Network security

Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.

Top Stories

News 19 Nov 2024
2 Palo Alto Networks zero-day vulnerabilities under attack

CVE-2024-9474 marks the second zero-day vulnerability in Palo Alto Networks' PAN-OS firewall management interface to come under attack in the last week. Continue Reading
By
- Arielle Waldman, News Writer
Tip 18 Nov 2024
What CISOs need to know to build an OT cybersecurity program

More companies are tasking CISOs with operational technology security. But this oversight means a new strategy for those unfamiliar with building an effective OT security program. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
- Sharon Shea, Executive Editor

News 16 May 2023
Coalition: Employee actions are driving cyber insurance claims

After analyzing cyber insurance claims data, Coalition determined that phishing escalated in 2022, ransomware dropped and timely patching remained a consistent problem. Continue Reading
By
- Arielle Waldman, News Writer
News 08 May 2023
Western Digital confirms ransomware actors stole customer data

Western Digital issued an update late Friday that confirmed customer data was stolen in an attack for which Alphv ransomware actors claimed responsibility. Continue Reading
By
- Arielle Waldman, News Writer
Feature 05 May 2023
How to start handling Azure network security

Before adopting Microsoft Azure, it's important to consider how to secure the cloud network. That's where network security groups and Azure Firewall come in. Continue Reading
By
- Kyle Johnson, Technology Editor
News 04 May 2023
Ransomware gangs display ruthless extortion tactics in April

Ransomware groups are pressuring enterprises into paying with harsher extortion tactics, contacting individual victims directly and leaking stolen photos and video footage. Continue Reading
By
- Arielle Waldman, News Writer
Tip 04 May 2023
Review the components of VMware SASE Platform

VMware SASE Platform provides many strong networking and security capabilities, but it comes in an offering that feels like many individual products packaged together. Continue Reading
By
- Steve Garson, SD-WAN Experts
Tip 28 Apr 2023
The pros and cons of VPNs for enterprises

VPNs use different protocols and encryption to protect data and prevent unauthorized users from accessing company resources. But those protocols come with their own benefits and challenges. Continue Reading
By
- David Jacobs, The Jacobs Group
Definition 26 Apr 2023
cloaking

Cloaking is a technique where a different version of web content is returned to users than to the search engine crawlers. Continue Reading
By
- Pat Brans, Pat Brans Associates/Grenoble Ecole de Management
News 25 Apr 2023
Google, Mandiant highlight top threats, evolving adversaries

Enterprises are struggling to keep up as adversary groups improve tactics. But one of the most difficult groups to defend against, according to Google and Mandiant, was a surprise. Continue Reading
By
- Arielle Waldman, News Writer
News 19 Apr 2023
Point32Health confirms service disruption due to ransomware

A ransomware attack interrupted access to services provided by one of New England's largest healthcare insurers, though the scope of affected customers and data remains unknown. Continue Reading
By
- Arielle Waldman, News Writer
Definition 19 Apr 2023
cloud workload protection

Cloud workload protection is the safeguarding of workloads spread out across multiple cloud environments. Businesses that use public and private clouds can use cloud workload protection platforms to help defend themselves against cyber attacks. Continue Reading
By
- Ian Palmer
Definition 19 Apr 2023
firewall

A firewall is a network security device that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of security rules to identify and block threats. Continue Reading
By
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
Definition 14 Apr 2023
CDN (content delivery network)

A CDN (content delivery network), also called a content distribution network, is a group of geographically distributed and interconnected servers. Continue Reading
By
- Kinza Yasar, Technical Writer
News 12 Apr 2023
Nokoyawa ransomware exploits Windows CLFS zero-day

The Nokoyawa ransomware attacks highlight the growing use of zero-day exploits by a variety of threat groups, including financially motivated cybercriminals. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Apr 2023
Recorded Future launches OpenAI GPT model for threat intel

The new OpenAI GPT model was trained on Recorded Future's large data set and interprets evidence to help support enterprises struggling with cyberdefense. Continue Reading
By
- Arielle Waldman, News Writer
Tip 11 Apr 2023
SD-WAN vs. VPN: How do they compare?

