Network Security

Network security news, trends, analysis and practical advice

eric holder reuters larry downing
bankvault

Organization sets out to make secure communication tools more user-friendly

Google, Dropbox and the Open Technology Fund are supporting a new organization focused on making open-source security and privacy tools more user-friendly.

China says US hacking accusations are 'totally groundless'

The Chinese government says accusations that it was involved in cyberattacks against U.S. transportation contractors are "totally groundless and untenable."

wells fargo avast screenshot

'Tiny banker' malware targets US financial institutions

A banking trojan, known for its small size but powerful capabilities, has expanded the number of financial institutions from which it can collect data, according to security vendor Avast.

network security diagram 42 25789247

Sprint, Windstream traffic routing errors hijacked other ISPs

Internet traffic routing errors made by U.S. operators Sprint and Windstream on the same day last week underscore a long-known Internet weakness, posing both security and reliability issues.

Salesforce warns customers of malware attack

Salesforce.com users are being targeted by a new version of a computer Trojan that has typically attacked online banking customers until now.

Twitter launches bug bounty program

The company will pay researchers at least $140 for privately reporting serious vulnerabilities in its Web services and mobile apps

Hacker manipulating code

Hackers make drive-by attacks stealthier with fileless infections

Cybercriminals are increasingly infecting computers with malware that resides only in memory in order to make their attacks harder to detect.

computer hacking hacker thief white collar crime stealing keyboard hand shadow 000001325773

Why hackers may be stealing your credit card numbers for years

While conducting a penetration test of a major Canadian retailer, Rob VandenBrink bought something from the store. He later found his own credit card number buried in its systems.

computer hacker aa006208

Rigged industrial software site points to watering hole attack

Attackers have rigged the website of an industrial software firm with a sophisticated reconnaissance tool, possibly in preparation for attacks against companies from several industries.

Tuning the security analysts

Monitoring of the SIEM has gone offshore, but the overseas analysts are escalating a lot of events that aren't really worth investigating.

New malvertising campaign hit visitors of several high-profile sites

Attackers redirected users to Web-based exploits by pushing malicious advertisements onto popular sites, researchers from Fox-IT said

Internet of Things

Three security practices that IoT will disrupt

As the field of IoT devices continues to grow, so do the threats to well-established security practices

Lightning? That's the least of their problems

This consultant pilot fish is called in by a new client -- a banquet hall -- to clean up wireless network problems after a lighting storm. But what he finds is a much bigger mess.

Hackers prey on Russian patriotism to grow the Kelihos botnet

A recent spam campaign encouraged Russian speakers to install malware on their computers to participate in DDoS attacks, researchers said

Startup builds intrusion prevention system for home networks

At a time of growing concern about the security of interconnected devices in homes, a startup aims to provide consumers with a type of network security system traditionally used by businesses.

Home routers supplied by ISPs can be compromised en masse

Specialized servers used by many ISPs to manage routers and other gateway devices provisioned to their customers are accessible from the Internet and can easily be taken over by attackers, researchers warn.

Network-attached storage devices more vulnerable than routers, researcher finds

A security review of network-attached storage (NAS) devices from multiple manufacturers revealed that they typically have more vulnerabilities than home routers, a class of devices known for poor security and vulnerable code.

22-carat catch-22

This jewelry store keeps reporting that its employees can't connect to the Internet -- and this field engineer pilot fish keeps getting sent out by the telco to fix the problem. "It's been going on once a week for about three...

Load More