Network Security

Network security news, trends, analysis and practical advice

Researchers improve de-anonymization attacks for sites hiding on Tor

Attackers controlling entry nodes on the Tor network could find the location of hidden services or unmask users visiting them.


breach bucket

Closing the data floodgates

The unauthorized disclosure of sensitive and controlled data is a major issue for businesses today. Data loss prevention is a relatively new class of products that attempt to monitor common communication channels for the presence of...

Darkode cybercrime forum may be making a comeback

The forum's last administrator has plans to restore the site, with better protections against law enforcement investigations.

cars driving on roadway rear view aa052878

Firewalls can't protect today's connected cars

While the automobile industry pursues more secure internal bus architectures, experts say no network firewall will ever be totally tamper-proof, and it's more important to be able to detect and stop an attack rather than block it.

Impish 5th grader

Is your firewall smarter than a 5th-grader?

A recent talk with my 10-year-old nephew confirmed my suspicion — the firewall has become somewhat ubiquitous of late, the essential element of network perimeter security. Almost all know what a firewall is, even if some inexplicably...

malware

Emergency Flash Player updates fix for vulnerability used in widespread attacks

Adobe Systems was forced to rush the release of a Flash Player update after an exploit for a previously unknown vulnerability was leaked on the Internet and quickly adopted by cybercriminals.

Hacker

Hacker group that hit Twitter, Facebook, Apple and Microsoft intensifies attacks

The hackers that targeted Twitter, Facebook, Apple and Microsoft developers two years ago have escalated their economic espionage efforts as they seek confidential business information and intellectual property they can profit from.

trust in marketing

Throw out the trust, and verify everything

Networks have traditionally been designed with trusted zones, usually those "securely" inside the network perimeter, with everything else being untrusted. Sadly, with remote users, interconnected offices, mobile devices, and cloud...

FBI chief Comey warns that terrorists hide behind encrypted communications

James Comey said that these communications may not be intercepted despite court orders.

network security diagram 42 25789247

Cisco to buy security-as-a-service provider OpenDNS for $635M

Cisco Systems plans to pay $635 million in cash to buy OpenDNS, a company that leverages the Domain Name System to provide security services including Web filtering, threat intelligence and malware and phishing protection.

sec vulnerability lock bolt

US personnel agency takes system offline after security flaw detected

Problems for the U.S. Office of Personnel Management aren't letting up. The government agency said Monday it had suspended a system used for background checks after a security flaw was discovered in the Web-based app.

network security diagram 42 25789247

Cisco warns of default SSH keys shipped in three products

Cisco Systems released a patch for three products that shipped with default encryption keys, posing a risk that an attacker with the keys could decrypt data traffic.

Linksys Smart Wi-Fi makes a stupid Guest network

A recent article pointed out that Linksys and Belkin routers are incapable of offering over-the-air encryption (WEP, WPA or WPA2) on their Guest wireless networks. On top of this, their Guest networks use a captive portal, which is...

Trojan that hides inside images infects healthcare organizations

A computer Trojan that hides its malicious code inside PNG image files counts healthcare organizations in the U.S. among its primary targets.

The Internet of Things raises the specter of a security nightmare...

Is your thermostat spying on you? Cyberthreats and the Internet of Things

The Internet of Things opens up a whole new world of interactions, but raises the specter of a security nightmare. Classic security solutions fail when faced with multitudes of devices running embedded software.

Flaw in ESET products shows why spy groups are interested in antivirus programs

The flaw could allow attackers to fully compromise systems via websites, email, USB drives and other methods.

pita

How encryption keys could be stolen by your lunch

A device, hidden in pita bread, can collect signals that can betray encryption keys.

The NetUSB router flaw Part 2 - Detection and Mitigation

Without a comprehensive list of routers vulnerable to the NetUSB flaw, the burden falls on us to test our routers. This requires scanning for port 20005 on the LAN side, for sure, and possibly the WAN side too. Here I describe...

Network analysis is like turning over rocks

Among the things that crawled out were a number of websites that supposedly were being blocked.

Load More