Network security

Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.

Top Stories

Tip 07 Mar 2025
Top 14 open source penetration testing tools

From Aircrack-ng to ZAP, these open source penetration testing tools are essential additions to any security pro's toolbox. Continue Reading
By
- Ed Moyle, SecurityCurve
Tip 04 Mar 2025
Types of DNS servers and how they work, plus security threats

DNS security is a critical component of system administration. Learn about five types of DNS servers, what each does and the security threats each server faces. Continue Reading
By
- Damon Garn, Cogspinner Coaction

Tip 18 Jan 2023
Top 10 ICS cybersecurity threats and challenges

Industrial control systems are subject to both unique and common cybersecurity threats and challenges. Learn about the top ones here and how to mitigate them. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
News 10 Jan 2023
BitSight, Schneider Electric partner to quantify OT risk

The new partnership aims to provide organizations with increased visibility and risk detection capabilities for operational technology environments and critical infrastructure. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 09 Jan 2023
3 enterprise network security predictions for 2023

It's shaping up to be another banner year for network security. 2023 may see decryption-less threat detection, connected home-caused enterprise breaches and new SASE drivers. Continue Reading
By
- John Grady, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 04 Jan 2023
December ransomware disclosures reveal high-profile victims

Cloud provider Rackspace was just one of several major enterprises to suffer a ransomware attack, according to public disclosures and reports in December. Continue Reading
By
- Arielle Waldman, News Writer
News 20 Dec 2022
NCC Group: Ransomware attacks increased 41% in November

In addition to a month full of unexpected trends in both threat group activity and targeted sectors, NCC Group warned organizations to be aware of an increase in DDoS attacks. Continue Reading
By
- Arielle Waldman, News Writer
Feature 19 Dec 2022
11 cybersecurity predictions for 2023

Analysts and experts have looked into their crystal balls and made their cybersecurity predictions for 2023. Is your organization prepared if these predictions come true? Continue Reading
By
- Kyle Johnson, Technology Editor
News 15 Dec 2022
Check Point classifies Azov as wiper, not ransomware

While Azov was initially considered ransomware, Check Point researchers warned the polymorphic malware is designed to inflict maximum damage to targeted systems. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Dec 2022
Cybereason warns of rapid increase in Royal ransomware

Enterprises need to be aware of the group's partial encryption technique because the less data it encrypts, the less chance the activity will be detected by a security product. Continue Reading
By
- Arielle Waldman, News Writer
Feature 13 Dec 2022
12 types of wireless network attacks and how to prevent them

From packet sniffing and rogue access points to spoofing attacks and encryption cracking, learn about common wireless network attacks and how to prevent them. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
- Sharon Shea, Executive Editor
News 12 Dec 2022
Fortinet confirms VPN vulnerability exploited in the wild

In an advisory Monday, Fortinet urged customers to take steps to immediately mitigate the critical flaw, which was disclosed earlier by French infosec firm Olympe Cyberdefense. Continue Reading
By
- Arielle Waldman, News Writer
News 06 Dec 2022
Cisco teases new capabilities with SD-WAN update

Cisco SD-WAN 17.10 enhancements give enterprises the option of using security service edge providers Cloudflare and Netskope in secure access service edge deployments. Continue Reading
By
- Mary Reines, News Writer
News 06 Dec 2022
MegaRAC flaws, IP leak impact multiple server brands

MegaRAC BMC software from American Megatrends, Inc. have a trio of serious security vulnerabilities that were discovered following an intellectual property leak. Continue Reading
By
- Shaun Nichols
Feature 06 Dec 2022
Wireless security: WEP, WPA, WPA2 and WPA3 differences

As wireless networks have evolved, so have the protocols for securing them. Get an overview of WLAN security standards, and learn the differences among WEP, WPA, WPA2 and WPA3. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Jessica Scarpati
News 05 Dec 2022
Education sector hit by Hive ransomware in November

The education sector remained a popular target last month, particularly from Hive, a ransomware-a-as-a-service group, that even warranted a government alert in late November. Continue Reading
By
- Arielle Waldman, News Writer
News 05 Dec 2022
Rackspace 'security incident' causes Exchange Server outages

