Network security

Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.

Top Stories

News 24 Jan 2025
DOJ indicts 5 individuals in North Korea IT worker scam

An unsealed indictment revealed threat actors working for North Korea tricked at least 64 U.S. businesses into hiring fake IT workers for financial and propriety data gains. Continue Reading
By
- Arielle Waldman, News Writer
News 23 Jan 2025
Zero-day vulnerability in SonicWall SMA series under attack

SonicWall released a hotfix for a critical pre-authentication remote code execution vulnerability in Secure Mobile Access 1000 products amidst reports of zero-day exploitation. Continue Reading
By
- Arielle Waldman, News Writer

News 01 Feb 2024
CISA deputy director touts progress, anti-ransomware efforts

In this Q&A, CISA Deputy Director Nitin Natarajan shares his thoughts on scaling up to meet high demand, the agency's new initiative to address ransomware and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 31 Jan 2024
Ivanti discloses new zero-day flaw, releases delayed patches

While Ivanti customers can start patching two previously disclosed vulnerabilities, they must also address two new flaws for the same product. Continue Reading
By
- Arielle Waldman, News Writer
Tutorial 30 Jan 2024
Why you can benefit from using Always On VPN

The Windows Server feature gives administrators more flexibility to manage clients, while giving users a better overall experience when connecting to enterprise resources. Continue Reading
By
- Brien Posey
Tip 29 Jan 2024
Cybersecurity skills gap: Why it exists and how to address it

The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Definition 23 Jan 2024
BYOD (bring your own device)

BYOD (bring your own device) is a policy that enables employees in an organization to use their personally owned devices for work-related activities. Continue Reading
By
- Kinza Yasar, Technical Writer
- Reda Chouffani, Biz Technology Solutions
Definition 23 Jan 2024
network slicing

Network slicing is a technique that creates multiple virtual networks on top of a shared physical network to provide greater flexibility in the use and allocation of network resources. Continue Reading
By
- Kinza Yasar, Technical Writer
- John Burke, Nemertes Research
News 18 Jan 2024
CISA posts incident response guide for water utilities

In its guide, CISA urged water and wastewater sector utility operators to harden their security posture, increase information sharing and build incident response plans. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 16 Jan 2024
incident response team

An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency. Continue Reading
By
- Wesley Chai
- Sarah Lewis
Definition 12 Jan 2024
tunneling or port forwarding

Tunneling or port forwarding is the transmission of data intended for use only within a private -- usually corporate -- network through a public network in such a way that the public network's routing nodes are unaware that the transmission is part of a private network. Continue Reading
By
- Rahul Awati
Definition 10 Jan 2024
Wireshark

Wireshark is a widely used network protocol analyzer that lets users capture and view the details of network traffic in real time. It is particularly useful for troubleshooting network issues, analyzing network protocols and ensuring network security. Continue Reading
By
- Katie Terrell Hanna
News 09 Jan 2024
Amsterdam arrest leads to Babuk Tortilla ransomware decryptor

A joint effort by Cisco Talos, Avast and Dutch law enforcement results in an all-encompassing Babuk ransomware recovery key and the arrest of a threat actor. Continue Reading
By
- Arielle Waldman, News Writer
Feature 08 Jan 2024
How to become an incident responder: Requirements and more

Incident response is a growth area that provides career advancement options and a good salary. Here's an in-depth look at job requirements, salaries and available certifications. Continue Reading
By
- Ed Moyle, SecurityCurve
Tip 05 Jan 2024
5G security: Everything you should know for a secure network

5G touts better security controls than 4G, including stronger encryption, privacy and authentication. But enterprises need to consider the challenges, too. Continue Reading
By
- Michael Cobb
News 03 Jan 2024
SonicWall acquires Banyan to boost zero-trust, SSE offerings

With its second acquisition in two months, SonicWall aims to help enterprises with growing remote workforces through zero-trust network and security service edge offerings. Continue Reading
By
- Arielle Waldman, News Writer
News 21 Dec 2023
10 of the biggest ransomware attacks in 2023

Ransomware attacks against U.S. organizations hit record levels this year as threat actors stepped up extortion tactics and took shaming victims to new levels. Continue Reading
By
- Arielle Waldman, News Writer
Tip 21 Dec 2023
Best practices for secure network automation workflows

