Network security
Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.
Top Stories
-
Tip
20 Nov 2024
4 types of access control
Access management is the gatekeeper, making sure a device or person can gain entry only to the systems or applications to which they have been granted permission. Continue Reading
-
News
19 Nov 2024
2 Palo Alto Networks zero-day vulnerabilities under attack
CVE-2024-9474 marks the second zero-day vulnerability in Palo Alto Networks' PAN-OS firewall management interface to come under attack in the last week. Continue Reading
-
News
03 Jun 2024
Mandiant: Ransomware investigations up 20% in 2023
The cybersecurity company observed a sharp rise in activity on data leak sites in 2023 as well as an increase in ransomware actors using legitimate commercial tools during attacks. Continue Reading
-
News
30 May 2024
Law enforcement conducts 'largest ever' botnet takedown
An international law enforcement effort called 'Operation Endgame' disrupted several infamous malware loaders and botnets used by ransomware gangs and other cybercriminals. Continue Reading
-
Answer
30 May 2024
Top 6 benefits of zero-trust security for businesses
The zero-trust security model demands infosec leaders take a holistic approach to IT infrastructure security. Learn about the top six business benefits of zero trust here. Continue Reading
-
News
29 May 2024
Check Point discovers vulnerability tied to VPN attacks
While Check Point identified CVE-2024-24919 as the root cause behind recent attack attempts on its VPN products, it's unclear if threat actors gained access to customer networks. Continue Reading
-
News
28 May 2024
Check Point warns of threat actors targeting VPNs
Check Point said threat actors were targeting a small number of customers by attempting to compromise local VPN accounts that only utilized passwords for authentication. Continue Reading
-
News
28 May 2024
How AI could bolster software supply chain security
Supply chain risks have become more complicated and continue to affect a variety of organizations, but Synopsys' Tim Mackey believes AI could help create more secure software. Continue Reading
-
Definition
23 May 2024
wireless intrusion prevention system (WIPS)
A wireless intrusion prevention system (WIPS) is a dedicated security device or integrated software application that monitors a wireless local area network (WLAN) or Wi-Fi network's radio spectrum for rogue access points (APs) and other wireless threats. Continue Reading
-
Definition
23 May 2024
virtual firewall
A virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment. Continue Reading
-
News
21 May 2024
Rapid7 warns of alarming zero-day vulnerability trends
The cybersecurity vendor tracked vulnerabilities that were used by threat actors in mass compromise events and found more than half were exploited as zero days. Continue Reading
-
News
20 May 2024
CyberArk to acquire Venafi from Thoma Bravo for $1.5B
CyberArk said it intends to help enterprises with the growing number of machine identities, which the company said surpasses human identities by a ratio of 40 to 1. Continue Reading
-
News
16 May 2024
What LockBitSupp charges mean for ransomware investigations
At RSA Conference 2024, Recorded Future's Allan Liska discussed evolving ransomware trends and how authorities recently exposed the LockBit ransomware group ringleader. Continue Reading
-
News
16 May 2024
IBM sells QRadar SaaS assets to Palo Alto Networks
The deal with Palo Alto Networks comes one year after IBM announced QRadar Suite, an AI-enhanced security platform that combined existing SIEM and XDR products. Continue Reading
-
News
15 May 2024
AI-driven attacks seen as chief cloud security threat
Tried and true cloud security threats are on the rise. But according to a new report from Palo Alto Networks, the specter of generative AI threats has organizations concerned. Continue Reading
-
News
14 May 2024
SonicWall CEO talks transformation, security transparency
SonicWall's CEO said that following a string of serious vulnerabilities the company responded to in 2021, product development and quality assurance operations were overhauled. Continue Reading
-
Definition
10 May 2024
Pegasus malware
Pegasus malware is spyware that can hack any iOS or Android device and steal a variety of data from the infected device, including text messages, emails, key logs, audio and information from installed applications, such as Facebook or Instagram. Continue Reading
-
Feature
09 May 2024
Build a resilient network: What I learned from 5 thought leaders
At the 2024 'Strategies for a Resilient Network' summit, five thought leaders shared best practices to help you achieve optimal network resiliency. Learn more. Continue Reading
-
News
08 May 2024
National Security Agency warns against paying ransoms
Rob Joyce and David Luber, former and current directors of cybersecurity at the NSA, discuss how the ransomware attack on Change Healthcare exemplified the cons of paying ransoms. Continue Reading
-
News
08 May 2024
White House: Threats to critical infrastructure are 'severe'
While the White House released the new National Cybersecurity Strategy last year to help combat threats to critical infrastructure organizations, attacks have continued. Continue Reading
