Network security

Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.

Top Stories

Tip 20 Nov 2024
4 types of access control

Access management is the gatekeeper, making sure a device or person can gain entry only to the systems or applications to which they have been granted permission. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
News 19 Nov 2024
2 Palo Alto Networks zero-day vulnerabilities under attack

CVE-2024-9474 marks the second zero-day vulnerability in Palo Alto Networks' PAN-OS firewall management interface to come under attack in the last week. Continue Reading
By
- Arielle Waldman, News Writer

News 13 Apr 2022
Microsoft dismantles ZLoader botnet

Microsoft and ESET security teams explained how they were able to identify and dismantle the command and control infrastructure of the notorious ZLoader malware network. Continue Reading
By
- Shaun Nichols
News 13 Apr 2022
Sophos: LockBit affiliates hacked regional government agency

Sophos said attackers spent at least five months inside an unnamed regional government agency's network, remotely Googling for hacking tools before deploying LockBit ransomware. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 12 Apr 2022
Ukraine energy grid hit by Russian Industroyer2 malware

The 2016 malware known as 'Industroyer' has resurfaced in a new series of targeted attacks against industrial controller hardware at a Ukraine power company. Continue Reading
By
- Shaun Nichols
News 12 Apr 2022
Synopsys: Enterprises struggling with open source software

To curb open source risk, Synopsys advises enterprises to keep a comprehensive inventory of all software within its environment and to understand that securing open source requires strong management. Continue Reading
By
- Arielle Waldman, News Writer
News 12 Apr 2022
Law enforcement takedowns continue with RaidForums seizure

The hacker forum, which used to sell and purchase sensitive information including login credentials, has been dismantled, and its alleged founder was arrested and indicted. Continue Reading
By
- Arielle Waldman, News Writer
News 08 Apr 2022
Fortinet, Cato Networks add security for distributed SD-WANs

Fortinet updated FortiOS with an inline sandbox and a cloud access security broker. Cato has added new network access controls to its SASE service. Continue Reading
By
- Madelaine Millar, TechTarget
News 07 Apr 2022
How the FBI took down the Cyclops Blink botnet

The FBI's operation copied and removed Cyclops Blink's malware from victims' systems that were used as command and control devices, severing Sandworm's control of the botnet. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 07 Apr 2022
Open System Authentication (OSA)

Open System Authentication (OSA) is a process by which a computer could gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. Continue Reading
By
- Paul Kirvan
News 06 Apr 2022
US sanctions Garantex for laundering over $100M

The latest action follows a string of sanctions imposed during the past year against cryptocurrency exchanges operating out of Russia. Continue Reading
By
- Arielle Waldman, News Writer
News 06 Apr 2022
Conti ransomware leaks show a low-tech but effective model

The Conti ransomware gang runs largely on elbow grease, according to Akamai security researchers who analyzed the group's training materials and operating policies. Continue Reading
By
- Shaun Nichols
Definition 06 Apr 2022
AAA server (authentication, authorization and accounting)

An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization and accounting (AAA) services. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Definition 04 Apr 2022
Luhn algorithm (modulus 10)

The Luhn algorithm, also called modulus 10 or modulus 10 algorithm, is a simple mathematical formula used to validate a user's identification numbers. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Tip 01 Apr 2022
The pros and cons of Netskope SASE

Netskope is undoubtedly a leader in the CASB market, but its limited security capabilities and lack of SD-WAN make Netskope an incomplete SASE offering. Continue Reading
By
- Steve Garson, SD-WAN Experts
News 31 Mar 2022
New 'AcidRain' malware may be connected to Viasat attack

SentinelOne did not directly attribute the malware to the Viasat attack. That said, researchers argued the "AcidRain" malware's functionality matches open source intelligence. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 30 Mar 2022
Viasat confirms cyber attack on Ukraine customers

The U.S.-based satellite internet provider said a 'multifaceted and deliberate cyber attack' struck Viasat's KA-SAT network on the first day of Russia's invasion of Ukraine. Continue Reading
By
- Arielle Waldman, News Writer
Tip 29 Mar 2022
How to put cybersecurity sustainability into practice

