Network Security

Network security news, trends, analysis and practical advice

blind mans buff

navy lookout

With greater visibility comes increased response

As our manager tests an advanced firewall, several events that would have gone undetected come to light.

031615 wi fi 1

This tool can warn you about evil access points nearby

A new open-source tool can periodically scan for rogue Wi-Fi access points and alert network administrators if they're found.

internet security with lock

Like Google, Mozilla set to punish Chinese agency for certificate debacle

The Mozilla Foundation plans to reject new digital certificates issued by the China Internet Network Information Center in its products, but will continue to trust certificates that already exist.

fingers typing keyboard dramatic lighting programmer hacker

Lebanese cyberespionage campaign hits defense, telecom, media firms worldwide

For the past two years, a cyberespionage group that likely operates from Lebanon has hacked into hundreds of defense contractors, telecommunications operators, media groups and educational organizations from at least 10 countries.

internet security thinkstock 1200w

Microsoft blacklists fraudulently issued SSL certificate

Microsoft released an update to blacklist an SSL certificate for one of its domain names that was issued to an unauthorized third party.

Tool allows account hijacking on sites that use Facebook Login

Attackers can force users to associate their accounts on other sites with malicious Facebook accounts

cybercrime

OpenDNS trials system that quickly detects computer crime

A security system undergoing testing by a San-Francisco-based company aims to speed up the detection of websites and domains used for cybercrime.

firehose

Information overload, SIEM version

Our manager is very happy with the performance of his security information and event management platform, but sometimes it’s too much for the network bandwidth. Fortunately, an easy fix is at hand.

patch bandage band-aid first-aid ouch cure remedy

Critical remote code execution flaw patched in Samba

Security researchers are urging users to install new Samba security updates in order to address a critical vulnerability that allows attackers to execute arbitrary code with root privileges.

Hacking stealing password data

Many attackers lurk undetected for months, then pounce

Attackers who penetrate company networks often pose as legitimate users for long periods of time, causing lengthy delays before victims figure out they've been hacked.

encryption

NSA director wants gov't access to encrypted communications

It probably comes as no surprise that the director of the National Security Agency wants access to encrypted data on computers and other devices. The U.S. should be able to craft a policy that allows the NSA and law enforcement...

cybersecurity stock image

'Secure' advertising tool PrivDog compromises HTTPS security

New cases of insecure HTTPS traffic interception are coming to light as researchers investigate software programs for implementations that could enable malicious attacks. The latest software to open a man-in-the-middle hole on users'...

Wi-Fi router

Using a router to block a modem

If your Internet connection consists of a separate router and modem, then a private IP address, 192.168.100.1, may provide access to the modem. This can be a double edged sword. Motorola SURFboard modems, in particular, can be reset...

Microsoft adds HTTP Strict Transport Security support to Internet Explorer

Websites will now be able to instruct the browser to always reach them over HTTPS.

equation cyberspies

Equation cyberspies use unrivaled, NSA-style techniques to hit Iran, Russia

A cyberespionage group with a toolset similar to ones used by U.S. intelligence agencies has infiltrated key institutions in countries including Iran and Russia.

Corporate IT: Beware the dating apps on your users' phones

Common vulnerabilities could be putting your company's data up for grabs

keyboard chinese flag china hacker

China seen targeting banks, military in Forbes web attack

A Chinese hacking group infiltrated the Forbes.com site in November and used it to launch targeted attacks against website visitors from U.S. banking and defense companies, a cybersecurity company said.

Siemens patches critical flaws in industrial wireless gear

Siemens released critical security patches for the firmware in its Ruggedcom WIN products, which are used as broadband wireless base stations in industrial environments.

Load More