-
News
07 May 2024
SentinelOne: Ransomware actors are adapting to EDR
At RSA Conference 2024, SentinelOne's Alex Stamos discussed ongoing global threats such as ransomware and how threat actors are changing their techniques. Continue Reading
-
News
07 May 2024
U.S. agencies continue to observe Volt Typhoon intrusions
A panel of experts at RSA Conference 2024 discussed Volt Typhoon and warned the Chinese nation-state threat group is still targeting and compromising U.S. organizations. Continue Reading
-
Definition
06 May 2024
social engineering penetration testing
Social engineering penetration testing is the practice of deliberately conducting typical social engineering scams on employees to ascertain the organization's level of vulnerability to this type of exploit. Continue Reading
-
News
06 May 2024
Cisco details Splunk security integrations, AI developments
Just two months after Cisco completed its $28 billion acquisition of analytics giant Splunk, the company added XDR capabilities into Splunk Enterprise Security. Continue Reading
-
News
01 May 2024
U.S. warns of pro-Russian hacktivist attacks against OT systems
CISA calls on OT device manufacturers to implement more effective security protocols as attacks against critical infrastructure organizations continue. Continue Reading
-
Definition
01 May 2024
remote access
Remote access is the ability for an authorized person to access a computer or network from a geographical distance through a network connection. Continue Reading
-
News
30 Apr 2024
Change Healthcare breached via Citrix portal with no MFA
UnitedHealth Group CEO Andrew Witty's opening statement for Wednesday's congressional hearing shed more light on the ransomware attack against Change Healthcare. Continue Reading
-
Tip
30 Apr 2024
How SASE convergence affects organizational silos
Most enterprises have siloed departments, but SASE's convergence of network and security functions is disrupting those constructs and driving the need for more team communication. Continue Reading
-
Definition
25 Apr 2024
disaster recovery (DR)
Disaster recovery (DR) is an organization's ability to respond to and recover from an event that negatively affects business operations. Continue Reading
-
News
25 Apr 2024
Dymium scares ransomware attacks with honeypot specters
Dymium, a security startup that recently emerged from stealth, offers ransomware defense for data stores with a network of honeypot traps for spoofing attackers. Continue Reading
-
News
24 Apr 2024
Critical CrushFTP zero-day vulnerability under attack
While a patch is now available, a critical CrushFTP vulnerability came under attack as a zero-day and could allow attackers to exfiltrate all files on the server. Continue Reading
-
Tip
23 Apr 2024
Creating a patch management policy: Step-by-step guide
A comprehensive patch management policy is insurance against security vulnerabilities and bugs in networked hardware and software that can disrupt your critical business processes. Continue Reading
-
News
18 Apr 2024
Cisco discloses high-severity vulnerability, PoC available
The security vendor released fixes for a vulnerability that affects Cisco Integrated Management Controller, which is used by devices including routers and servers. Continue Reading
-
Answer
18 Apr 2024
Stateful vs. stateless firewalls: Understanding the differences
Stateful firewalls are the norm in most networks, but there are still times where a stateless firewall fits the bill. Learn how these firewalls work and what approach might be best. Continue Reading
-
News
17 Apr 2024
Mandiant upgrades Sandworm to APT44 due to increasing threat
Over the past decade, Sandworm has been responsible for high-severity attacks that highlight the group's persistence, evasion techniques and threat to government bodies. Continue Reading
-
News
16 Apr 2024
OT security vendor Nozomi Networks lands Air Force contract
Nozomi Networks CEO Edgard Capdevielle said the $1.25 million contract will be a guarantee that 'our products will continue to meet the requirements of the Air Force.' Continue Reading
-
News
11 Apr 2024
CISA discloses Sisense breach, customer data compromised
CISA is investigating a breach of data analytics vendor Sisense that may have exposed customers' credentials and secrets and could impact critical infrastructure organizations. Continue Reading
-
News
08 Apr 2024
Flaws in legacy D-Link NAS devices under attack
Internet scans show threat actors are targeting CVE-2024-3273 in thousands of end-of-life D-Link NAS devices, and exploitation requires no authentication. Continue Reading
-
News
04 Apr 2024
Ransomware attacks ravaged municipal governments in March
Many municipalities across the U.S. faced network outages, data breaches and large ransom demands following a flurry of ransomware attacks last month. Continue Reading
-
News
03 Apr 2024
Sophos: Ransomware present in 70% of IR investigations
Sophos' Active Adversary Report said securing remote desktop protocols and Active Directories and hardening credentials can help limit the influx of successful ransomware attacks. Continue Reading
-
Feature
02 Apr 2024
SASE vs. SD-WAN: What's the difference?