Cybersecurity sustainability practices involve mitigating cyber-risk without burning out people -- or burning through resources. Explore what that looks like on the ground. Continue Reading
By
- Diana Kelley, SecurityCurve
- Deepayan Chanda, Cubic Consulting
News 25 Mar 2022
US indicts Russian nationals for critical infrastructure attacks

One defendant is accused of deploying the infamous Trisis or Triton malware against energy-sector companies, including a petrochemical plant in Saudi Arabia in a 2017 attack. Continue Reading
By
- Arielle Waldman, News Writer
Feature 24 Mar 2022
SecOps and cybersecurity basics for NetOps teams

To bridge the gap between NetOps and SecOps teams, network pros should know security fundamentals, including different types of attackers, attacks and available security services. Continue Reading
By
- Michaela Goss, Senior Site Editor
News 22 Mar 2022
F-Secure splits in two as WithSecure launches

The Finnish security vendor's enterprise business sets off on its own as a new brand called WithSecure, while F-Secure will continue to operate the consumer side of the business. Continue Reading
By
- Shaun Nichols
News 22 Mar 2022
STG launches Skyhigh Security from McAfee cloud assets

The new company combines the McAfee Enterprise Security Service Edge portfolio with a name reminiscent of a previous McAfee acquisition: Skyhigh Networks. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 17 Mar 2022
Sandworm APT ramps up Cyclops Blink botnet with Asus routers

Trend Micro discovered that the Cyclops Blink botnet, which had originally targeted WatchGuard devices, is now spreading to Asus and 'at least one other vendor.' Continue Reading
By
- Alexander Culafi, Senior News Writer
News 16 Mar 2022
LokiLocker ransomware crew bursts onto the scene

The mysterious LokiLocker ransomware group caught the attention of BlackBerry researchers, who say the outfit could become the next cybercrime group to menace enterprises. Continue Reading
By
- Shaun Nichols
Tip 16 Mar 2022
3 benefits of sustainable cybersecurity in the enterprise

Sustainable cybersecurity means taking the long view on cyber-risk mitigation. Explore the technical, financial, societal and reputational wins it can net for the enterprise. Continue Reading
By
- Diana Kelley, SecurityCurve
- Deepayan Chanda, Cubic Consulting
Tip 15 Mar 2022
How to secure NetOps initiatives using Agile methodology

As more NetOps teams implement Agile methods, network and security testing must be part of a holistic approach that involves developers, networking and security teams working together. Continue Reading
By
- John Cavanaugh, BlueAlly
Definition 11 Mar 2022
screened subnet

A screened subnet, or triple-homed firewall, refers to a network architecture where a single firewall is used with three network interfaces. Continue Reading
By
- Rahul Awati
News 10 Mar 2022
Log4Shell vulnerability continues to menace developers

Months after it was first disclosed, the Log4j RCE vulnerability remains widespread on code-sharing sites and open source repositories, according to security researchers. Continue Reading
By
- Shaun Nichols
Answer 10 Mar 2022
Use microsegmentation to mitigate lateral attacks

Attackers will get into a company's system sooner or later. Limit their potential damage by isolating zones with microsegmentation to prevent lateral movement. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 09 Mar 2022
Researchers disclose new Spectre V2 vulnerabilities

The Spectre class of data disclosure vulnerabilities is once again at the security forefront after researchers discovered a new variant of the side-channel attack. Continue Reading
By
- Shaun Nichols
News 08 Mar 2022
Researchers uncover vulnerabilities in APC Smart-UPS devices

Researchers with Armis found a trio of vulnerabilities in uninterruptible power supply (UPS) devices from APC that could be remotely exploited by threat actors. Continue Reading
By
- Shaun Nichols
News 01 Mar 2022
Nvidia confirms breach, proprietary data leaked online

Nvidia has confirmed some of the claims from a little-known ransomware gang that allegedly broke into the network of the GPU giant and stole corporate data. Continue Reading
By
- Shaun Nichols
News 25 Feb 2022
Arista embeds security software in campus switches

Arista Networks will embed network detection and response software in campus switches to provide AI-driven threat detection across the network. Continue Reading
By
- Madelaine Millar, TechTarget
News 25 Feb 2022
Researchers find access brokers focused on US targets

Security vendors studied 'access broker' advertisements on the dark web, which provide ransomware groups with the network and system access required for data thefts. Continue Reading
By
- Shaun Nichols
Tip 25 Feb 2022
A review of Zscaler SASE architecture