It's not enough to build network automation workflows. It's important to secure those workflows, as well. Access control, encryption and collaboration all play important roles. Continue Reading
By
- Verlaine Muhungu
News 19 Dec 2023
FBI leads Alphv/BlackCat takedown, decrypts victims' data

The latest law enforcement effort to halt the surge of ransomware attacks was successful in disrupting one of the most active ransomware-as-a-service groups. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Dec 2023
Russian APT exploiting JetBrains TeamCity vulnerability

The Russian hackers behind the SolarWinds attacks are the latest nation-state group to exploit a critical TeamCity vulnerability to gain initial access to victims' servers. Continue Reading
By
- Arielle Waldman, News Writer
News 13 Dec 2023
How ransomware gangs are engaging -- and using -- the media

New Sophos research shows that ransomware groups are not only attacking technical systems, but taking advantage of information systems as well to pressure victims into paying. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 12 Dec 2023
Application security consolidation remains nuanced

As web application and API protection converge into cloud-based WAAP, Enterprise Strategy Group research shows enterprise interest, but security concerns remain. Continue Reading
By
- John Grady, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Definition 07 Dec 2023
advanced persistent threat (APT)

An advanced persistent threat (APT) is a prolonged and targeted cyber attack in which an intruder gains access to a network and remains undetected for an extended period. Continue Reading
By
- Kinza Yasar, Technical Writer
- Linda Rosencrance
News 06 Dec 2023
Forescout uncovers 21 Sierra Wireless router vulnerabilities

Forescout is urging enterprises to patch software for affected OT/IoT routers as attackers increasingly target edge devices to gain network access to critical infrastructure. Continue Reading
By
- Arielle Waldman, News Writer
News 05 Dec 2023
Ransomware ramps up against private sector in November

Ransomware disclosures and reports increased again in November, with the most disruptive and dangerous attacks occurring against healthcare organizations. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 04 Dec 2023
5 network security predictions for 2024

Check out network security trends for 2024 from Enterprise Strategy Group, from SaaS security and rising DDoS attacks to network and endpoint convergence. Continue Reading
By
- John Grady, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 30 Nov 2023
Black Basta ransomware payments exceed $100M since 2022

Insurance provider Corvus and blockchain analytics vendor Elliptic partnered to examine how much damage the Black Basta ransomware group has caused in less than two years. Continue Reading
By
- Arielle Waldman, News Writer
News 29 Nov 2023
Okta: Support system breach affected all customers

Okta warned customers that they face an 'increased risk of phishing and social engineering attacks' after new details emerged from a breach that occurred earlier this year. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Nov 2023
Europol, Ukraine police arrest alleged ransomware ringleader

Europol and Ukraine's National Police arrested the alleged leader of a ransomware gang last week, along with four accomplices, dismantling the cybercrime group. Continue Reading
By
- Arielle Waldman, News Writer
Tip 17 Nov 2023
An introduction to IoT penetration testing

IoT systems are complex, and that makes checking for vulnerabilities a challenge. Penetration testing is one way to ensure your IoT architecture is safe from cyber attacks. Continue Reading
By
- Laura Vegh, Laura Vegh Creative
News 16 Nov 2023
CISA, FBI issue alert for ongoing Scattered Spider activity

The government advisory follows several high-profile attacks attributed to Scattered Spider, which uses advanced social engineering techniques like SIM swapping. Continue Reading
By
- Arielle Waldman, News Writer
Definition 16 Nov 2023
Automated Clearing House fraud (ACH fraud)

ACH fraud is the theft of funds through the U.S. Department of the Treasury's Automated Clearing House financial transaction network. Continue Reading
By
- Rahul Awati
News 15 Nov 2023
LockBit observed exploiting critical 'Citrix Bleed' flaw

The Financial Services Information Sharing and Analysis Center warned that LockBit ransomware actors are exploiting CVE-2023-4966, also known as Citrix Bleed. Continue Reading
By
- Arielle Waldman, News Writer
News 15 Nov 2023
VMware discloses critical, unpatched Cloud Director bug

A manual workaround is currently available for a critical VMware Cloud Director Appliance flaw, tracked as CVE-2023-34060, but no patch is available at press time. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 15 Nov 2023
How to protect your organization from IoT malware

