tenants.By Lucian Constantin 02 Aug 2023 6 minsActive DirectoryAzure FunctionsCloud SecuritynewsCisco adds new ransomware recovery capabilities to XDR solutionFeatures reduce the time between the beginnings of a ransomware outbreak and capturing a snapshot of business-critical information to enhance business continuity.By Michael Hill 01 Aug 2023 3 minsRansomwareThreat and Vulnerability ManagementNetwork Securitynews analysisNew vulnerabilities mean it's time to review server BMC interfacesTwo recently discovered vulnerabilities in widely used baseboard management controllers could give remote and local threat actors full control over servers. By Lucian Constantin 28 Jul 2023 6 minsNetwork SecurityVulnerabilities Show more Show less View all Resources whitepaper The shift to a security approach for the full application stack This whitepaper discusses how technologists can optimize security for modern application stacks. The post The shift to a security approach for the full application stack appeared first on Whitepaper Repository. By WWT & AppDynamics 05 May 2023Application Performance ManagementEmerging TechnologyIT Management View all Podcasts podcastsSponsored by CiscoSecure Remote Working: what we've learnt and where we go from hereSecure Remote Working is a podcast series looking at how organizations have had to adapt during the COVID19 pandemic; the challenges they faced, the solutions they found, and the long-term impact of secure remote working at scale. This series outlines how the threat landscape changed, the cultural and leadership impacts, and the key technologies that have enabled organizations to continue to operate in difficult circumstances.0 episodeRemote Access Security Ep. 01 Episode 1: Preparing for the next phase in secure remote working 10 Aug 202032 mins Security Ep. 03 Episode 3: Guiding CISOs through change planning for the new way of working 10 Aug 202026 mins Security Video on demand videoGet up to speed on SASE: What's driving demand and how providers' capabilities differAs enterprises build up their mobile, edge and cloud deployments, they’re being challenged to deliver a more efficient, scalable network-security architecture. Secure access service edge (SASE) is the convergence of security and networking in a cloud-delivered model. Learn what’s driving demand for SASE, how SASE providers’ capabilities differ, and the skills companies need to get started. 15 Oct 2021 26 minsSASENetwork SecuritySecurity WAN evolution: From SD-WAN to Secure Access Service Edge (SASE) 25 Jun 2021 31 minsSASESD-WANNetwork Security How have network firewalls evolved? 30 Apr 2018 FirewallsNetwork MonitoringNetwork Security Is it time to kill the pen test? | Salted Hash Ep 22 18 Apr 2018 12 minsHackingNetwork MonitoringCybercrime See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Physical Security Privacy Risk Management Security View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos feature How a digital design firm navigated its SOC 2 audit By Alex Levin 28 Nov 202311 mins CertificationsCompliance news GE investigates alleged data breach into confidential projects: Report By Shweta Sharma 27 Nov 20233 mins Data Breach opinion A year after ChatGPT’s debut, is GenAI a boon or the bane of the CISO’s existence? By Christopher Burgess 27 Nov 20236 mins Generative AIData and Information SecuritySecurity Practices podcast CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison 20 Nov 202315 mins CSO and CISO podcast CSO Executive Sessions Australia with Robbie Whittome, CISO at Curtin University 16 Oct 202315 mins CSO and CISO podcast CSO Executive Sessions / ASEAN: Cisco's Anthony Grieco on opportunities in Southeast Asia's cybersecurity landscape 10 Oct 202316 mins CSO and CISO video CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison 20 Nov 202315 mins CSO and CISO video AI and Cybersecurity: Speed Bumps, Training, and Communication 06 Nov 202317 mins CyberattacksGenerative AI video CSO Executive Sessions Australia with Robbie Whittome 16 Oct 202315 mins CSO and CISO