Zscaler has a strong cloud-native architecture for secure internet access. But it doesn't deliver SD-WAN or converge internet access and WAN security, leaving it with only part of a SASE platform. Continue Reading
By
- Steve Garson, SD-WAN Experts
Tip 23 Feb 2022
How to use PKI to secure remote network access

Public key infrastructure is a more secure option than password-based or multifactor authentication. Learn how those benefits can extend to remote employees and access. Continue Reading
By
- Michael Cobb
News 23 Feb 2022
IBM: REvil dominated ransomware activity in 2021

IBM X-Force's Threat Intelligence Index report also found a 'triple extortion' ransomware tactic in 2021, where threat actors use DDoS attacks to put extra pressure on victims. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 17 Feb 2022
SonicWall: Ransomware attacks increased 105% in 2021

While 2021 represented a turning point for law enforcement and government action against ransomware, SonicWall still observed massive growth in attacks. Continue Reading
By
- Shaun Nichols
News 15 Feb 2022
Juniper acquires zero-trust security startup WiteSand

Juniper has acquired zero-trust security company WiteSand. The startup's cloud-native technology could find a home in Juniper's Mist and SASE platforms. Continue Reading
By
- Madelaine Millar, TechTarget
News 15 Feb 2022
CrowdStrike: Attackers are moving faster, harder to detect

The CrowdStrike '2022 Global Threat Report' said attackers are getting better at exploiting vulnerabilities and moving through compromised networks before defenders can spot them. Continue Reading
By
- Shaun Nichols
News 09 Feb 2022
Palo Alto announces ML-enabled software update and firewalls

Palo Alto's updated PAN-OS software uses machine learning to analyze network traffic in real time, and two firewall appliances provide the processing power to support it. Continue Reading
By
- Madelaine Millar, TechTarget
Guest Post 09 Feb 2022
How automated certificate management helps retain IT talent

Organizations shouldn't waste their IT pros' time on unnecessary tasks -- especially during a skills shortage. Learn about the benefits of automated digital certificate management. Continue Reading
By
- Tim Callan
News 01 Feb 2022
Iranian hacking groups pick up the pace with new attacks

Two security vendors are reporting a fresh wave of targeted attacks and malware outbreaks believed to be the work of Iranian state-sponsored threat groups. Continue Reading
By
- Shaun Nichols
Feature 31 Jan 2022
Edge, public cloud, security drive network transformation

Networking is starting to reflect innovations in compute and public cloud. A notable change will be how network teams view networking and security as a holistic platform. Continue Reading
By
- Jennifer English, Executive Editor
Feature 31 Jan 2022
Include defensive security in your cybersecurity strategy

Is your company's cybersecurity strategy comprehensive enough to protect against an expanding threat landscape? Learn how developing defensive security strategies can help. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 27 Jan 2022
Log4j explained: Everything you need to know

Log4j, which is embedded in popular services and frameworks, became a headache for many businesses by the end of 2021. Businesses affected include Apple, Microsoft and VMware. Continue Reading
By
- Sean Michael Kerner
Definition 27 Jan 2022
one-time pad

In cryptography, a one-time pad is a system in which a randomly generated private key is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Tip 26 Jan 2022
Integrating zero-trust practices into private 5G networks

One of the first steps in deploying a technology is protecting it from potential security threats. Learn how to secure a private 5G network with zero-trust security practices. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Tip 20 Jan 2022
Introduction to automated penetration testing

Automated penetration testing, which speeds up the process for companies and vendors, is maturing. Is it ready to close the time gap between vulnerability discovery and mitigation? Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 20 Jan 2022
Cisco: Patching bugs is about more than CVSS numbers

Cisco's Kenna Security advised enterprises to consider more than just CVSS scores and update advisories when deciding when and how to address security vulnerabilities. Continue Reading
By
- Shaun Nichols
News 19 Jan 2022
FireEye, McAfee Enterprise relaunch as XDR-focused Trellix

Though the new company is a combination of two high-profile security vendors, private equity firm STG relaunched the merger under an entirely different name. Continue Reading
By
- Arielle Waldman, News Writer
Tip 18 Jan 2022
How to implement network segmentation for better security