Rackspace has not said what caused the security incident, but the cloud provider said it proactively disconnected its Hosted Exchange offering as it investigates the matter. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 02 Dec 2022
Experts argue 'sludge' could muck up cyber attacks

Network defenders can supplement their security postures with additional settings and policies that frustrate and discourage attackers, according to a new research paper. Continue Reading
By
- Shaun Nichols
Definition 02 Dec 2022
iterative DNS query

An iterative DNS query is a request for a website name or URL. Continue Reading
By
- Rahul Awati
Opinion 02 Dec 2022
7 steps to implementing a successful XDR strategy

There's still confusion around what extended detection and response is, but it will play a key role in enterprise security. To successfully implement XDR, follow these steps. Continue Reading
By
- Dave Gruber, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 30 Nov 2022
Exchange Server bugs caused years of security turmoil

The four high-profile sets of security vulnerabilities in Microsoft Exchange Server, disclosed by researcher Orange Tsai, are set to remain a major concern for organizations. Continue Reading
By
- Shaun Nichols
News 30 Nov 2022
Tenable: 72% of organizations remain vulnerable to Log4Shell

New research shows the attack surface remains wide for the Log4j vulnerability, known as Log4Shell, which caused significant problems for organizations over the past year. Continue Reading
By
- Arielle Waldman, News Writer
Feature 28 Nov 2022
WLAN security: Best practices for wireless network security

Follow these wireless network security best practices to ensure your company's WLAN remains protected against the top threats and vulnerabilities. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 23 Nov 2022
Cybereason warns of fast-moving Black Basta campaign

Threat actors with the Black Basta ransomware-as-a-service group are compromising networks in as little as one hour and stealing sensitive data before disabling DNS services. Continue Reading
By
- Arielle Waldman, News Writer
Tip 17 Nov 2022
Industrial control system security needs ICS threat intelligence

Threat actors and nation-states constantly try to find ways to attack all-important industrial control systems. Organizations need specialized ICS threat intelligence to fight back. Continue Reading
By
- Michael Cobb
News 17 Nov 2022
LockBit ransomware activity nose-dived in October

LockBit, the most prolific ransomware group in 2022, had itself a down month as GuidePoint Security researchers reported a 49% decrease in its infections for October. Continue Reading
By
- Shaun Nichols
News 16 Nov 2022
Rapid7 discloses more F5 BIG-IP vulnerabilities

While the severity of the issues is relatively low, F5 devices are commonly targeted by attackers to gain persistence inside a network. Continue Reading
By
- Arielle Waldman, News Writer
News 10 Nov 2022
TrustCor under fire over certificate authority concerns

TrustCor Systems, a certificate authority registered in Panama, is in hot water after a Washington Post report raised questions about its apparent connections to a spyware vendor. Continue Reading
By
- Shaun Nichols
Tip 10 Nov 2022
Common lateral movement techniques and how to prevent them

Lateral movement techniques enable attackers to dig deeper into compromised environments. Discover what lateral movement attacks are and four attack techniques. Continue Reading
By
- Ravi Das, ML Tech Inc.
Definition 09 Nov 2022
What is Wi-Fi Piggybacking?

Piggybacking, in the context of Wi-Fi, is the use of a wireless connection to gain access to the internet without proper authority. Continue Reading
By
- Katie Terrell Hanna
- Ivy Wigmore
Tip 08 Nov 2022
Types of vulnerability scanning and when to use each

Vulnerability scanning gives companies a key weapon when looking for security weaknesses. Discovery, assessment and threat prioritization are just a few of its benefits. Continue Reading
By
- Paul Kirvan
News 07 Nov 2022
Microsoft: Nation-state threats, zero-day attacks increasing

Microsoft's Digital Defense Report 2022 pointed the finger at China, which enacted a new vulnerability disclosure law last year, as the source of many zero-day attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 07 Nov 2022
Nozomi Networks CEO talks OT security and 'budget muscle'

Nozomi Networks CEO Edgard Capdevielle sat down with TechTarget Editorial to discuss the evolution of OT security and the challenge of 'budget muscle' many organizations face. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 04 Nov 2022
Honeywell weighs in on OT cybersecurity challenges, evolution

TechTarget Editorial sat down with Honeywell's Paul Griswold and Jeff Zindel to discuss the rapid growth and evolution of the operational technology cybersecurity industry. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 03 Nov 2022
Ransomware on the rise, hitting schools and healthcare

