Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Cisco and Juniper Networks release updates to patch high severity vulnerabilities in their operating systems [Read More]
A vulnerability disclosed in June that affected a Wi-Fi camera has been found to affect over 120 products from D-Link. [Read More]
Darktrace, a cybersecurity startup that leverages machine learning and mathematics to detect threats, has raised $65 million from a group of investors led by private equity firm KKR. [Read More]
LizardStresser, a DDoS botnet that inspired many cybercrime groups to create their own botnets, was recently used in attacks as large as 400 gigabits per second (Gbps) that leverage the power of IoT devices. [Read More]
Dan Schiappa, VP with Sophos, has published a stinging rebuke against Cylance product comparison methods, saying the Cylance rigged a test by changing disabling default settings in Sophos' product. [Read More]
Cisco releases software updates to patch critical and high severity vulnerabilities in its management and security products [Read More]
A 470 gigabits per second (Gbps) distributed denial of service (DDoS) attack launched earlier this month leveraged nine different payload (packet) types. [Read More]
As it turns out, attackers use standard networking, administration and other tools in most post-intrusion activities, and not malware, a recent report from behavioral attack detection provider LightCyber reveals. [Read More]
Several vulnerabilities, including a critical remote code execution flaw, found in Cisco routers. No patch available [Read More]
AT&T detects approximately 30 billion malicious scans daily on its IP network and sees 400 million spam messages. [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

Danelle Au's picture
If security teams can automate how they validate security risks, we they shift focus from the easy challenges and onto the important things.
David Holmes's picture
A determined attacker could almost certainly find another, easier (non-SSL) vulnerability much faster and cheaper than by using DROWN.
Alan Cohen's picture
A steady plan that both builds on the best practices of today and anticipates and takes action for the world we are moving into presents the last best hope for creating trust again in IT.
Johnnie Konstantas's picture
Enterprises should establish security policies with regard to traffic inspection, and implement the right mix of SSL decryption and traffic inspection systems that don’t introduce latency or business disruption.
Avi Chesla's picture
Advanced attack campaigns are typically multi-vector, prolonged and adaptive to the defenses they encounter - unlike the defending side, which is inherently more rigid and structured around products and security solution silos.
Alan Cohen's picture
Micro-segmentation approaches play an important role in reducing the attack surface, the points of infiltration in the heart of the data center. By governing the traffic among servers, they reduce the risk of bad actors.
Johnnie Konstantas's picture
For the NSA, one of the hardest things to hack against is a network with out-of-band TAPs—which enable the continuous monitoring of network activity by sending copies of packets to security inspection and analytics devices.
Marc Solomon's picture
Enforcing security at the DNS layer is essential for identifying and containing malware infections that use DNS to execute their mission.
David Holmes's picture
During the public beta of Let’s Encrypt, it may simply be that people believe it will work. Belief works for medicine, but not for security. One way or the other, we’ll know soon.
Torsten George's picture
Threat intelligence has little value unless it is put into context of an organization’s security posture. Most enterprises don’t have the resources to apply the required logic to correlate external threat data with their internal security intelligence.