IoT devices are attractive targets to attackers, but keeping them secure isn't easy. Still, there are steps to take to minimize risk and protect networks from attacks. Continue Reading
By
- Michael Cobb
Feature 13 Nov 2023
SD-WAN deployments feed SASE network and security convergence

Enterprise Strategy Group's Bob Laliberte discusses the latest findings in his newly released report and why SD-WAN's direct cloud connectivity feeds SASE business initiatives. Continue Reading
By
- Ron Karjian, Industry Editor
Definition 09 Nov 2023
crisis communication

Crisis communication is a strategic approach to corresponding with people and organizations during a disruptive event. Continue Reading
By
- Rahul Awati
- Paul Crocetti, Executive Editor
Tip 07 Nov 2023
Factors to consider when securing industrial IoT networks

Industrial IoT networks differ from enterprise data networks. Keeping them safe requires a security strategy that's specifically crafted for legacy and new devices and sensors. Continue Reading
By
- Dan Jones
Tip 07 Nov 2023
7 useful hardware pen testing tools

Penetration testers use a variety of hardware to conduct security assessments, including a powerful laptop, Raspberry Pi, Rubber Ducky and more. Continue Reading
By
- Rob Shapland
News 06 Nov 2023
Ransomware continues to rise in October across all sectors

Ransomware disclosures and reports surged last month, leading in some cases to bankruptcy filing, prolonged business disruptions and ambulance diversions for hospitals. Continue Reading
By
- Arielle Waldman, News Writer
News 31 Oct 2023
SEC charges SolarWinds for security failures, fraud

The SEC accused SolarWinds and CISO Timothy Brown of hiding known cybersecurity risks that were further highlighted by the supply chain attack revealed in 2020. Continue Reading
By
- Arielle Waldman, News Writer
News 31 Oct 2023
Dual ransomware attacks on the rise, but causes are unclear

While the FBI warned enterprises of an increase in dual ransomware attacks, infosec experts said there's insufficient data to consider the threat a trend. Continue Reading
By
- Arielle Waldman, News Writer
News 26 Oct 2023
NCC Group details 153% spike in September ransomware attacks

NCC Group analysts warned the significant year-over-year increase will likely continue. Organizations may see 4,000 ransomware attacks by the end of 2023. Continue Reading
By
- Arielle Waldman, News Writer
News 24 Oct 2023
1Password stops attack linked to Okta breach

1Password said a threat actor used a HAR file stolen in the recent Okta breach to access the password manager's Okta tenant, but the activity was detected and blocked. Continue Reading
By
- Arielle Waldman, News Writer
Answer 20 Oct 2023
What to know about UDP vulnerabilities and security

UDP is a simple protocol, but it has inherent vulnerabilities that make it prone to attacks, such as limited packet verification, IP spoofing and DDoS attacks. Continue Reading
By
- David Jacobs, The Jacobs Group
News 19 Oct 2023
North Korean hackers exploit critical TeamCity vulnerability

While a patch is available, Microsoft and JetBrains confirmed TeamCity users have been compromised in attacks that leverage CVE-2023-42793 as an initial attack vector. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 19 Oct 2023
Cloud-native firewalls are the next step in network security

The network security challenges associated with cloud provider and virtual firewalls are leading to third parties introducing cloud-native firewalls. Continue Reading
By
- John Grady, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Definition 18 Oct 2023
antispoofing

Antispoofing is a technique for identifying and dropping packets that have a false source address. Continue Reading
By
- Paul Kirvan
- Sharon Shea, Executive Editor
Feature 17 Oct 2023
10 cybersecurity experts to follow on social media

Cybersecurity experts provide valuable insights into the security landscape. Follow this curated list of recognized authorities to stay informed and safeguard your digital assets. Continue Reading
By
- Kinza Yasar, Technical Writer
Podcast 12 Oct 2023
Risk & Repeat: Rapid Reset and the future of DDoS attacks

This podcast episode covers the record-breaking DDoS attack Rapid Reset, why it stands out among other DDoS campaigns and whether it will be widely replicated in the future. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 10 Oct 2023
'Rapid Reset' DDoS attacks exploiting HTTP/2 vulnerability

Cloudflare said the Rapid Reset DDoS attack was three times larger than the attack it had on record. Google similarly called it 'the largest DDoS attack to date.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 10 Oct 2023
Security posture management a huge challenge for IT pros

