Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Attackers are increasingly leveraging large Domain Name System (DNS) TXT records in an effort to amplify the impact of their distributed denial-of-service (DDoS) attacks.
Version of the 5.1 of Microsoft's Enhanced Mitigation Experience Toolkit (EMET) brings improved protection and addresses several application compatibility issues.
Marco Vaz of Integrity Labs discovered a buffer overflow flaw in Belkin N750 DB Wi-Fi Dual-Band N+ Gigabit routers that can be exploited by a remote, unauthenticated attacker to gain root access to the device.
Cisco revealed that four of its small business RV series routers are affected by multiple vulnerabilities that can be exploited by malicious actors for various purposes.
US cybersecurity firms have begun unprecedented levels of cooperation to shore up America's key computer networks, and some experts argue in favor of "hacking back".
Google has released a new network traffic security testing tool that can be used to check if devices and applications are impacted by Transport Layer Security/ Secure Sockets Layer (TLS/SSL) vulnerabilities and if the cryptographic protocols are configured correctly.
Tokenization, the process in which sensitive information is replaced with a randomly generated unique token or symbol, can be used for securing payment card transactions and data.
American Express has launched a new services designed to protect online and mobile payments by replacing sensitive card information with tokens.
Researchers from FireEye have linked a series of recent distributed denial-of-service (DDoS) attacks against websites related to the pro-democracy movement in Hong Kong appear to a Chinese threat actor.
An unclassified computer network at the White House was breached recently and the main suspects are hackers allegedly working for the Russian government. Here is what some industry experts have to say.

FEATURES, INSIGHTS // Network Security

rss icon

Marc Solomon's picture
Advancing our security controls isn’t going to happen overnight. But we are well on our way with technology and capabilities that are already headed in this direction, implementing dynamic controls to see more, learn more, and adapt quickly.
Rebecca Lawson's picture
There is a widening gap between detection of a threat and enforcement that causes the threat to stop at the firewall, rather than play out its malicious intent.
Marc Solomon's picture
Thanks to significant technological advances what we can do is use knowledge of the past and the present to drive a desired future outcome. That capability is extremely important for better security given today’s threat landscape and the vicious cycle defenders face.
Joshua Goldfarb's picture
Although it may be tempting to envision a world where the analyst has been fully automated, this does not seem particularly reasonable.
Pat Calhoun's picture
Being connected is critical and all the elements of an organization’s security platform should work in concert together to provide adaptive security for the entire environment.
Scott Simkin's picture
Enterprises must tailor their security policy and protections to the actual threats they experience and to the threat landscape at large.
Marc Solomon's picture
With the right information, security professionals can quickly pivot from detection to a full understanding of the scope of the outbreak and take action to head off wider compromises
Pat Calhoun's picture
With a community of nearly 400,000 registered users, Snort remains a valuable tool for security organizations and has certainly flexed its muscles, but it may need some reinforcements to maintain its security longevity.
Joshua Goldfarb's picture
Amidst recent headlines, I am concerned that as a security community, we are losing sight of an important principle that is very important to remember: not all intrusions involve malware.
Joshua Goldfarb's picture
I am often asked the question: “Is security an unsolvable problem?” In order for me to answer that question, I would have to understand it, and I don’t.