When comparing SD-WAN and VPN, enterprises choosing between the two technologies should consider factors like cost, management and routing intelligence. Continue Reading
By
- Robert Sturt, Netify
Definition 06 Apr 2023
war driving (access point mapping)

War driving, also called access point mapping, is the act of locating and possibly exploiting connections to wireless local area networks (WLANs) while driving around a city or elsewhere. Continue Reading
By
- Rahul Awati
News 05 Apr 2023
42% of IT leaders told to maintain breach confidentiality

While transparency and prompt reporting are important steps following an attack, Bitdefender found that many IT professionals were told to maintain confidentiality after a breach. Continue Reading
By
- Arielle Waldman, News Writer
Feature 05 Apr 2023
ICS kill chain: Adapting the cyber kill chain to ICS environments

As IT/OT convergence continues to gain traction, industrial control system security cannot be ignored. Performing pen tests based on the ICS Kill Chain can help. Continue Reading
By
- Sharon Shea, Executive Editor
- Packt Publishing
Feature 05 Apr 2023
An intro to the IDMZ, the demilitarized zone for ICSes

Setting up an IDMZ -- a demilitarized zone between enterprise and industrial networks -- can prevent operational environments from becoming compromised by IT threats. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 05 Apr 2023
Reinforce industrial control system security with ICS monitoring

Monitoring an industrial control system environment isn't that different from monitoring a traditional IT environment, but there are some considerations to keep in mind. Continue Reading
By
- Sharon Shea, Executive Editor
News 04 Apr 2023
March ransomware disclosures spike behind Clop attacks

The Clop ransomware gang claimed responsibility for several disclosed ransomware attacks on major enterprises, which stemmed from a zero-day flaw in Fortra's GoAnywhere software. Continue Reading
By
- Arielle Waldman, News Writer
Definition 03 Apr 2023
Temporal Key Integrity Protocol (TKIP)

Temporal Key Integrity Protocol (TKIP) is an encryption protocol included in the Institute of Electrical and Electronics Engineers (IEEE) 802.11i standard for wireless local area networks (WLANs). Continue Reading
By
- Rahul Awati
Definition 23 Mar 2023
cyber espionage

Cyber espionage (cyberespionage) is a type of cyber attack that malicious hackers carry out against a business or government entity. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Tip 22 Mar 2023
How network perimeters secure enterprise networks

Network perimeters serve as essential network security to block unwanted traffic. Find out how they differ from the network edge and how they help secure enterprise networks. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 16 Mar 2023
U.S. federal agency hacked via 3-year-old Telerik UI flaw

A CISA advisory said multiple threat actors recently exploited a Progress Telerik UI vulnerability, first disclosed in 2019, to breach an unnamed federal civilian agency. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 Mar 2023
Dell launches new security offerings for data protection, MDR

Dell's new and expansive services focus on top security challenges enterprises face, such as data protection, ransomware recovery and supply chain threats. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Mar 2023
Magniber ransomware actors exploiting Microsoft zero day

Magniber ransomware actors discovered a way to bypass Microsoft's remediation for a previous SmartScreen vulnerability to attack enterprises, according to Google researchers. Continue Reading
By
- Arielle Waldman, News Writer
Feature 13 Mar 2023
How to apply and edit Wireshark display filters

Wireshark display filters enable users to narrow the scope of a network traffic scan. Use this tutorial to apply and edit display filters to make detailed network sniffing easier. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
Feature 13 Mar 2023
Customize workflows with Wireshark profiles

Wireshark has a variety of uses, which is why creating multiple personalized Wireshark profiles is important. Learn about Wireshark profiles, how to share them and more. Continue Reading
By
- Kyle Johnson, Technology Editor
News 09 Mar 2023
IceFire ransomware targets Linux, exploits IBM vulnerability

IceFire ransomware actors have shifted their attention to Linux servers and are actively exploiting a known vulnerability in IBM's Aspera Faspex file sharing software. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Mar 2023
Flashpoint: Threat vectors converging, increasing damage

The threat intelligence vendor warned that threat actors are increasingly combining known vulnerabilities, stolen credentials and exposed data to wreak maximum damage. Continue Reading
By
- Arielle Waldman, News Writer
News 08 Mar 2023
Cisco, HPE plug holes in cloud security portfolios

Hewlett Packard Enterprise also unveiled plans to acquire Athonet, an Italian company that provides cellular technology for private 4G and 5G networks. Continue Reading
By
- Antone Gonsalves, News Director
Definition 07 Mar 2023
network switch