Enterprise Strategy Group's John Oltsik explains why executing security hygiene and posture management at scale remains an uphill battle for organizations, despite automation. Continue Reading
By
- Linda Tucci, Industry Editor -- CIO/IT Strategy
News 06 Oct 2023
MGM faces $100M loss from ransomware attack

MGM's 8-K filing revealed some personal customer data was stolen during the September attack and said the company expects cyber insurance to sufficiently cover the losses. Continue Reading
By
- Arielle Waldman, News Writer
Definition 05 Oct 2023
Microsoft Schannel (Microsoft Secure Channel)

The Microsoft Secure Channel, or Schannel, is a security support package that facilitates the use of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) encryption on Windows platforms. Continue Reading
By
- Madelyn Bacon, TechTarget
Definition 04 Oct 2023
What is ransomware? How it works and how to remove it

Ransomware is a type of malware that locks and encrypts a victim's data, files, devices or systems, rendering them inaccessible and unusable until the attacker receives a ransom payment. Continue Reading
By
- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
News 03 Oct 2023
Ransomware disrupts hospitality, healthcare in September

Ransomware disclosures and reports last month were headlined by attacks on MGM Resorts and Caesars Entertainment, which proved costly to the Las Vegas hospitality giants. Continue Reading
By
- Arielle Waldman, News Writer
Definition 03 Oct 2023
security posture

Security posture refers to an organization's overall cybersecurity strength and how well it can predict, prevent and respond to ever-changing cyberthreats. Continue Reading
By
- Cameron Hashemi-Pour, Former Site Editor
- Linda Rosencrance
Definition 02 Oct 2023
ISO 31000 Risk Management

The ISO 31000 Risk Management framework is an international standard that provides organizations with guidelines and principles for risk management. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Brien Posey
Opinion 02 Oct 2023
Transitioning to single-vendor SASE will take time

New Enterprise Strategy Group research reveals enterprises are interested in single-vendor SASE -- but with multiple tools on hand, the transition will take planning and time. Continue Reading
By
- John Grady, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 29 Sep 2023
How to use Wireshark to sniff and scan network traffic

Wireshark continues to be a critical tool for security practitioners. Learning how to use it to scan network traffic should be on every security pro's to-do list. Continue Reading
By
- Ed Moyle, SecurityCurve
News 28 Sep 2023
US, Japan warn China-linked 'BlackTech' targeting routers

CISA said BlackTech has targeted Cisco and other router makers by using a variety of tools and techniques to modify and even replace devices' firmware. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 28 Sep 2023
Cisco patches zero-day vulnerability under attack

Cisco said its Advanced Security Initiatives Group discovered the zero-day flaw while investigating attempted attacks on the vendor's Group Encrypted Transport VPN feature. Continue Reading
By
- Arielle Waldman, News Writer
News 25 Sep 2023
Dallas doles out $8.5M to remediate May ransomware attack

The city of Dallas provided a detailed attack timeline that showed Royal threat actors compromised a service account a month before ransomware was deployed. Continue Reading
By
- Arielle Waldman, News Writer
Tutorial 22 Sep 2023
How to disable removable media access with Group Policy

Removable media can pose serious security problems. But there is a way to control who has access to optical disks and USB drives through Windows' Active Directory. Continue Reading
By
- Damon Garn, Cogspinner Coaction
Definition 21 Sep 2023
DNS over HTTPS (DoH)

DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session. Continue Reading
By
- Brien Posey
News 20 Sep 2023
Okta: Caesars, MGM hacked in social engineering campaign

Identity management vendor Okta had previously disclosed that four unnamed customers had fallen victim to a social engineering campaign that affected victims' MFA protections. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Sep 2023
Cyber insurance report shows surge in ransomware claims

Coalition's H1 2023 report shows ransomware activity increased and severity reached "historic" highs as businesses lost an average of more than $365,000 following an attack. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 19 Sep 2023
Risk & Repeat: MGM, Caesars casino hacks disrupt Las Vegas

This podcast episode compares the cyber attacks suffered by casino giants MGM Resorts and Caesars Entertainment in recent weeks and the fallout from them. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Sep 2023
Caesars Entertainment breached in social engineering attack

Caesars said it took steps after the breach to "ensure that the stolen data is deleted by the unauthorized actor," suggesting it paid a ransom to the attackers. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Sep 2023
Palo Alto Networks: 80% of security exposures exist in cloud