SASE and SD-WAN are two similar architectures administrators use to provide secure network access, but they differ in terms of deployment, security, connectivity and more. Continue Reading
-
News
26 Mar 2024
SQL injection vulnerability in Fortinet software under attack
Fortinet and CISA confirmed CVE-2023-48788 is being actively exploited. But the Shadowserver Foundation found that many vulnerable instances remain online. Continue Reading
-
Tip
25 Mar 2024
Agent vs. agentless security: Learn the differences
Enterprises can either use an agent or agentless approach to monitor and secure their networks. Each approach has benefits and drawbacks. Continue Reading
-
News
21 Mar 2024
NCC Group: Ransomware attacks jump 73% in February
While NCC Group expected an increase in ransomware attacks from January to February, year-over-year data showed just how persistent the threat is to enterprises. Continue Reading
-
Tip
21 Mar 2024
10 remote work cybersecurity risks and how to prevent them
Larger attack surfaces, limited oversight of data use and more vulnerable technologies are among the security risks faced in remote work environments. Continue Reading
-
Tip
21 Mar 2024
How to avoid internet black holes for the network
Black holes in the network disrupt connectivity and compromise data integrity. Network monitoring, team collaboration and routing optimization help minimize the negative effects. Continue Reading
-
News
18 Mar 2024
Exploitation activity increasing on Fortinet vulnerability
The Shadowserver Foundation recently saw an increase in exploitation activity for CVE-2024-21762, two days after a proof-of-concept exploit was published. Continue Reading
-
Definition
15 Mar 2024
virus (computer virus)
A computer virus is a type of malware that attaches itself to a program or file. A virus can replicate and spread across an infected system and it often propagates to other systems, much like a biological virus spreads from host to host. Continue Reading
-
Definition
14 Mar 2024
virus signature (virus definition)
A virus signature, also known as a 'virus definition,' is a piece of code with a unique binary pattern that identifies a computer virus or family of viruses. Continue Reading
-
Tip
12 Mar 2024
How to secure on-prem apps with Entra Application Proxy
There's nothing wrong with using a VPN to securely connect to on-premises web apps, but Microsoft Entra Application Proxy is an alternative with a more streamlined approach. Continue Reading
-
News
12 Mar 2024
LockBit attacks continue via ConnectWise ScreenConnect flaws
Coalition is latest company to confirm LockBit activity against vulnerable ScreenConnect instances. But the insurer found significant differences between previous LockBit attacks. Continue Reading
-
Feature
07 Mar 2024
VPNs persist amid the rise of ZTNA, other VPN alternatives
VPN use continues despite its outdated status in the networking industry. But usage has declined as enterprises make room for remote access alternatives, like ZTNA, SASE and more. Continue Reading
-
Answer
07 Mar 2024
The differences between inbound and outbound firewall rules
Firewalls can support both inbound and outbound firewall rules, but there are important differences between the two. Learn more about each and their uses. Continue Reading
-
News
05 Mar 2024
Critical JetBrains TeamCity vulnerabilities under attack
Exploitation activity has started against two vulnerabilities in JetBrains TeamCity, which has been targeted previously by nation-state threat actors such as Russia's Cozy Bear. Continue Reading
-
News
29 Feb 2024
CISA warns Ivanti ICT ineffective for detecting compromises
CISA observed ongoing exploitation against four Ivanti vulnerabilities and found problems with the vendor's Integrity Checker Tool, which is designed to detect compromises. Continue Reading
-
Definition
27 Feb 2024
OpenSSL
OpenSSL is an open source cryptographic toolkit that facilitates secure communications between endpoints on a network. Continue Reading
-
Tutorial
26 Feb 2024
How to use a jump server to link security zones
Jump servers are a perfect example of less is more. By using these slimmed-down boxes, administrators can connect to multiple resources securely. Continue Reading
-
News
21 Feb 2024
Coalition: Vulnerability scoring systems falling short
Coalition said enterprises faced more substantial fallout from attacks on Citrix Bleed and Progress Software's MoveIt Transfer due to inadequate vulnerability prioritization. Continue Reading
-
Tip
20 Feb 2024
A network compliance checklist for remote work
This network compliance checklist for remote work provides best practices on establishing remote policies and procedures, help desk support and data backup, among other steps. Continue Reading
-
News
15 Feb 2024
Ransomware disrupts utilities, infrastructure in January
Ransomware attacks last month caused outages and disruptions at public sector and critical infrastructure organizations as well as a major financial services firm. Continue Reading
-
News
15 Feb 2024
Eclypsium: Ivanti firmware has 'plethora' of security issues
In its firmware analysis, Eclypsium found that the Ivanti Pulse Secure appliance used a version of Linux that was more than a decade old and several years past end of life. Continue Reading
-
Tip
14 Feb 2024
What is cybersecurity mesh and how can it help you?