A network switch connects devices in a network to each other, enabling them to talk by exchanging data packets. Switches can be hardware devices that manage physical networks or software-based virtual devices. Continue Reading
By
- Kinza Yasar, Technical Writer
- John Burke, Nemertes Research
News 06 Mar 2023
Police raids target 'core' DoppelPaymer ransomware members

A coordinated law enforcement effort last week resulted in raids and arrest warrants against 'core members' of the infamous DoppelPaymer ransomware group. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 02 Mar 2023
Accurately assessing the success of zero-trust initiatives

Zero-trust preparation can be difficult. Measuring how well the model provides security and business benefits after implementation is even more difficult. Continue Reading
By
- John Grady, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Feature 23 Feb 2023
Inside the PEIR purple teaming model

Want to try purple team exercises but aren't sure how to do so? Try the 'Prepare, Execute, Identify and Remediate' purple teaming model. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
Feature 23 Feb 2023
Understanding purple teaming benefits and challenges

Blue teams and red teams are coming together to form purple teams to improve their organization's security posture. What does this mean for the rivals? And how does it work? Continue Reading
By
- Kyle Johnson, Technology Editor
Definition 08 Feb 2023
Windows Defender Exploit Guard

Microsoft Windows Defender Exploit Guard is antimalware software that provides intrusion protection for Windows 10 OS users. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 06 Feb 2023
Vastaamo hacking suspect arrested in France

The suspect in the infamous cyber attack, Julius Kivimäki, is a 25-year-old Finnish man who was arrested after being remanded in absentia in October 2022. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 02 Feb 2023
Threat activity increasing around Fortinet VPN vulnerability

Following public disclosure of the critical VPN flaw in December, multiple reports show threat actors are exploiting it to target high-profile organizations. Continue Reading
By
- Arielle Waldman, News Writer
News 02 Feb 2023
HeadCrab malware targets Redis to mine cryptocurrency

Aqua Security said the HeadCrab botnet has taken control of at least 1,200 servers via internet-facing instances of the opensource DBMS Redis and is using them for cryptomining. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 02 Feb 2023
Ransomware attacks on public sector persist in January

Many of the attacks disclosed or reported in January occurred against the public sector, including multiple school districts that were hit within days of one another. Continue Reading
By
- Arielle Waldman, News Writer
Tip 01 Feb 2023
What reverse shell attacks are and how to prevent them

Attackers use reverse shells to covertly attack an organization's environment. Discover what a reverse shell is and how to mitigate such attacks. Continue Reading
By
- Ravi Das, ML Tech Inc.
Definition 31 Jan 2023
IP address (Internet Protocol address)

Internet Protocol (IP) address is a unique numerical identifier for every device or network that connects to the internet. Continue Reading
By
- Kinza Yasar, Technical Writer
News 25 Jan 2023
Contractor error led to Baltimore schools ransomware attack

A security contractor for Baltimore County Public Schools mistakenly opened a suspicious phishing email attachment in an unsecure environment, leading to the ransomware attack. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 19 Jan 2023
Heartbleed

Heartbleed was a vulnerability in some implementations of OpenSSL, an open source cryptographic library. Continue Reading
By
- Sharon Shea, Executive Editor
Tip 18 Jan 2023
Top 10 ICS cybersecurity threats and challenges

Industrial control systems are subject to both unique and common cybersecurity threats and challenges. Learn about the top ones here and how to mitigate them. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
News 10 Jan 2023
BitSight, Schneider Electric partner to quantify OT risk

The new partnership aims to provide organizations with increased visibility and risk detection capabilities for operational technology environments and critical infrastructure. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 09 Jan 2023
3 enterprise network security predictions for 2023

It's shaping up to be another banner year for network security. 2023 may see decryption-less threat detection, connected home-caused enterprise breaches and new SASE drivers. Continue Reading
By
- John Grady, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 04 Jan 2023
December ransomware disclosures reveal high-profile victims

Cloud provider Rackspace was just one of several major enterprises to suffer a ransomware attack, according to public disclosures and reports in December. Continue Reading
By
- Arielle Waldman, News Writer
News 20 Dec 2022
NCC Group: Ransomware attacks increased 41% in November