It's no surprise that organizations struggle with cloud security, but a new report reveals an alarming split between cloud and on-premise security exposures. Continue Reading
By
- Arielle Waldman, News Writer
News 13 Sep 2023
Browser companies patch critical zero-day vulnerability

While attack details remain unknown, Chrome, Edge and Firefox users are being urged to update their browsers as an exploit for CVE-2023-4863 lurks in the wild. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Sep 2023
Cisco VPN flaw faces attempted Akira ransomware attacks

Cisco said it became aware of 'attempted exploitation' last month and referenced an Aug. 24 security advisory saying its VPNs were under attack by the Akira ransomware gang. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 07 Sep 2023
How Storm-0558 hackers stole an MSA key from Microsoft

Microsoft detailed a series of errors that led to a consumer account signing key accidentally being included in a crash dump that was later accessed by Storm-0558 actors. Continue Reading
By
- Arielle Waldman, News Writer
News 05 Sep 2023
Ransomware attacks on education sector spike in August

While data breach notifications for MoveIt Transfer customers continued to rise, August also saw ransomware ramp up against schools and universities as classes resumed. Continue Reading
By
- Arielle Waldman, News Writer
News 30 Aug 2023
FBI, Justice Department dismantle Qakbot malware

The FBI operation, one of the largest U.S.-led botnet disruption efforts ever, included international partners such as France, Germany, the Netherlands and the United Kingdom. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 29 Aug 2023
Microsoft Teams attack exposes collab platform security gaps

Criminal and state-sponsored hackers are ramping up cyberattacks on instant messaging platforms and other workplace collaboration tools. Meanwhile, enterprises' readiness lags. Continue Reading
By
- Shaun Sutner, Senior News Director
News 29 Aug 2023
Mandiant reveals new backdoors used in Barracuda ESG attacks

Further investigations show threat actors were prepared for Barracuda Networks' remediation efforts, including an action notice to replace all compromised devices. Continue Reading
By
- Arielle Waldman, News Writer
News 24 Aug 2023
FBI: Suspected Chinese actors continue Barracuda ESG attacks

The alert comes after Barracuda Networks issued an advisory stating that patches for CVE-2023-2868 were insufficient and all affected ESG devices need to be replaced. Continue Reading
By
- Arielle Waldman, News Writer
News 23 Aug 2023
Sophos: RDP played a part in 95% of attacks in H1 2023

While Sophos observed increasing activity around Active Directory and Remote Desktop Protocol abuse, it recommended simple mitigation steps can limit the attack surface. Continue Reading
By
- Arielle Waldman, News Writer
- Rob Wright, Senior News Director
Definition 23 Aug 2023
network vulnerability scanning

Network vulnerability scanning is the process of inspecting and reporting potential vulnerabilities and security loopholes on a computer, network, web application or other device, including firewalls, switches, routers and wireless access points. Continue Reading
By
- Kinza Yasar, Technical Writer
News 17 Aug 2023
CISA, vendors warn Citrix ShareFile flaw under attack

A vulnerability in the managed file transfer product that enterprises use is being actively exploited two months after Citrix released a fix. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Aug 2023
Onapsis researchers detail new SAP security threats

At Black Hat 2023, Onapsis researchers demonstrated how attackers could chain a series of SAP vulnerabilities impacting the P4 protocol to gain root access to a target network. Continue Reading
By
- Arielle Waldman, News Writer
Tip 09 Aug 2023
Types of Nmap scans and best practices

Nmap scanning helps network teams with network reconnaissance and vulnerability discovery. Common types of scans include TCP SYN, OS detection, vulnerability and version detection. Continue Reading
By
- Verlaine Muhungu
Definition 07 Aug 2023
IoT security (internet of things security)

IoT security (internet of things security) is the technology segment focused on safeguarding connected devices and networks in IoT. Continue Reading
By
- Kinza Yasar, Technical Writer
- Sharon Shea, Executive Editor
- Ivy Wigmore
News 03 Aug 2023
MoveIt Transfer attacks dominate July ransomware disclosures

Traditional ransomware attacks took a back seat last month, as Clop operators continued to claim victims from the zero-day attacks on MoveIt Transfer customers. Continue Reading
By
- Arielle Waldman, News Writer
Tip 01 Aug 2023
Top 5 benefits of SASE to enhance network security