October ransomware disclosures and public reports tracked by TechTarget Editorial increased from previous months, with notable attacks on education and healthcare organizations. Continue Reading
By
- Arielle Waldman, News Writer
News 02 Nov 2022
U.S. Treasury: Ransomware attacks increased in 2021

A new report from the U.S. Treasury's Financial Crimes Enforcement Network showed an increase in businesses reporting ransomware attacks in the second half of 2021. Continue Reading
By
- Shaun Nichols
News 01 Nov 2022
OpenSSL vulnerabilities get high-priority patches

The OpenSSL Project released version 3.0.7 Tuesday to address a pair of high-severity buffer overflow vulnerabilities in the widely used cryptography library. Continue Reading
By
- Shaun Nichols
News 01 Nov 2022
Cisco Networking Academy offers rookie cybersecurity classes

Cisco's cybersecurity track equips students for entry-level positions, including cybersecurity technician, junior cybersecurity analyst, and tier 1 help desk support role. Continue Reading
By
- Mary Reines, News Writer
News 26 Oct 2022
Ukraine: Russian cyber attacks aimless and opportunistic

Victor Zhora, a key Ukrainian cybersecurity official, says Russia is acting with "no particular strategy" in its cyber attacks on his country as their military invasion drags on. Continue Reading
By
- Shaun Nichols
News 24 Oct 2022
CISA warns of ransomware attacks on healthcare providers

A new CISA advisory warned administrators at hospitals and healthcare providers about newly discovered ransomware variant, dubbed Daixin Team, that poses a particular threat. Continue Reading
By
- Shaun Nichols
Tip 24 Oct 2022
6 ways to prevent privilege escalation attacks

Privileges dictate the access a user or device gets on a network. Hackers who access these privileges can create tremendous damage. But there are ways to keep your networks safe. Continue Reading
By
- Michael Cobb
News 20 Oct 2022
Brazil arrests alleged Lapsus$ hacker

Federal police in Brazil arrested a person accused of being a key member of the Lapsus$ hacking group on charges related to the takedown of government websites. Continue Reading
By
- Shaun Nichols
Definition 20 Oct 2022
What is the zero-trust security model?

The zero-trust security model is a cybersecurity approach that denies access to an enterprise's digital resources by default and grants authenticated users and devices tailored, siloed access to only the applications, data, services and systems they need to do their jobs. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Sharon Shea, Executive Editor
Feature 20 Oct 2022
VPN vs. zero trust vs. SDP: What's the difference?

For strong network security, many vendors say VPNs don't cut it anymore. Enter the zero-trust security model and SDPs. Continue Reading
By
- Michaela Goss, Senior Site Editor
Definition 20 Oct 2022
compensating control (alternative control)

A compensating control, also called an alternative control, is a mechanism that is put in place to satisfy the requirement for a security measure that is deemed too difficult or impractical to implement at the present time. Continue Reading
By
- Robert Sheldon
- Ivy Wigmore
Tip 19 Oct 2022
The future of VPNs in the enterprise

VPNs have been the workhorse of online connectivity. Enhancements to software and processing power in end devices will transform how companies use the technology going forward. Continue Reading
By
- Terry Slattery, NetCraftsmen
News 13 Oct 2022
Despite LockBit rebound, ransomware attacks down in 2022

LockBit cybercriminals are back in action with new ransomware attacks and publicity pushes. But many other new groups saw lower levels in activity in Q3, according to Cyberint. Continue Reading
By
- Shaun Nichols
Feature 13 Oct 2022
Why Kali Linux is the go-to distribution for penetration testing

Discover why penetration testers prefer to use the Kali Linux distribution for offensive security, from collecting useful tools together to being usable from multiple devices. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 12 Oct 2022
The history and evolution of zero-trust security

Before zero-trust security, enterprise insiders were trusted and outsiders weren't. Learn about the history of zero trust and the public and private sector efforts to adopt it. Continue Reading
By
- Mary K. Pratt
Tip 12 Oct 2022
An overview of the CISA Zero Trust Maturity Model