In addition to a month full of unexpected trends in both threat group activity and targeted sectors, NCC Group warned organizations to be aware of an increase in DDoS attacks. Continue Reading
By
- Arielle Waldman, News Writer
Feature 19 Dec 2022
11 cybersecurity predictions for 2023

Analysts and experts have looked into their crystal balls and made their cybersecurity predictions for 2023. Is your organization prepared if these predictions come true? Continue Reading
By
- Kyle Johnson, Technology Editor
News 15 Dec 2022
Check Point classifies Azov as wiper, not ransomware

While Azov was initially considered ransomware, Check Point researchers warned the polymorphic malware is designed to inflict maximum damage to targeted systems. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Dec 2022
Cybereason warns of rapid increase in Royal ransomware

Enterprises need to be aware of the group's partial encryption technique because the less data it encrypts, the less chance the activity will be detected by a security product. Continue Reading
By
- Arielle Waldman, News Writer
Definition 13 Dec 2022
ISO 27001

ISO 27001, formally known as ISO/IEC 27001:2022, is an information security standard created by the International Organization for Standardization (ISO), which provides a framework and guidelines for establishing, implementing and managing an information security management system (ISMS). Continue Reading
By
- Katie Terrell Hanna
Feature 13 Dec 2022
12 types of wireless network attacks and how to prevent them

From packet sniffing and rogue access points to spoofing attacks and encryption cracking, learn about common wireless network attacks and how to prevent them. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
- Sharon Shea, Executive Editor
News 12 Dec 2022
Fortinet confirms VPN vulnerability exploited in the wild

In an advisory Monday, Fortinet urged customers to take steps to immediately mitigate the critical flaw, which was disclosed earlier by French infosec firm Olympe Cyberdefense. Continue Reading
By
- Arielle Waldman, News Writer
News 06 Dec 2022
Cisco teases new capabilities with SD-WAN update

Cisco SD-WAN 17.10 enhancements give enterprises the option of using security service edge providers Cloudflare and Netskope in secure access service edge deployments. Continue Reading
By
- Mary Reines, News Writer
News 06 Dec 2022
MegaRAC flaws, IP leak impact multiple server brands

MegaRAC BMC software from American Megatrends, Inc. have a trio of serious security vulnerabilities that were discovered following an intellectual property leak. Continue Reading
By
- Shaun Nichols
Feature 06 Dec 2022
Wireless security: WEP, WPA, WPA2 and WPA3 differences

As wireless networks have evolved, so have the protocols for securing them. Get an overview of WLAN security standards, and learn the differences among WEP, WPA, WPA2 and WPA3. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Jessica Scarpati
News 05 Dec 2022
Education sector hit by Hive ransomware in November

The education sector remained a popular target last month, particularly from Hive, a ransomware-a-as-a-service group, that even warranted a government alert in late November. Continue Reading
By
- Arielle Waldman, News Writer
News 05 Dec 2022
Rackspace 'security incident' causes Exchange Server outages

Rackspace has not said what caused the security incident, but the cloud provider said it proactively disconnected its Hosted Exchange offering as it investigates the matter. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 02 Dec 2022
Experts argue 'sludge' could muck up cyber attacks

Network defenders can supplement their security postures with additional settings and policies that frustrate and discourage attackers, according to a new research paper. Continue Reading
By
- Shaun Nichols
Definition 02 Dec 2022
iterative DNS query

An iterative DNS query is a request for a website name or URL. Continue Reading
By
- Rahul Awati
Opinion 02 Dec 2022
7 steps to implementing a successful XDR strategy

There's still confusion around what extended detection and response is, but it will play a key role in enterprise security. To successfully implement XDR, follow these steps. Continue Reading
By
- Dave Gruber, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 30 Nov 2022
Exchange Server bugs caused years of security turmoil

The four high-profile sets of security vulnerabilities in Microsoft Exchange Server, disclosed by researcher Orange Tsai, are set to remain a major concern for organizations. Continue Reading
By
- Shaun Nichols
News 30 Nov 2022
Tenable: 72% of organizations remain vulnerable to Log4Shell

New research shows the attack surface remains wide for the Log4j vulnerability, known as Log4Shell, which caused significant problems for organizations over the past year. Continue Reading
By
- Arielle Waldman, News Writer
Feature 28 Nov 2022
WLAN security: Best practices for wireless network security