A cloud-based distributed architecture, centralized management and endpoint-specific security policies are just some of the benefits of Secure Access Service Edge. Continue Reading
By
- Terry Slattery, NetCraftsmen
News 27 Jul 2023
Google: 41 zero-day vulnerabilities exploited in 2022

While attackers increasingly exploited zero-day flaws last year, one of the most notable findings from the report emphasized how inadequate patches led to new variants. Continue Reading
By
- Arielle Waldman, News Writer
News 25 Jul 2023
Thoma Bravo sells Imperva to Thales Group for $3.6B

With the acquisition, Thales looks to expand its Digital Security and Identity business with an increased focus on protecting web applications and API. Continue Reading
By
- Arielle Waldman, News Writer
Tip 25 Jul 2023
5 steps to approach BYOD compliance policies

It can be difficult to ensure BYOD endpoints are compliant because IT can't configure them before they ship to users. Admins must enforce specific policies to make up for this. Continue Reading
By
- Will Kelly
- Mike Chapple, University of Notre Dame
News 20 Jul 2023
Cyber insurers adapting to data-centric ransomware threats

Cyber insurance carriers and infosec vendors weigh in on how the shift in ransomware tactics is affecting policies and coverage, presenting challenges for enterprises. Continue Reading
By
- Arielle Waldman, News Writer
News 17 Jul 2023
Microsoft still investigating stolen MSA key from email attacks

While Microsoft provided additional attack details and techniques used by Storm-0558, it remains unclear how the Microsoft account signing key was acquired. Continue Reading
By
- Arielle Waldman, News Writer
News 13 Jul 2023
Microsoft: Government agencies breached in email attacks

While Microsoft mitigated the attacks and found no evidence of further access beyond the email accounts, the Outlook breaches raised questions for the software giant. Continue Reading
By
- Arielle Waldman, News Writer
News 12 Jul 2023
Russia-based actor exploited unpatched Office zero day

Microsoft investigated an ongoing phishing campaign that leverages Word documents to deliver malicious attachments to targeted organizations in the U.S. and Europe. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 11 Jul 2023
Risk & Repeat: How bad is Clop's MoveIt Transfer campaign?

Clop's data theft and extortion campaign against MoveIt Transfer customers marks some of the most high-profile threat activity this year, but its success level remains unclear. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 10 Jul 2023
TPG Capital acquires Forcepoint's government unit for $2.45B

Forcepoint's Global Governments and Critical Infrastructure unit will operate independently under TPG, while the commercial business will remain at Francisco Partners. Continue Reading
By
- Arielle Waldman, News Writer
Feature 10 Jul 2023
Wi-Fi AP placement best practices and security policies

From a security standpoint, Wi-Fi network designers should consider the physical and logical placement of APs, as well as management, segmentation and rogue devices. Continue Reading
By
- Lee Badman
Definition 07 Jul 2023
bridge

A bridge is a class of network device designed to connect networks at OSI Level 2, which is the data link layer of a local area network. Continue Reading
By
- Tom Nolle, Andover Intel
Definition 07 Jul 2023
network intrusion protection system (NIPS)

A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity. Continue Reading
By
- Paul Kirvan
News 05 Jul 2023
June saw flurry of ransomware attacks on education sector

As the school year culminated, ransomware attacks surged across K-12 schools and universities, causing class disruptions and putting sensitive data at risk. Continue Reading
By
- Arielle Waldman, News Writer
Tutorial 05 Jul 2023
3 ways to troubleshoot using Wireshark and tcpdump

Protocol analyzer tools, such as Wireshark and tcpdump, can help network administrators identify protocols in the network, analyze network performance and discover network devices. Continue Reading
By
- Damon Garn, Cogspinner Coaction
News 28 Jun 2023
DDoS attacks surging behind new techniques, geopolitical goals

A rise in massive DDoS attacks, some of which target the application layer and cause significant disruptions, might require new defense strategies from cybersecurity vendors. Continue Reading
By
- Arielle Waldman, News Writer
News 27 Jun 2023
Censys finds hundreds of exposed devices in federal orgs

Censys found exposed instances of Progress Software's MoveIt Transfer and Barracuda Networks' Email Security Gateway appliances during its analysis of FCEB agency networks. Continue Reading
By
- Alexander Culafi, Senior News Writer