Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Cisco patches critical and high severity vulnerabilities in its Prime Collaboration Provisioning software [Read More]
On May 9, 2017, Microsoft Edge and Internet Explorer 11 browsers dropped support for websites protected with SHA-1 certificates that chain to a root in the Microsoft Trusted Root Program. [Read More]
Rockwell Automation updates firmware on Stratix 5900 routers to patch over 60 vulnerabilities discovered since 2014 in Cisco’s IOS software [Read More]
Asus RT-AC and RT-N devices that are not running the latest firmware version are vulnerable to a series of CSRF, JSONP and XSS vulnerabilities that allow malicious actors to disclose information, change device settings, or inject code. [Read More]
Cisco has finally released an update for its IOS software to patch a CIA zero-day flaw affecting hundreds of its switches [Read More]
Details of the Intel AMT firmware vulnerability announced on May 1, 2017 are now public knowledge; and the suggestion that 'this is somewhere between nightmarish and apocalyptic' has been proven correct. [Read More]
Risks posed by SS7 flaws are no longer just theoretical – cybercriminals exploited vulnerabilities to steal money from bank accounts [Read More]
Cisco patches critical RCE/DoS vulnerability affecting CVR100W small business routers [Read More]
Netgear releases firmware updates to patch remote code execution vulnerabilities in some of its routers and switches [Read More]
Moxa addresses hardcoded credentials issue that can be exploited by attackers to gain complete control of the company’s APs [Read More]

FEATURES, INSIGHTS // Network Security

rss icon

Preston Hogue's picture
Defenders need a new type of counterinsurgent security that can move out into the jungle to protect users and sensitive data against attackers who disguise their exploits with the very encryption that we think keeps us safe.
Marie Hattar's picture
Understanding how well (or not) websites and networks deal with the unexpected spikes in inbound traffic is the first step in dealing with DDoS attacks.
Avi Chesla's picture
At the end of the day, CISOs are finding it very challenging to be able to assess the performance of the security products in their organization’s arsenal.
Jennifer Blatnik's picture
While automation delivers many benefits to the enterprise, there are dangers to mindlessly automating every business function, especially when it comes to security.
Marie Hattar's picture
Full visibility is necessary when it comes to security, but some things should stay hidden. How do we see the whole network? What tools do we need? How do we stay compliant?
David Holmes's picture
Classic SSL interceptors are notoriously lackadaisical about certificate verification, but that doesn’t mean the only choice is not to use them or that they’re not needed.
Joshua Goldfarb's picture
Although attackers still use malicious code quite often, they have been relying less and less on it. So how do attackers manage to be so successful without using any malware at all?
Ken McAlpine's picture
To apply an effective intent-based network security strategy to networks, security teams need to rethink how they plan, design, organize, and implement network architecture.
David Holmes's picture
Ladies and Gentlemen! Gamers and Cryptoheads! Have you ever wondered which major gaming console has the best message encryption? Well, I’m going to reveal the clear winner in my own recent personal test.
Ashley Arbuckle's picture
Generally referred to as the “attack chain,” the approach cybercriminals follow to launch and execute attacks is well-documented and includes reconnaissance, weaponization, delivery, and installation.