A zero-trust framework blocks all attempts to access internal infrastructure without authentication. The CISA Zero Trust Maturity Model is a roadmap to get there. Continue Reading
By
- Paul Kirvan
Feature 12 Oct 2022
7 steps for implementing zero trust, with real-life examples

More than a decade since the term's inception, zero-trust security is still much easier said than done. Here's how to get started. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Johna Till Johnson, Nemertes Research
News 11 Oct 2022
BlackByte ransomware uses new EDR evasion technique

Attackers deploying the BlackByte ransomware strain are using vulnerable drivers to target a part of the operating system that many security products rely on for protection. Continue Reading
By
- Arielle Waldman, News Writer
Tip 11 Oct 2022
What is zero-trust network access? ZTNA basics explained

Zero-trust network access is touted as the solution to replace the VPN. As the potential future of network security, learn more about ZTNA, including its benefits and challenges. Continue Reading
By
- John Burke, Nemertes Research
News 11 Oct 2022
Critical Fortinet vulnerability under active exploitation

Fortinet said the critical vulnerability affects three of its services -- FortiOS, FortiProxy and FortiSwitch Manager -- and urged customers to take immediate action. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 11 Oct 2022
How to choose the best ZTNA vendor for your organization

In a sea of options, finding the best ZTNA vendor for your organization can pose a major challenge. Weed through the marketing hype with advice from the experts. Continue Reading
By
- Alissa Irei, Senior Site Editor
Tip 11 Oct 2022
Top 6 challenges of a zero-trust security model

Zero trust has a number of challenges, but because the model is highly beneficial, it's important for organizations to learn how to overcome them. Continue Reading
By
- Sharon Shea, Dennis Turpitka
News 11 Oct 2022
Google launches new supply chain security offerings

Securing the software supply chain, especially open source libraries, was a major theme behind the new products released at the Google Cloud Next '22 conference. Continue Reading
By
- Arielle Waldman, News Writer
Tip 11 Oct 2022
How to conduct a cybersecurity audit based on zero trust

This checklist offers guidance on how to prepare for a zero-trust cybersecurity audit and helps document how well cybersecurity controls are performing based on CISA's ZTMM. Continue Reading
By
- Paul Kirvan
Tip 07 Oct 2022
Perimeter security vs. zero trust: It's time to make the move

Perimeter security requires a border to protect enterprise data. With more and more users working outside that border, zero trust promises a better security option for the future. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 05 Oct 2022
APTs compromised defense contractor with Impacket tools

A CISA alert warned that APT actors compromised a defense contractor's Microsoft Exchange server and used Impacket, an open source Python toolkit, to move laterally in the network. Continue Reading
By
- Arielle Waldman, News Writer
Definition 05 Oct 2022
network security

Network security encompasses all the steps taken to protect the integrity of a computer network and the data within it. Continue Reading
By
- Nick Barney, Technology Writer
- Ben Lutkevich, Site Editor
Tip 04 Oct 2022
How to build a zero-trust network in 4 steps

While network teams are responsible for deploying the elements of a zero-trust network, security teams should also be involved in developing the overall zero-trust framework. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 04 Oct 2022
Secureworks finds network intruders see little resistance

A report from Secureworks found that in many network intrusions, the attackers only need to employ basic, unsophisticated measures to evade detection. Continue Reading
By
- Shaun Nichols
Tip 04 Oct 2022
Top zero-trust use cases in the enterprise

Still hesitating to adopt zero trust? Learn about the main zero-trust use cases, as well as its benefits, myths and trends that are beginning to emerge. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 03 Oct 2022
Intermittent encryption attacks: Who's at risk?

Threat analysts have observed some ransomware gangs using a new technique that only partially encrypts victims' files, which could evade some ransomware defenses. Continue Reading
By
- Shaun Nichols
News 30 Sep 2022
Microsoft Exchange Server targeted with zero-day vulnerabilities

Microsoft warned that two unpatched zero-day vulnerabilities are being exploited against Exchange Server, a problem that's causing déjà vu for some researchers. Continue Reading
By
- Arielle Waldman, News Writer
News 29 Sep 2022
Cobalt Strike malware campaign targets job seekers

Cisco Talos researchers spotted a new wave of phishing attacks that target job seekers in the U.S. and New Zealand, infecting them with Cobalt Strike beacons. Continue Reading
By
- Shaun Nichols
News 29 Sep 2022
Unit 42 finds polyglot files delivering IcedID malware