For a network segmentation strategy to be effective and improve security, network teams need to create detailed security policies, identify each resource and use allowlists. Continue Reading
By
- Terry Slattery, NetCraftsmen
News 13 Jan 2022
Ukrainian police bust unnamed ransomware gang

A law enforcement raid in Ukraine resulted in the arrest of five suspects accused of deploying ransomware through phishing emails and making more than $1 million. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Jan 2022
SonicWall SMA 100 appliances beset by multiple vulnerabilities

SonicWall's security appliances can be compromised by several attacks on five vulnerabilities, including one remote code execution bug, according to Rapid7. Continue Reading
By
- Shaun Nichols
News 11 Jan 2022
NetUSB flaw could impact millions of routers

SentinelOne researcher Max Van Amerongen said the only way to fix the high-severity vulnerability is to update the router firmware, which can be a difficult process. Continue Reading
By
- Arielle Waldman, News Writer
Feature 04 Jan 2022
Is quantum computing ready to disrupt cybersecurity?

Quantum computing isn't here yet, but now is the time for companies to start considering how it may affect their business -- both negatively and positively -- in the next decade. Continue Reading
By
- Kyle Johnson, Technology Editor
Definition 04 Jan 2022
access log

An access log is a list of all requests for individual files -- such as Hypertext Markup Language files, their embedded graphic images and other associated files that get transmitted -- that people or bots have made from a website. Continue Reading
By
- Andrew Zola
News 30 Dec 2021
Threat actors target HPE iLO hardware with rootkit attack

Integrated Lights Out, HPE's remote server management platform, has been compromised by intruders who are using it to install a hard-to-detect rootkit in the wild. Continue Reading
By
- Shaun Nichols
Tip 30 Dec 2021
Explore 9 essential elements of network security

Network security isn't a one-size-fits-all strategy. Dive into the various segments of network security, and learn how they overlap and interact with each other. Continue Reading
By
- Lee Doyle, Doyle Research
- Charles Kolodgy, Security Mindsets
Definition 28 Dec 2021
Encrypting File System (EFS)

Encrypting File System (EFS) provides an added layer of protection by encrypting files or folders on various versions of the Microsoft Windows OS. Continue Reading
By
- Rahul Awati
News 15 Dec 2021
Nation-state threat groups are exploiting Log4Shell

Multiple nation-state actors are taking advantage of the critical log4j 2 vulnerability, making mitigation even more urgent for some enterprises and government agencies. Continue Reading
By
- Arielle Waldman, News Writer
Guest Post 15 Dec 2021
The importance of automated certificate management

Managing the plethora of digital certificates can no longer be done in a spreadsheet by hand. Discover the importance of automated certificate management here. Continue Reading
By
- Tim Callan
News 15 Dec 2021
'Insane' spread of Log4j exploits won't abate anytime soon

Experts say that the explosion in exploits for CVE-2021-44228 is only the early phase of what will be a long and tedious road to remediation for the critical vulnerability. Continue Reading
By
- Shaun Nichols
News 14 Dec 2021
Hive ransomware claims hundreds of victims in 6-month span

Group-IB research has revealed that Hive ransomware-as-a-service operations are back and busier than ever, with a rapidly growing victim list over a short amount of time. Continue Reading
By
- Arielle Waldman, News Writer
Tip 14 Dec 2021
4 API authentication methods to better protect data in transit

The API attack surface isn't always well protected. Learn about the authentication methods your company can use to secure its APIs. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 09 Dec 2021
Threat actors targeting MikroTik routers, devices

Eclypsium researchers found vulnerable MikroTik devices have become a popular target for threat actors, who are exploiting known flaws that remain unpatched. Continue Reading
By
- Arielle Waldman, News Writer
Tip 06 Dec 2021
How to get started with attack surface reduction

Attack surface reduction and management are vital to any security team's toolbox. Learn what ASR is and how it complements existing vulnerability management products. Continue Reading
By
- Diana Kelley, SecurityCurve
News 03 Dec 2021
Hundreds of new vulnerabilities found in SOHO routers

Researchers credited vendors for their swift response to reports of widespread security vulnerabilities but warned users to make sure firmware is updated to avoid attacks. Continue Reading
By
- Shaun Nichols
News 02 Dec 2021
Former Ubiquiti engineer arrested for inside threat attack

