Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

WikiLeaks releases details on CherryBlossom, a tool used by the CIA to hack wireless routers and access points [Read More]
Despite being exploited in wide-spread malicious attacks, SMB, telnet, RDP, and other types of improperly exposed ports continue to put both enterprises and consumers at risk, a new Rapid7 report reveals. [Read More]
Cisco’s Prime Data Center Network Manager (DCNM) product is affected by two critical vulnerabilities introduced by a default account and a debug tool [Read More]
Critical authentication bypass vulnerability exposes many WiMAX routers to remote attacks. Patches unlikely any time soon [Read More]
Data center and cloud segmentation firm Illumio has raised a further $125 million in Series D funding. [Read More]
Enterprise IoT security company Armis emerges from stealth mode with $17 million in funding [Read More]
Router and switch LEDs can be used to stealthily exfiltrate sensitive data from air-gapped computers, researchers demonstrate [Read More]
WikiLeaks Vault 7: CIA tool “Pandemic” replaces legitimate files accessed via SMB with malware [Read More]
Companies that provide NAS appliances, routers and other networking devices are investigating the impact of the recently disclosed Samba vulnerability [Read More]
FreeRADIUS patches authentication bypass vulnerability. Previous fix turned out to be incomplete [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

Eddie Garcia's picture
Apache Spot is in its early stages yet it already has all the potential to be the platform where the good guys collaborate, sharing models and algorithms to find the bad actors.
Ken McAlpine's picture
Once you’ve decided that you need to include some SD-WAN capabilities to your network, you should also look at the implications to your security practices.
Ashley Arbuckle's picture
When it comes to automation, most defenders are operating at a deficit. So what’s holding so many enterprises back from incorporating automation in their security programs?
Preston Hogue's picture
Defenders need a new type of counterinsurgent security that can move out into the jungle to protect users and sensitive data against attackers who disguise their exploits with the very encryption that we think keeps us safe.
Marie Hattar's picture
Understanding how well (or not) websites and networks deal with the unexpected spikes in inbound traffic is the first step in dealing with DDoS attacks.
Avi Chesla's picture
At the end of the day, CISOs are finding it very challenging to be able to assess the performance of the security products in their organization’s arsenal.
Jennifer Blatnik's picture
While automation delivers many benefits to the enterprise, there are dangers to mindlessly automating every business function, especially when it comes to security.
Marie Hattar's picture
Full visibility is necessary when it comes to security, but some things should stay hidden. How do we see the whole network? What tools do we need? How do we stay compliant?
David Holmes's picture
Classic SSL interceptors are notoriously lackadaisical about certificate verification, but that doesn’t mean the only choice is not to use them or that they’re not needed.
Joshua Goldfarb's picture
Although attackers still use malicious code quite often, they have been relying less and less on it. So how do attackers manage to be so successful without using any malware at all?