Palo Alto Networks' Unit 42 says attackers are using decoy Microsoft Compiled HTML Help files containing multiple file formats to infect systems with information-stealing malware. Continue Reading
By
- Arielle Waldman, News Writer
Tip 29 Sep 2022
The 5 principles of zero-trust security

Zero trust is a journey, not a destination. Ensure your corporate network is safe from internal and external threats by implementing these five principles of zero-trust security. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 28 Sep 2022
NCC Group: IceFire ransomware gang ramping up attacks

While the ransomware group was first observed in March, IceFire emerged on NCC Group's radar last month when attacks against English-speaking organizations soared. Continue Reading
By
- Arielle Waldman, News Writer
Tip 28 Sep 2022
Why zero trust requires microsegmentation

Microsegmentation is a key security technique that enables organizations to achieve a zero-trust model and helps ensure the security of workloads regardless of where they are located. Continue Reading
By
- Andrew Froehlich, West Gate Networks
- Sharon Shea, Executive Editor
Answer 28 Sep 2022
Compare zero trust vs. the principle of least privilege

Zero trust and the principle of least privilege may appear to solve the same issue, but they have their differences. Read up on the two methodologies. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Definition 28 Sep 2022
microsegmentation

Microsegmentation is a security technique that splits a network into definable zones and uses policies to dictate how data and applications within those zones can be accessed and controlled. Continue Reading
By
- Chuck Moozakis, Editor at Large
- Laura Fitzgibbons
News 26 Sep 2022
Critical Sophos Firewall bug under active exploitation

Sophos said the exploitation of the critical firewall vulnerability has, at this time, affected "an extremely small subset of organizations" predominantly located in South Asia. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 23 Sep 2022
Google dork query

A Google dork query, sometimes just referred to as a dork, is a search string or custom query that uses advanced search operators to find information not readily available on a website. Continue Reading
By
- Rahul Awati
- Ivy Wigmore
Opinion 21 Sep 2022
Planning the journey from SD-WAN to SASE

Enterprises need integrated security and networking frameworks to manage distributed IT environments and are looking to SD-WAN and security options like SASE to get the job done. Continue Reading
By
- Bob Laliberte, Former Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 21 Sep 2022
Cobalt Strike gets emergency patch

The developer of Cobalt Strike issued an out-of-band security update to address a cross-site scripting vulnerability in the popular penetration testing suite. Continue Reading
By
- Shaun Nichols
News 19 Sep 2022
Uber says Lapsus$ hackers behind network breach

Uber said a hacker from the Lapsus$ group used stolen credentials from a contractor to gain access to several important silos within its internal network. Continue Reading
By
- Shaun Nichols
Definition 19 Sep 2022
cryptojacking

Cryptojacking is a cybercrime in which another party's computing resources are hijacked to mine cryptocurrency. Continue Reading
By
- Nick Barney, Technology Writer
News 15 Sep 2022
Webworm retools old RATs for new cyberespionage threat

Symantec's Threat Hunter Team uncovered a new cyberespionage campaign run by a threat group named Webworm, which uses customized versions of old remote access Trojans. Continue Reading
By
- Shaun Nichols
News 14 Sep 2022
U.S. drops the hammer on Iranian ransomware outfit

The departments of Justice and the Treasury announced criminal charges and sanctions against a group of Iranian nationals accused of running an international ransomware operation. Continue Reading
By
- Shaun Nichols
News 08 Sep 2022
LockBit gang leads the way for ransomware

New research from Malwarebytes shows LockBit is far and away the most prolific ransomware gang, with hundreds of confirmed attacks across the globe in recent months. Continue Reading
By
- Shaun Nichols
Tutorial 01 Sep 2022
How to create and add an SPF record for email authentication

Learn how to create Sender Policy Framework records to list authenticated mail servers for an email domain to fight spam, phishing, email forgery and other malicious email. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Opinion 01 Sep 2022
How to start developing a plan for SASE implementation

From prioritizing business problems to identifying future initiatives to assessing critical tool gaps, learn how to create a realistic SASE implementation roadmap. Continue Reading
By
- John Grady, Principal Analyst
Tip 01 Sep 2022
Cybersecurity budget breakdown and best practices