Nickolas Sharp is accused of attacking his former employer, stealing confidential data and attempting to extort the company into paying him approximately $2 million. Continue Reading
By
- Arielle Waldman, News Writer
News 01 Dec 2021
New Yanluowang ransomware mounting targeted attacks in US

Symantec threat analysts observed the new ransomware operation abusing legitimate tools such as ConnectWise's remote access product to move laterally inside networks. Continue Reading
By
- Arielle Waldman, News Writer
Feature 24 Nov 2021
Ultimate guide to secure remote access

This comprehensive secure remote access guide outlines the strategies, tools and best practices to provide anywhere access while protecting data, systems and users. Continue Reading
By
- Sandra Gittlen
Feature 23 Nov 2021
SecOps' need for traffic data drives NetSecOps collaboration

Security teams want to analyze network traffic data to identify anomalies and threats. As a result, network and security teams need to find ways to work together. Continue Reading
By
- Shamus McGillicuddy, Enterprise Management Associates
News 19 Nov 2021
Cybercriminals discuss new business model for zero-day exploits

Digital Shadows observed increased chatter on dark web forums about the possible emergence of a new business model that would rent out zero-day exploits as a service. Continue Reading
By
- Arielle Waldman, News Writer
News 18 Nov 2021
CISA, Microsoft warn of rise in cyber attacks from Iran

CISA and Microsoft this week issued alerts about increased threat activity Iranian nation-state hacking groups, including ransomware attacks on enterprises. Continue Reading
By
- Shaun Nichols
News 18 Nov 2021
New side channel attack resurrects DNS poisoning threat

A new side channel attack would potentially allow attackers to poison DNS servers and reroute traffic to malicious sites. Continue Reading
By
- Shaun Nichols
Definition 16 Nov 2021
CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)

A CAPTCHA is a type of challenge-response system designed to differentiate humans from robotic computer programs. Continue Reading
By
- Katie Terrell Hanna
- Linda Rosencrance
News 15 Nov 2021
FBI email system compromised to issue fake alerts

An unknown threat actor sent emails warning of a supply chain attack through an FBI portal used by law enforcement agencies to communicate with one another. Continue Reading
By
- Arielle Waldman, News Writer
Guest Post 15 Nov 2021
Reduce the risk of cyber attacks with frameworks, assessments

Don't rely on a compliance mandate to reduce the risk of cyber attacks or on a cyber insurer to cover an attack's aftermath. Assessments and frameworks are key to staying safe. Continue Reading
By
- Kayne McGladrey
Tip 15 Nov 2021
How zero-trust SDP can work with a VPN for remote work

Implementing software-defined perimeter and zero-trust security models with a corporate VPN adds significant layers of user and device verification and authentication. Continue Reading
By
- Paul Kirvan
News 11 Nov 2021
AT&T launches a managed SASE offering with Cisco

AT&T aims its latest managed SASE service at enterprises using Cisco hardware. The offering's features range from firewall and secure web gateway functionality to DNS layer security. Continue Reading
By
- Madelaine Millar, TechTarget
News 11 Nov 2021
Aruba Central breach exposed customer data

HPE-owned Aruba Networks said one of its cloud databases was accessed by hackers who were able to make off with location and telemetry data for its customers' Wi-Fi gear. Continue Reading
By
- Shaun Nichols
News 11 Nov 2021
Trend Micro reveals 'Void Balaur' cybermercenary group

New Trend Micro research revealed a cybermercenary group that has been actively targeting high-profile organizations and individuals across the globe since 2015. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Nov 2021
Citrix DDOS bug leaves networks vulnerable

Citrix patched a critical bug in its Application Delivery Controller and Gateway software that left networks open to DDOS attacks. It also fixed a less-severe SD-WAN WANOP bug. Continue Reading
By
- Madelaine Millar, TechTarget
Guest Post 10 Nov 2021
4 concepts that help balance business and security goals

The goal of enterprise security is to maintain connectivity, while remaining protected. Use these four concepts to balance business and security goals. Continue Reading
By
- Mark Pierpoint
News 04 Nov 2021
DDoS botnet exploiting known GitLab vulnerability

