Network Security

Network security news, trends, analysis and practical advice

network security diagram 42 25789247
sec vulnerability lock bolt

network security diagram 42 25789247

Cisco warns of default SSH keys shipped in three products

Cisco Systems released a patch for three products that shipped with default encryption keys, posing a risk that an attacker with the keys could decrypt data traffic.

Linksys Smart Wi-Fi makes a stupid Guest network

A recent article pointed out that Linksys and Belkin routers are incapable of offering over-the-air encryption (WEP, WPA or WPA2) on their Guest wireless networks. On top of this, their Guest networks use a captive portal, which is...

Trojan that hides inside images infects healthcare organizations

A computer Trojan that hides its malicious code inside PNG image files counts healthcare organizations in the U.S. among its primary targets.

The Internet of Things raises the specter of a security nightmare...

Is your thermostat spying on you? Cyberthreats and the Internet of Things

The Internet of Things opens up a whole new world of interactions, but raises the specter of a security nightmare. Classic security solutions fail when faced with multitudes of devices running embedded software.


How encryption keys could be stolen by your lunch

A device, hidden in pita bread, can collect signals that can betray encryption keys.

The NetUSB router flaw Part 2 - Detection and Mitigation

Without a comprehensive list of routers vulnerable to the NetUSB flaw, the burden falls on us to test our routers. This requires scanning for port 20005 on the LAN side, for sure, and possibly the WAN side too. Here I describe...

Network analysis is like turning over rocks

Among the things that crawled out were a number of websites that supposedly were being blocked.


Free SSL/TLS certificate project moves closer to launch

Let's Encrypt, a project aimed at increasing the use of encryption across websites by issuing free digital certificates, is planning to issue the first ones next month.

Wi-Fi router

What most people don't know about the NetUSB router flaw - Part 1

The recent NetUSB flaw in routers was written up by almost every tech news organization, yet, much of the story was untold and some of what was written was flat out wrong. Here, and in my next blog, I hope to correct the record,...

security spending

What defines a mature IT security operation?

Mature security is not the direct result of the amount of money spent. Rather, it depends primarily on focus and good fundamentals.

emv chip and pin

Cybercriminals increasingly target point-of-sales systems

The data breach landscape could look very different in the future with the increased adoption of chip-enabled payment cards in North America, but for now point-of-sale systems account for the majority of breaches there, compared to a...

New SOHO router security audit uncovers more than 60 flaws in 22 models

Some of the vulnerabilities could allow attackers to take over the affected devices.

Android apps

Even a factory reset in Android phones leaves user data behind

Resetting an Android phone to its factory state before getting rid of it often fails to properly wipe all sensitive user data.

Wi-Fi router

Insecure routers hacked yet again

A new report from Incapsula describes thousands of hacked routers being used in DDoS attacks. The routers could not have been more vulnerable: they were enabled for remote administration with default passwords. The focus of the report...

Mobile security illustration

Software detects fake mobile, Wi-Fi networks

An Israeli company has developed a product it says can detect if a mobile device connects to a fake cellular base station or Wi-Fi access point, potentially protecting critical data from falling into the hands of hackers.


Disrupt - Cloudwear

Interview with Evan Tann, CEO of Cloudwear, at Techcrunch Disrupt.

Never Give Up

Are we surrendering the cyberwar?

There is a growing sentiment in the information security world today that since it is impossible to completely keep hackers out of business networks, we should throw in the towel and just focus on protecting data. While safeguarding...

signpost and big ben

To get more secure, first figure out where you want to go

If you don’t ask the right questions, you could end up with protection that doesn’t take care of your real problems.

Load More