Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Attackers are increasingly leveraging large Domain Name System (DNS) TXT records in an effort to amplify the impact of their distributed denial-of-service (DDoS) attacks.
Version of the 5.1 of Microsoft's Enhanced Mitigation Experience Toolkit (EMET) brings improved protection and addresses several application compatibility issues.
Marco Vaz of Integrity Labs discovered a buffer overflow flaw in Belkin N750 DB Wi-Fi Dual-Band N+ Gigabit routers that can be exploited by a remote, unauthenticated attacker to gain root access to the device.
Cisco revealed that four of its small business RV series routers are affected by multiple vulnerabilities that can be exploited by malicious actors for various purposes.
US cybersecurity firms have begun unprecedented levels of cooperation to shore up America's key computer networks, and some experts argue in favor of "hacking back".
Google has released a new network traffic security testing tool that can be used to check if devices and applications are impacted by Transport Layer Security/ Secure Sockets Layer (TLS/SSL) vulnerabilities and if the cryptographic protocols are configured correctly.
Tokenization, the process in which sensitive information is replaced with a randomly generated unique token or symbol, can be used for securing payment card transactions and data.
American Express has launched a new services designed to protect online and mobile payments by replacing sensitive card information with tokens.
Researchers from FireEye have linked a series of recent distributed denial-of-service (DDoS) attacks against websites related to the pro-democracy movement in Hong Kong appear to a Chinese threat actor.
An unclassified computer network at the White House was breached recently and the main suspects are hackers allegedly working for the Russian government. Here is what some industry experts have to say.

FEATURES, INSIGHTS // Network Security

rss icon

Scott Simkin's picture
As more organizations build applications other than Web and corporate email into the course of their business, adversaries are taking note and adjusting their tactics.
Joshua Goldfarb's picture
Because of the large volume of even the highest priority alerts, analysts are not able to successfully review each event. And with a large number of false positives, analysts become desensitized to alerts and do not take them seriously.
Avi Chesla's picture
In order to reap the greatest benefit from virtualization, SDN and NFV concepts, the control and data-plane functions of network security devices should be decoupled.
Pat Calhoun's picture
Adapted firewall VPN technology ensures network efficiency at a fraction of the cost of MPLS acquisition, with failover support to eliminate the pains of packet loss and minimize the impact on the user.
David Holmes's picture
In 2011, Twitter began encrypting all information between the (mostly) mobile endpoints and their own servers. This made it more difficult for monitoring agencies to determine a mobile user’s Twitter profile, and thereby that user’s follow list. More difficult, but not impossible.
Scott Simkin's picture
The network edge is the ideal location for quickly preventing the vast majority of attacks, but looking forward, you should consider how pervasive deployments can stop the new breed of advanced attack.
Marc Solomon's picture
Advancing our security controls isn’t going to happen overnight. But we are well on our way with technology and capabilities that are already headed in this direction, implementing dynamic controls to see more, learn more, and adapt quickly.
Rebecca Lawson's picture
There is a widening gap between detection of a threat and enforcement that causes the threat to stop at the firewall, rather than play out its malicious intent.
Marc Solomon's picture
Thanks to significant technological advances what we can do is use knowledge of the past and the present to drive a desired future outcome. That capability is extremely important for better security given today’s threat landscape and the vicious cycle defenders face.
Joshua Goldfarb's picture
Although it may be tempting to envision a world where the analyst has been fully automated, this does not seem particularly reasonable.
view counter