The concept of cybersecurity mesh could help solve and simplify issues created by multi-cloud deployments and the increase in remote work environments. Continue Reading
-
Tip
13 Feb 2024
How to conduct a social engineering penetration test
Social engineering attacks are becoming more sophisticated and more damaging. Penetration testing is one of the best ways to learn how to safeguard your systems against attack. Continue Reading
-
News
12 Feb 2024
CISA warns Fortinet zero-day vulnerability under attack
CISA alerted federal agencies that a critical zero-day vulnerability in FortiOS is being actively exploited, though Fortinet has yet to confirm reports. Continue Reading
-
News
08 Feb 2024
NCC Group records the most ransomware victims ever in 2023
Enterprises faced an alarming number of ransomware attacks as gangs targeted supply chains and took advantage of zero-day vulnerabilities and organizations' patching struggles. Continue Reading
-
News
07 Feb 2024
CISA: Volt Typhoon had access to some U.S. targets for 5 years
A joint cybersecurity advisory expanded on the Volt Typhoon threat Wednesday, confirming attackers maintained prolonged persistent access to critical infrastructure targets. Continue Reading
-
Tip
07 Feb 2024
NetSecOps best practices for network engineers
Network engineers increasingly need to align their duties with security, such as implementing continuous monitoring, deploying threat intelligence and collaborating with security. Continue Reading
-
Tip
07 Feb 2024
How ZTNA protects against internal network threats
ZTNA has grown in popularity as a method to enable remote access and mitigate security risks, but businesses can also use ZTNA to protect against internal threats inside a network. Continue Reading
-
Tip
05 Feb 2024
Shadow AI poses new generation of threats to enterprise IT
AI is all the rage -- and so is shadow AI. Learn how unsanctioned use of generative AI tools can open organizations up to significant risks and what to do about it. Continue Reading
-
Definition
02 Feb 2024
communications security (COMSEC)
Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic or to any written information that is transmitted or transferred. Continue Reading
-
News
01 Feb 2024
Critical infrastructure hacks raise alarms on Chinese threats
FBI Director Christopher Wray and CISA Director Jen Easterly warned that China was targeting critical infrastructure for possible destructive attacks in the event of a conflict with the United States. Continue Reading
-
News
01 Feb 2024
CISA deputy director touts progress, anti-ransomware efforts
In this Q&A, CISA Deputy Director Nitin Natarajan shares his thoughts on scaling up to meet high demand, the agency's new initiative to address ransomware and more. Continue Reading
-
News
31 Jan 2024
Ivanti discloses new zero-day flaw, releases delayed patches
While Ivanti customers can start patching two previously disclosed vulnerabilities, they must also address two new flaws for the same product. Continue Reading
-
Tutorial
30 Jan 2024
Why you can benefit from using Always On VPN
The Windows Server feature gives administrators more flexibility to manage clients, while giving users a better overall experience when connecting to enterprise resources. Continue Reading
-
Tip
29 Jan 2024
Cybersecurity skills gap: Why it exists and how to address it
The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
-
Definition
23 Jan 2024
managed detection and response (MDR)
Managed detection and response (MDR) services are a collection of network-, host- and endpoint-based cybersecurity technologies that a third-party provider manages for a client organization. Continue Reading
-
Definition
23 Jan 2024
BYOD (bring your own device)
BYOD (bring your own device) is a policy that enables employees in an organization to use their personally owned devices for work-related activities. Continue Reading
-
Definition
23 Jan 2024
network slicing
Network slicing is a technique that creates multiple virtual networks on top of a shared physical network to provide greater flexibility in the use and allocation of network resources. Continue Reading
-
News
18 Jan 2024
CISA posts incident response guide for water utilities
In its guide, CISA urged water and wastewater sector utility operators to harden their security posture, increase information sharing and build incident response plans. Continue Reading
-
Definition
16 Jan 2024
incident response team
An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency. Continue Reading
-
Definition
12 Jan 2024
tunneling or port forwarding
Tunneling or port forwarding is the transmission of data intended for use only within a private -- usually corporate -- network through a public network in such a way that the public network's routing nodes are unaware that the transmission is part of a private network. Continue Reading
-
Definition
10 Jan 2024
Wireshark
Wireshark is a widely used network protocol analyzer that lets users capture and view the details of network traffic in real time. It is particularly useful for troubleshooting network issues, analyzing network protocols and ensuring network security. Continue Reading