A botnet is using a critical GitLab vulnerability, which was disclosed and patched in April, to launch powerful DDoS attacks that have surpassed 1 Tbps. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 26 Oct 2021
Researcher cracks 70% of neighborhood Wi-Fi passwords

A CyberArk researcher showed that $50 worth of hardware and some attack scripts are all you need to break into home and small business Wi-Fi networks. Continue Reading
By
- Shaun Nichols
News 20 Oct 2021
'LightBasin' hackers spent 5 years hiding on telco networks

A state-sponsored hacking group has been moving undetected on the networks of more than a dozen telecommunications providers, observing traffic and collecting data for years. Continue Reading
By
- Shaun Nichols
News 12 Oct 2021
Cybereason and Google Cloud join forces for new XDR service

Cybereason and Google Cloud have teamed up to combat future security threats with accelerated XDR capabilities. Continue Reading
By
- Arielle Waldman, News Writer
Definition 07 Oct 2021
What is an SSL VPN (Secure Sockets Layer virtual private network)?

An SSL VPN is a type of virtual private network (VPN) that uses the Secure Sockets Layer (SSL) protocol -- or, more often, its successor, the Transport Layer Security (TLS) protocol -- in standard web browsers to provide secure, remote access VPN capability. Continue Reading
By
- Linda Rosencrance
Definition 07 Oct 2021
What is a next-generation firewall (NGFW)?

A next-generation firewall (NGFW) is part of the third generation of firewall technology that can be implemented in hardware or software. Continue Reading
By
- Casey Clark, TechTarget
- Sharon Shea, Executive Editor
News 30 Sep 2021
Researchers hack Apple Pay, Visa 'Express Transit' mode

Academic researchers discover an attack technique that enables them to make fraudulent transactions on locked iPhones when Apple Pay and Visa cards are set up for transit mode. Continue Reading
By
- Arielle Waldman, News Writer
News 29 Sep 2021
Telegram bots allowing hackers to steal OTP codes

A simplified new attack tool based on Telegram scripts is allowing criminals to steal one-time password credentials and take over user accounts and drain bank funds. Continue Reading
By
- Shaun Nichols
News 22 Sep 2021
Symantec: Staging activity observed on Exchange servers

Threat actors appear to be targeting Microsoft Exchange servers with pre-ransomware activity, including one attempt to exfiltrate data. Continue Reading
By
- Arielle Waldman, News Writer
Definition 13 Sep 2021
promiscuous mode

In computer networking, promiscuous mode is a mode of operation, as well as a security, monitoring and administration technique. Continue Reading
By
- Rahul Awati
News 02 Sep 2021
FTC drops the hammer on SpyFone for privacy violations

The FTC has decried SpyFone, a remote tracking app for mobile phones, as stalkerware and ordered it to notify all individuals who were tracked by the app. Continue Reading
By
- Shaun Nichols
News 02 Sep 2021
Accellion-related breach disclosures continue to unfold

Beaumont Health disclosed some patient data was exposed through an attack on Accellion's FTA product, nine months after the attack on the legacy file transfer software occurred. Continue Reading
By
- Arielle Waldman, News Writer
News 01 Sep 2021
Beware of proxyware: Connection-sharing services pose risks

Cisco Talos warns that sharing internet connections with random people via third-party app like Honeygain and Peer2Profit could lead to malware installations and other threats. Continue Reading
By
- Shaun Nichols
News 27 Aug 2021
T-Mobile offers details of data breach that affected 40M

According to T-Mobile, the hackers who stole its customer database had knowledge of the company's network and testing setup. The hack was a carefully planned network breach. Continue Reading
By
- Shaun Nichols
Definition 27 Aug 2021
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Definition 23 Aug 2021
MD5

The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Peter Loshin, Former Senior Technology Editor
Guest Post 18 Aug 2021
How attackers use open source intelligence against enterprises

Cato Networks' Etay Maor explains how cybercriminals use open source intelligence to detect and attack vulnerable enterprise networks and employees. Continue Reading
By
- Etay Maor
News 18 Aug 2021
Mandiant, CISA warn of critical ThroughTek IoT bug

Mandiant warns the vulnerability, which could affect more than 80 million IoT devices, poses a huge risk to end users' security and privacy and should be mitigated appropriately. Continue Reading
By
- Arielle Waldman, News Writer