Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Servers operated by Blizzard Entertainment went down yesterday following a distributed denial of service (DDoS) attack against the video game company,claimed by the Lizard Squad hacking group. [Read More]
One month after announcing that it had issued over one million certificates since opening to the public in December last year, free and open Certificate Authority (CA) Let’s Encrypt has come out of beta. [Read More]
Several ARRIS SURFboard broadband cable modem models suffer from cross-site request forgery (CSRF) vulnerability that allows an attacker to reboot them without authentication. [Read More]
JavaScript malware infects mobile devices and uses them to change the DNS settings of home routers [Read More]
WordPress.com has announced free HTTPS for all custom domains that it hosts, including blogs and websites. [Read More]
Google starts warning network administrators about harmful URLs related to PUPs, malicious software and social engineering [Read More]
A recent layer 7 distributed DDoS attack managed to break all previous known records in terms of bandwidth consumption, peaking at 8.7 Gbps. [Read More]
Researcher finds tens of serious vulnerabilities in routers manufactured by Taiwan-based Quanta Computer [Read More]
High severity vulnerability in Cisco Firepower System Software allows hackers to bypass malware detection and blocking features [Read More]
Cisco releases updates to patch several high severity DoS vulnerabilities in the company’s IOS networking software [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

Marc Solomon's picture
Enforcing security at the DNS layer is essential for identifying and containing malware infections that use DNS to execute their mission.
David Holmes's picture
During the public beta of Let’s Encrypt, it may simply be that people believe it will work. Belief works for medicine, but not for security. One way or the other, we’ll know soon.
Torsten George's picture
Threat intelligence has little value unless it is put into context of an organization’s security posture. Most enterprises don’t have the resources to apply the required logic to correlate external threat data with their internal security intelligence.
Alan Cohen's picture
Traditional incident management approaches that rely on network monitoring and detection of attacks are also falling short in today’s agile and distributed computing world.
Wade Williamson's picture
Asking for security backdoors that only benefit the good guys is like asking for bullets that only hurt the bad guys. That’s simply not how encryption works.
Johnnie Konstantas's picture
Visibility into all inter-SDN traffic gives security and performance management technologies the best statistical chance of surfacing embedded malware and anomalous patterns.
Marc Solomon's picture
As security vendors, it is incumbent upon us to reduce complexity. By resolving to make advances in these three areas, we can reduce security complexity while helping more organizations thwart more attacks.
Alan Cohen's picture
It is both naïve and wrong to ignore the role infrastructure plays in protecting data. Trusted networks trump untrusted networks. However, should security be a reason to upgrade networks or stay with proprietary compute architectures?
Marc Solomon's picture
With increased awareness and a deeper understanding of how attackers go about their ‘shopping’ we can take some relatively simple baseline measures that can go a long way toward protecting against cybercrime this time of year.
Johnnie Konstantas's picture
While complex threats are an easy place to lay blame, lack of visibility is the real culprit. Turning your eyes inward to detect where compromises occurred sooner rather than later has the potential to limit your risks substantially.