Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The RSA Advanced Security Operations Center (SOC) Solution offers an integrated set of technologies and services that can provide SIEM, Network Forensics, and Endpoint threat protection.
Chinese authorities have started intercepting encrypted traffic to and from Google's servers, in an apparent man-in-the-middle (MitM) attack against the encrypted traffic between CERNET and Google.
The CERT Coordination Center at Carnegie Mellon University (CERT/CC) has published a list of popular Android applications that fail to properly validate SSL certificates, exposing users to man-in-the-middle (MitM) attacks.
Akamai has published a threat advisory to warn organizations of attacks where cybercriminals are infecting Linux servers with malware capable of launching powerful distributed denial-of-service (DDoS) attacks.
Cybercriminals compromised the website of an industrial company to conduct a watering hole attack with the goal to collect information on the site's visitors.
Several vendors have joined forces with LogRhythm on a threat intelligence collective designed to provide customers with visibility and insight in order to help them detect sophisticated cyber threats.
Routers provided by many Brazilian Internet service providers (ISPs) to customers use MAC address authentication, instead of wireless security protocols like WEP or WPA.
The Federal Bureau of Investigation acknowledged that it and the US Secret Service were "working to determine the scope of recently reported cyber attacks against several American financial institutions."
Routers produced by China-based networking solutions provider Netis Systems are plagued by a security hole that can be leveraged by an attacker to gain control of the devices.
The National Institute of Standards and Technology (NIST) released today draft guidelines for addressing the security risks posed by the use of Secure Shell (SSH) for automated access.

FEATURES, INSIGHTS // Network Security

rss icon

Marc Solomon's picture
Thanks to significant technological advances what we can do is use knowledge of the past and the present to drive a desired future outcome. That capability is extremely important for better security given today’s threat landscape and the vicious cycle defenders face.
Joshua Goldfarb's picture
Although it may be tempting to envision a world where the analyst has been fully automated, this does not seem particularly reasonable.
Pat Calhoun's picture
Being connected is critical and all the elements of an organization’s security platform should work in concert together to provide adaptive security for the entire environment.
Scott Simkin's picture
Enterprises must tailor their security policy and protections to the actual threats they experience and to the threat landscape at large.
Marc Solomon's picture
With the right information, security professionals can quickly pivot from detection to a full understanding of the scope of the outbreak and take action to head off wider compromises
Pat Calhoun's picture
With a community of nearly 400,000 registered users, Snort remains a valuable tool for security organizations and has certainly flexed its muscles, but it may need some reinforcements to maintain its security longevity.
Joshua Goldfarb's picture
Amidst recent headlines, I am concerned that as a security community, we are losing sight of an important principle that is very important to remember: not all intrusions involve malware.
Joshua Goldfarb's picture
I am often asked the question: “Is security an unsolvable problem?” In order for me to answer that question, I would have to understand it, and I don’t.
Pat Calhoun's picture
The need for extreme network protection may be the driving force behind your decision to invest in a next-generation firewall (NGFW), but your enterprise also has other factors to consider.
Mark Hatton's picture
You need to identify your security shortcomings before someone else does. Simulate attacks and tests to associate known vulnerabilities, previous attack patterns, and security/network data to identify potential attack paths to your company’s most important data.