-
News
09 Jan 2024
Amsterdam arrest leads to Babuk Tortilla ransomware decryptor
A joint effort by Cisco Talos, Avast and Dutch law enforcement results in an all-encompassing Babuk ransomware recovery key and the arrest of a threat actor. Continue Reading
-
Feature
08 Jan 2024
How to become an incident responder: Requirements and more
Incident response is a growth area that provides career advancement options and a good salary. Here's an in-depth look at job requirements, salaries and available certifications. Continue Reading
-
Tip
05 Jan 2024
5G security: Everything you should know for a secure network
5G touts better security controls than 4G, including stronger encryption, privacy and authentication. But enterprises need to consider the challenges, too. Continue Reading
-
News
03 Jan 2024
SonicWall acquires Banyan to boost zero-trust, SSE offerings
With its second acquisition in two months, SonicWall aims to help enterprises with growing remote workforces through zero-trust network and security service edge offerings. Continue Reading
-
News
21 Dec 2023
10 of the biggest ransomware attacks in 2023
Ransomware attacks against U.S. organizations hit record levels this year as threat actors stepped up extortion tactics and took shaming victims to new levels. Continue Reading
-
Tip
21 Dec 2023
Best practices for secure network automation workflows
It's not enough to build network automation workflows. It's important to secure those workflows, as well. Access control, encryption and collaboration all play important roles. Continue Reading
-
News
19 Dec 2023
FBI leads Alphv/BlackCat takedown, decrypts victims' data
The latest law enforcement effort to halt the surge of ransomware attacks was successful in disrupting one of the most active ransomware-as-a-service groups. Continue Reading
-
News
14 Dec 2023
Russian APT exploiting JetBrains TeamCity vulnerability
The Russian hackers behind the SolarWinds attacks are the latest nation-state group to exploit a critical TeamCity vulnerability to gain initial access to victims' servers. Continue Reading
-
News
13 Dec 2023
How ransomware gangs are engaging -- and using -- the media
New Sophos research shows that ransomware groups are not only attacking technical systems, but taking advantage of information systems as well to pressure victims into paying. Continue Reading
-
Opinion
12 Dec 2023
Application security consolidation remains nuanced
As web application and API protection converge into cloud-based WAAP, Enterprise Strategy Group research shows enterprise interest, but security concerns remain. Continue Reading
-
Definition
07 Dec 2023
advanced persistent threat (APT)
An advanced persistent threat (APT) is a prolonged and targeted cyber attack in which an intruder gains access to a network and remains undetected for an extended period. Continue Reading
-
News
06 Dec 2023
Forescout uncovers 21 Sierra Wireless router vulnerabilities
Forescout is urging enterprises to patch software for affected OT/IoT routers as attackers increasingly target edge devices to gain network access to critical infrastructure. Continue Reading
-
News
05 Dec 2023
Ransomware ramps up against private sector in November
Ransomware disclosures and reports increased again in November, with the most disruptive and dangerous attacks occurring against healthcare organizations. Continue Reading
-
Opinion
04 Dec 2023
5 network security predictions for 2024
Check out network security trends for 2024 from Enterprise Strategy Group, from SaaS security and rising DDoS attacks to network and endpoint convergence. Continue Reading
-
News
30 Nov 2023
Black Basta ransomware payments exceed $100M since 2022
Insurance provider Corvus and blockchain analytics vendor Elliptic partnered to examine how much damage the Black Basta ransomware group has caused in less than two years. Continue Reading
-
News
29 Nov 2023
Okta: Support system breach affected all customers
Okta warned customers that they face an 'increased risk of phishing and social engineering attacks' after new details emerged from a breach that occurred earlier this year. Continue Reading
-
News
28 Nov 2023
Europol, Ukraine police arrest alleged ransomware ringleader
Europol and Ukraine's National Police arrested the alleged leader of a ransomware gang last week, along with four accomplices, dismantling the cybercrime group. Continue Reading
-
Tip
17 Nov 2023
An introduction to IoT penetration testing
IoT systems are complex, and that makes checking for vulnerabilities a challenge. Penetration testing is one way to ensure your IoT architecture is safe from cyber attacks. Continue Reading
-
News
16 Nov 2023
CISA, FBI issue alert for ongoing Scattered Spider activity
The government advisory follows several high-profile attacks attributed to Scattered Spider, which uses advanced social engineering techniques like SIM swapping. Continue Reading
-
Definition
16 Nov 2023
Automated Clearing House fraud (ACH fraud)
ACH fraud is the theft of funds through the U.S. Department of the Treasury's Automated Clearing House financial transaction network. Continue Reading