Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A security flaw in Intel's Advanced Management Technology (AMT) technology can be abused with less than a minute of physical access to the device to gain full remote acces. [Read More]
Free and open Certificate Authority (CA) Let’s Encrypt on Tuesday disabled TLS-SNI-01 validation after learning that users could abuse it to obtain certificates for domains they do not own. [Read More]
Exploit code used by the Satori botnet to compromise Huawei routers via a zero-day vulnerability became public last week, researchers have discovered. [Read More]
Nissan Canada is informing more than 1.1 million customers that their personal information may have been compromised as a result of a data breach [Read More]
Nearly a dozen flaws discovered in wireless networking products from Cambium, including ones that can be exploited to hack devices and networks [Read More]
A sophisticated multi-staged Apache Struts cyber attack campaign is abusing NSA-linked exploits to target internal networks, researchers from F5 Networks have discovered. [Read More]
Hack the Air Force 2.0 bug bounty program kicks off with researchers hacking into a Pentagon network [Read More]
Netherlands-based security firm Fox-IT revealed that it was the victim of an MitM attack after hackers changed DNS records at its domain registrar [Read More]
Cisco announces availability of Security Connector, an iOS app that gives organizations visibility and control for mobile devices [Read More]
Severe vulnerability found by researchers in Fortinet’s FortiClient endpoint protection product can be exploited to obtain VPN authentication credentials [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

David Holmes's picture
Several tech vendors have been added to the list of vendors vulnerable to a variation on the Bleichenbacher attack called the ROBOT attack.
Erin O’Malley's picture
Detecting compromises requires monitoring a series of activities over time. Unfortunately, most security tools only have visibility into a certain set of activities and cannot see and comprehend the entire kill chain.
Marc Solomon's picture
There’s no reason that 2018 should be another year where attackers continue to successfully exploit the known.
John Maddison's picture
Cybercriminals have begun to leverage automation and machine learning in their attack tactics, techniques, and procedures (TTP).
Justin Fier's picture
Organizations still using the legacy approaches from a year ago to five years ago are consistently outpaced and forced to play catch-up.
Marc Solomon's picture
It is important to have a prioritized list of vulnerabilities based on the threats to your organization; this list will be different for each company based on their environment and risk profile.
John Maddison's picture
Here are six things every organization needs to consider when approaching security, especially during the chaos and time pressures of a network undergoing digital transformation.
David Holmes's picture
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
Ashley Arbuckle's picture
If you’re among the majority taking an architectural approach to consolidate security vendors then remember, your best defense is a good offense.
Jennifer Blatnik's picture
You can slow down a hacker, but it will do you good to accept that you may never be able to truly stop someone from getting through your first line of defense.