Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Cybercriminals using the Dridex banking Trojan to steal sensitive information from Internet users have changed the way they are distributing the malware, according to researchers from Palo Alto Networks.
FireEye has released a new report uncovering and detailing a large cyber-espionage campaign that the company believes is sponsored by the Russian government and dates back to 2007.
Please join us on Thursday, Oct. 30th at 1PM ET for a special webcast: Gaps In SSH Security Create an Open Door for Attackers.
Hackers attacked Ukraine's election commission website on the eve of parliamentary polls, officials said, but they denied Russian reports that the vote counting system itself had been put out of action.
CyberFence from Ultra Electronics, 3eTI offers new devices that push encryption, port authentication, and firewall technologies onto non-traditional endpoints.
Cisco has released software updates to address a three-year-old vulnerability in the Telnet code of Cisco AsyncOS, the operating systems used in some of the company's security appliances.
Cisco has been analyzing its products to determine which of them are affected by the recently disclosed Secure Sockets Layer (SSL) version 3 protocol flaw dubbed Padding Oracle On Downgraded Legacy Encryption (POODLE).
A vulnerability in SSL 3.0 lets attackers extract session cookies and other secrets from encrypted online communications, but experts believe the seriousness is tempered by the overall difficulty in exploiting the vulnerability.
Hundreds of professionals from around the world will come together on October 20-23 for the 14th edition of the ICS Cyber Security Conference, the longest-running cyber security conference dedicated to the industrial control system sector.
Attackers exploited a zero-day vulnerability in Windows to spy on NATO, the European Union, the Ukraine, and private energy and telecommunications companies, according to cyber-intelligence firm iSight Partners.

FEATURES, INSIGHTS // Network Security

rss icon

Scott Simkin's picture
The network edge is the ideal location for quickly preventing the vast majority of attacks, but looking forward, you should consider how pervasive deployments can stop the new breed of advanced attack.
Marc Solomon's picture
Advancing our security controls isn’t going to happen overnight. But we are well on our way with technology and capabilities that are already headed in this direction, implementing dynamic controls to see more, learn more, and adapt quickly.
Rebecca Lawson's picture
There is a widening gap between detection of a threat and enforcement that causes the threat to stop at the firewall, rather than play out its malicious intent.
Marc Solomon's picture
Thanks to significant technological advances what we can do is use knowledge of the past and the present to drive a desired future outcome. That capability is extremely important for better security given today’s threat landscape and the vicious cycle defenders face.
Joshua Goldfarb's picture
Although it may be tempting to envision a world where the analyst has been fully automated, this does not seem particularly reasonable.
Pat Calhoun's picture
Being connected is critical and all the elements of an organization’s security platform should work in concert together to provide adaptive security for the entire environment.
Scott Simkin's picture
Enterprises must tailor their security policy and protections to the actual threats they experience and to the threat landscape at large.
Marc Solomon's picture
With the right information, security professionals can quickly pivot from detection to a full understanding of the scope of the outbreak and take action to head off wider compromises
Pat Calhoun's picture
With a community of nearly 400,000 registered users, Snort remains a valuable tool for security organizations and has certainly flexed its muscles, but it may need some reinforcements to maintain its security longevity.
Joshua Goldfarb's picture
Amidst recent headlines, I am concerned that as a security community, we are losing sight of an important principle that is very important to remember: not all intrusions involve malware.