Follow these wireless network security best practices to ensure your company's WLAN remains protected against the top threats and vulnerabilities. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 23 Nov 2022
Cybereason warns of fast-moving Black Basta campaign

Threat actors with the Black Basta ransomware-as-a-service group are compromising networks in as little as one hour and stealing sensitive data before disabling DNS services. Continue Reading
By
- Arielle Waldman, News Writer
Tip 17 Nov 2022
Industrial control system security needs ICS threat intelligence

Threat actors and nation-states constantly try to find ways to attack all-important industrial control systems. Organizations need specialized ICS threat intelligence to fight back. Continue Reading
By
- Michael Cobb
News 17 Nov 2022
LockBit ransomware activity nose-dived in October

LockBit, the most prolific ransomware group in 2022, had itself a down month as GuidePoint Security researchers reported a 49% decrease in its infections for October. Continue Reading
By
- Shaun Nichols
News 16 Nov 2022
Rapid7 discloses more F5 BIG-IP vulnerabilities

While the severity of the issues is relatively low, F5 devices are commonly targeted by attackers to gain persistence inside a network. Continue Reading
By
- Arielle Waldman, News Writer
News 10 Nov 2022
TrustCor under fire over certificate authority concerns

TrustCor Systems, a certificate authority registered in Panama, is in hot water after a Washington Post report raised questions about its apparent connections to a spyware vendor. Continue Reading
By
- Shaun Nichols
Tip 10 Nov 2022
Common lateral movement techniques and how to prevent them

Lateral movement techniques enable attackers to dig deeper into compromised environments. Discover what lateral movement attacks are and four attack techniques. Continue Reading
By
- Ravi Das, ML Tech Inc.
Definition 09 Nov 2022
What is Wi-Fi Piggybacking?

Piggybacking, in the context of Wi-Fi, is the use of a wireless connection to gain access to the internet without proper authority. Continue Reading
By
- Katie Terrell Hanna
- Ivy Wigmore
Tip 08 Nov 2022
Types of vulnerability scanning and when to use each

Vulnerability scanning gives companies a key weapon when looking for security weaknesses. Discovery, assessment and threat prioritization are just a few of its benefits. Continue Reading
By
- Paul Kirvan
News 07 Nov 2022
Microsoft: Nation-state threats, zero-day attacks increasing

Microsoft's Digital Defense Report 2022 pointed the finger at China, which enacted a new vulnerability disclosure law last year, as the source of many zero-day attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 07 Nov 2022
Nozomi Networks CEO talks OT security and 'budget muscle'

Nozomi Networks CEO Edgard Capdevielle sat down with TechTarget Editorial to discuss the evolution of OT security and the challenge of 'budget muscle' many organizations face. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 04 Nov 2022
Honeywell weighs in on OT cybersecurity challenges, evolution

TechTarget Editorial sat down with Honeywell's Paul Griswold and Jeff Zindel to discuss the rapid growth and evolution of the operational technology cybersecurity industry. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 03 Nov 2022
Ransomware on the rise, hitting schools and healthcare

October ransomware disclosures and public reports tracked by TechTarget Editorial increased from previous months, with notable attacks on education and healthcare organizations. Continue Reading
By
- Arielle Waldman, News Writer
News 02 Nov 2022
U.S. Treasury: Ransomware attacks increased in 2021

A new report from the U.S. Treasury's Financial Crimes Enforcement Network showed an increase in businesses reporting ransomware attacks in the second half of 2021. Continue Reading
By
- Shaun Nichols
News 01 Nov 2022
OpenSSL vulnerabilities get high-priority patches

The OpenSSL Project released version 3.0.7 Tuesday to address a pair of high-severity buffer overflow vulnerabilities in the widely used cryptography library. Continue Reading
By
- Shaun Nichols
News 01 Nov 2022
Cisco Networking Academy offers rookie cybersecurity classes

Cisco's cybersecurity track equips students for entry-level positions, including cybersecurity technician, junior cybersecurity analyst, and tier 1 help desk support role. Continue Reading
By
- Mary Reines, News Writer
News 26 Oct 2022
Ukraine: Russian cyber attacks aimless and opportunistic