Once budget is secured, CISOs must figure out where it should be allocated -- as well as how to justify the costs. Get the lowdown on a cybersecurity budget breakdown here. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
News 30 Aug 2022
VMware aims to improve security visibility with new services

Unveiled at VMware Explore, the company's new security services include Project Trinidad, Project Watch and Project Northstar. All three offer customer visibility enhancements. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 25 Aug 2022
Ransomware defies seasonal trends with increase

The return and rebranding of major crews saw the volume of ransomware attacks in July jump 47%, defying seasonal trends, according to researchers at NCC Group. Continue Reading
By
- Shaun Nichols
Tip 23 Aug 2022
7 guidelines to secure network storage

These practices, including firmware and VPN guidance, protect NAS devices. Use these steps as standalone procedures or incorporate them into your overall security process. Continue Reading
By
- Julia Borgini, Spacebarpress Media
Tip 19 Aug 2022
8 secure file transfer services for the enterprise

With a plethora of options, finding the best secure file transfer service for your business can pose a challenge. Learn how to make an informed decision. Continue Reading
By
- Paul Kirvan
- Karen Scarfone, Scarfone Cybersecurity
Tip 19 Aug 2022
How does SD-access work?

SD-access is a combination of two elements: SDN and the access edge. The result is a network with a centralized management system and improved security policies. Continue Reading
By
- John Burke, Nemertes Research
News 18 Aug 2022
Russian cyber attacks on Ukraine driven by government groups

Researchers with Trustwave say the cyber attacks against Ukraine are not the work of enlisted private hacking groups but Russian government intelligence agencies. Continue Reading
By
- Shaun Nichols
News 16 Aug 2022
Mailchimp suffers second breach in 4 months

While the source of the breach has not been confirmed, an attacker got into Mailchimp and gained access to the customer account of cloud hosting provider DigitalOcean. Continue Reading
By
- Arielle Waldman, News Writer
News 16 Aug 2022
For cyber insurance, some technology leads to higher premiums

Though cyber insurance demand is exceeding supply and companies might receive less coverage with higher premiums, experts say there are ways enterprises can reduce risk. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Aug 2022
Rapid7: Cisco ASA and ASDM flaws went unpatched for months

While several of the vulnerabilities were reported to Cisco in February, they remained unpatched until Thursday when Rapid7's Jake Baines discussed the flaws at Black Hat USA 2022. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Aug 2022
Cisco hacked by access broker with Lapsus$ ties

No Cisco employee or customer personal information was stolen in the hack, though some data did make it onto the dark web. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 11 Aug 2022
SentinelOne discusses the rise of data-wiping malware

During a Black Hat 2022 session, researchers showed how expectations of cyber war may differ from the reality. Continue Reading
By
- Arielle Waldman, News Writer
Feature 11 Aug 2022
What is data security? The ultimate guide

Dig into the essentials of data security, from must-have tools, technologies and processes to best practices for keeping data safe. Continue Reading
By
- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
News 10 Aug 2022
Industroyer2: How Ukraine avoided another blackout attack

A Black Hat 2022 session explained how the latest attack on Ukraine's energy grid was thwarted this spring, thanks to quick responses and timely sharing of threat data. Continue Reading
By
- Rob Wright, Senior News Director
Tip 08 Aug 2022
10 top open source security testing tools

From Kali Linux to Mimikatz to Metasploit, learn about 10 open source penetration testing tools organizations can use to determine how secure their network is. Continue Reading
By
- Ed Moyle, SecurityCurve
Tip 01 Aug 2022
Top 10 UEBA enterprise use cases

The top user and entity behavior analytics use cases fall in cybersecurity, network and data center operations, management and business operations. Check out the risks. Continue Reading
By
- John Burke, Nemertes Research
Tip 29 Jul 2022
SSH key management best practices and implementation tips

SSH connects key systems and the people and processes necessary to keep them functioning. Learn how to use SSH key management best practices to protect your systems and network. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Tip 27 Jul 2022
SSH2 vs. SSH1 and why SSH versions still matter

The Secure Shell protocol, SSH, was redesigned and released as SSH2 in 2006. While SSH1 lingers for legacy uses, find out how the protocols differ and why it's important. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
- Mike Chapple, University of Notre Dame