Network Security

Network security news, trends, analysis and practical advice

cybercrime
firehose

patch bandage band-aid first-aid ouch cure remedy

Critical remote code execution flaw patched in Samba

Security researchers are urging users to install new Samba security updates in order to address a critical vulnerability that allows attackers to execute arbitrary code with root privileges.

Hacking stealing password data.

Many attackers lurk undetected for months, then pounce

Attackers who penetrate company networks often pose as legitimate users for long periods of time, causing lengthy delays before victims figure out they've been hacked.

encryption

NSA director wants gov't access to encrypted communications

It probably comes as no surprise that the director of the National Security Agency wants access to encrypted data on computers and other devices. The U.S. should be able to craft a policy that allows the NSA and law enforcement...

cybersecurity stock image

'Secure' advertising tool PrivDog compromises HTTPS security

New cases of insecure HTTPS traffic interception are coming to light as researchers investigate software programs for implementations that could enable malicious attacks. The latest software to open a man-in-the-middle hole on users'...

Wi-Fi router

Using a router to block a modem

If your Internet connection consists of a separate router and modem, then a private IP address, 192.168.100.1, may provide access to the modem. This can be a double edged sword. Motorola SURFboard modems, in particular, can be reset...

Microsoft adds HTTP Strict Transport Security support to Internet Explorer

Websites will now be able to instruct the browser to always reach them over HTTPS.

equation cyberspies

Equation cyberspies use unrivaled, NSA-style techniques to hit Iran, Russia

A cyberespionage group with a toolset similar to ones used by U.S. intelligence agencies has infiltrated key institutions in countries including Iran and Russia.

Corporate IT: Beware the dating apps on your users' phones

Common vulnerabilities could be putting your company's data up for grabs

keyboard chinese flag china hacker

China seen targeting banks, military in Forbes web attack

A Chinese hacking group infiltrated the Forbes.com site in November and used it to launch targeted attacks against website visitors from U.S. banking and defense companies, a cybersecurity company said.

Siemens patches critical flaws in industrial wireless gear

Siemens released critical security patches for the firmware in its Ruggedcom WIN products, which are used as broadband wireless base stations in industrial environments.

Free and cheap ways to learn about IT security

Free and cheap ways to learn about IT security

From recovering deleted files to setting up an intrusion detection system, these seven projects give you hands-on experience with an array of security tasks.

1927 mississippi flood levee breach

Be prepared for the breach that’s headed your way

If we learned anything in 2014, it was that no one is immune to a massive data breach. If one hits you this year, are you going to have the visibility that will let you tell the executive team what they need to know?

Adobe pushes critical Flash Player update to fix latest zero-day

Users with automatic updates enabled in Flash Player have already started receiving the new patch

Miramax

FAIL: NSA can't shield DoD or Sony from N. Korea hacks

The National Security Agency (NSA) -- tasked with protecting American computers -- apparently fell asleep on the job. The latest story: The NSA allegedly watched North Korea hack Sony for over four years, yet did nothing about it,...

hindenburg disaster 1937

2015: The year the Internet crashes. Hard.

2014 saw the largest Internet network attacks of all time, fundamental network programs cracked like eggs, and user IDs and passwords leaked everywhere. It will only get worse.

AOL halts malicious ads served by its advertising platform

AOL.com said it has stopped malicious advertisements being served by its advertising platforms after being alerted by a security company.

security phishing hook

Free tool automates phishing attacks for Wi-Fi passwords

The tool can disconnect Wi-Fi users and trick them into disclosing their password to a rogue access point.

Rackspace DNS recovers after DDoS brings system down

Managed cloud service provider Rackspace has recovered from a DDoS attack that crippled the company's DNS servers for 11 hours earlier this week.

Load More