Victor Zhora, a key Ukrainian cybersecurity official, says Russia is acting with "no particular strategy" in its cyber attacks on his country as their military invasion drags on. Continue Reading
By
- Shaun Nichols
News 24 Oct 2022
CISA warns of ransomware attacks on healthcare providers

A new CISA advisory warned administrators at hospitals and healthcare providers about newly discovered ransomware variant, dubbed Daixin Team, that poses a particular threat. Continue Reading
By
- Shaun Nichols
Tip 24 Oct 2022
6 ways to prevent privilege escalation attacks

Privileges dictate the access a user or device gets on a network. Hackers who access these privileges can create tremendous damage. But there are ways to keep your networks safe. Continue Reading
By
- Michael Cobb
News 20 Oct 2022
Brazil arrests alleged Lapsus$ hacker

Federal police in Brazil arrested a person accused of being a key member of the Lapsus$ hacking group on charges related to the takedown of government websites. Continue Reading
By
- Shaun Nichols
Definition 20 Oct 2022
What is the zero-trust security model?

The zero-trust security model is a cybersecurity approach that denies access to an enterprise's digital resources by default and grants authenticated users and devices tailored, siloed access to only the applications, data, services and systems they need to do their jobs. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Sharon Shea, Executive Editor
Feature 20 Oct 2022
VPN vs. zero trust vs. SDP: What's the difference?

For strong network security, many vendors say VPNs don't cut it anymore. Enter the zero-trust security model and SDPs. Continue Reading
By
- Michaela Goss, Senior Site Editor
Definition 20 Oct 2022
compensating control (alternative control)

A compensating control, also called an alternative control, is a mechanism that is put in place to satisfy the requirement for a security measure that is deemed too difficult or impractical to implement at the present time. Continue Reading
By
- Robert Sheldon
- Ivy Wigmore
Tip 19 Oct 2022
The future of VPNs in the enterprise

VPNs have been the workhorse of online connectivity. Enhancements to software and processing power in end devices will transform how companies use the technology going forward. Continue Reading
By
- Terry Slattery, NetCraftsmen
News 13 Oct 2022
Despite LockBit rebound, ransomware attacks down in 2022

LockBit cybercriminals are back in action with new ransomware attacks and publicity pushes. But many other new groups saw lower levels in activity in Q3, according to Cyberint. Continue Reading
By
- Shaun Nichols
Feature 13 Oct 2022
Why Kali Linux is the go-to distribution for penetration testing

Discover why penetration testers prefer to use the Kali Linux distribution for offensive security, from collecting useful tools together to being usable from multiple devices. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 12 Oct 2022
The history and evolution of zero-trust security

Before zero-trust security, enterprise insiders were trusted and outsiders weren't. Learn about the history of zero trust and the public and private sector efforts to adopt it. Continue Reading
By
- Mary K. Pratt
Tip 12 Oct 2022
An overview of the CISA Zero Trust Maturity Model

A zero-trust framework blocks all attempts to access internal infrastructure without authentication. The CISA Zero Trust Maturity Model is a roadmap to get there. Continue Reading
By
- Paul Kirvan
Feature 12 Oct 2022
7 steps for implementing zero trust, with real-life examples

More than a decade since the term's inception, zero-trust security is still much easier said than done. Here's how to get started. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Johna Till Johnson, Nemertes Research
News 11 Oct 2022
BlackByte ransomware uses new EDR evasion technique

Attackers deploying the BlackByte ransomware strain are using vulnerable drivers to target a part of the operating system that many security products rely on for protection. Continue Reading
By
- Arielle Waldman, News Writer
Tip 11 Oct 2022
What is zero-trust network access? ZTNA basics explained

Zero-trust network access is touted as the solution to replace the VPN. As the potential future of network security, learn more about ZTNA, including its benefits and challenges. Continue Reading
By
- John Burke, Nemertes Research
News 11 Oct 2022
Critical Fortinet vulnerability under active exploitation

Fortinet said the critical vulnerability affects three of its services -- FortiOS, FortiProxy and FortiSwitch Manager -- and urged customers to take immediate action. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 11 Oct 2022
How to choose the best ZTNA vendor for your organization

In a sea of options, finding the best ZTNA vendor for your organization can pose a major challenge. Weed through the marketing hype with advice from the experts. Continue Reading
By
- Alissa Irei, Senior Site Editor