Mark Dargin
Author Archives: Mark Dargin
- Home → Author's archive:
Mark Dargin
0
‘Credible threat’: How to protect networks from ransomware
(Editor’s note, Oct. 29, 2020: With the FBI and US Department of Homeland Security recently warning of credible cyberthreats to healthcare facilities including ransomware, it’s a good time to review the steps outlined in this article that enterprises can take to guard against such attacks.)Ransomware attacks are becoming more rampant now that criminals have learned they are an effective way to make money in a short amount of time.Attackers do not even need any programming skills to launch an attack because they can obtain code that is shared among the many hacker communities. There are even services that will collect the ransom via Bitcoin on behalf of the attackers and just require them to pay a commission.To read this article in full, please click here
0
‘Credible threat’: How to protect networks from ransomware
(Editor’s note, Oct. 29, 2020: With the FBI and US Department of Homeland Security recently warning of credible cyberthreats to healthcare facilities including ransomware, it’s a good time to review the steps outlined in this article that enterprises can take to guard against such attacks.)Ransomware attacks are becoming more rampant now that criminals have learned they are an effective way to make money in a short amount of time.Attackers do not even need any programming skills to launch an attack because they can obtain code that is shared among the many hacker communities. There are even services that will collect the ransom via Bitcoin on behalf of the attackers and just require them to pay a commission.To read this article in full, please click here
0
National pen test execution standard would improve network security
As the number of cyber attacks increases, the demand for penetration tests – to determine the strength of a company’s defense – is also going up. People are worried about their companies’ networks and computer systems being hacked and data being stolen. Plus, many regulatory standards such PCI and HITRUST require these tests to be performed on at least an annual basis.The demand for these tests is only going to increase as attackers get more sophisticated. And it’s essential these tests catch all possible vulnerabilities.[ Also read: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ] Benefits and gaps of penetration tests Penetration tests involve live tests of computer networks, systems, or web applications to find potential vulnerabilities. The tester actually attempts to exploit the vulnerabilities and documents the details of the results to their client. They document how severe the vulnerabilities are and recommend the steps that should be taken in order to resolve them.To read this article in full, please click here
0
National pen test execution standard would improve network security
As the number of cyber attacks increases, the demand for penetration tests – to determine the strength of a company’s defense – is also going up. People are worried about their companies’ networks and computer systems being hacked and data being stolen. Plus, many regulatory standards such PCI and HITRUST require these tests to be performed on at least an annual basis.The demand for these tests is only going to increase as attackers get more sophisticated. And it’s essential these tests catch all possible vulnerabilities.[ Also read: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ] Benefits and gaps of penetration tests Penetration tests involve live tests of computer networks, systems, or web applications to find potential vulnerabilities. The tester actually attempts to exploit the vulnerabilities and documents the details of the results to their client. They document how severe the vulnerabilities are and recommend the steps that should be taken in order to resolve them.To read this article in full, please click here
0
National pen test execution standard would improve network security
As the number of cyber attacks increases, the demand for penetration tests – to determine the strength of a company’s defense – is also going up. People are worried about their companies’ networks and computer systems being hacked and data being stolen. Plus, many regulatory standards such PCI and HITRUST require these tests to be performed on at least an annual basis.The demand for these tests is only going to increase as attackers get more sophisticated. And it’s essential these tests catch all possible vulnerabilities.[ Also read: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ] Benefits and gaps of penetration tests Penetration tests involve live tests of computer networks, systems, or web applications to find potential vulnerabilities. The tester actually attempts to exploit the vulnerabilities and documents the details of the results to their client. They document how severe the vulnerabilities are and recommend the steps that should be taken in order to resolve them.To read this article in full, please click here
0
National pen test execution standard would improve network security
As the number of cyber attacks increases, the demand for penetration tests – to determine the strength of a company’s defense – is also going up. People are worried about their companies’ networks and computer systems being hacked and data being stolen. Plus, many regulatory standards such PCI and HITRUST require these tests to be performed on at least an annual basis.The demand for these tests is only going to increase as attackers get more sophisticated. And it’s essential these tests catch all possible vulnerabilities.[ Also read: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ] Benefits and gaps of penetration tests Penetration tests involve live tests of computer networks, systems, or web applications to find potential vulnerabilities. The tester actually attempts to exploit the vulnerabilities and documents the details of the results to their client. They document how severe the vulnerabilities are and recommend the steps that should be taken in order to resolve them.To read this article in full, please click here
0
Fight for net neutrality rules gains momentum
The U.S. Supreme Court has officially ended the court fight over the repealed net neutrality rules that required internet providers to treat all online traffic equally.On Nov. 5, 2018, the court rejected appeals from the telecommunications industry seeking to throw out a lower court ruling in favor of the net neutrality rules. The Federal Communications Commission (FCC) under President Donald Trump has rolled back the rules, but the industry also wanted to completely remove the lower court’s ruling off the books.The Supreme Court's decision is a victory for advocates of net neutrality rules, as supporters hope this will push Congress to enact new net neutrality laws or encourage other states to follow California’s lead by instituting their own requirements.To read this article in full, please click here
0
How to protect your infrastructure from DNS cache poisoning
Domain Name System (DNS) is our root of trust and is one of the most critical components of the internet. It is a mission-critical service because if it goes down, a business’s web presence goes down.DNS is a virtual database of names and numbers. It serves as the backbone for other services critical to organizations. This includes email, internet site access, voice over internet protocol (VoIP), and the management of files.You hope that when you type a domain name that you are really going where you are supposed to go. DNS vulnerabilities do not get much attention until an actual attack occurs and makes the news. For example, in April 2018, public DNS servers that managed the domain for Myetherwallet were hijacked and customers were redirected to a phishing site. Many users reported losing funds out of their account, and this brought a lot of public attention to DNS vulnerabilities.To read this article in full, please click here
0
How to protect your infrastructure from DNS cache poisoning
Domain Name System (DNS) is our root of trust and is one of the most critical components of the internet. It is a mission-critical service because if it goes down, a business’s web presence goes down.DNS is a virtual database of names and numbers. It serves as the backbone for other services critical to organizations. This includes email, internet site access, voice over internet protocol (VoIP), and the management of files.You hope that when you type a domain name that you are really going where you are supposed to go. DNS vulnerabilities do not get much attention until an actual attack occurs and makes the news. For example, in April 2018, public DNS servers that managed the domain for Myetherwallet were hijacked and customers were redirected to a phishing site. Many users reported losing funds out of their account, and this brought a lot of public attention to DNS vulnerabilities.To read this article in full, please click here
0
How to protect your infrastructure from DNS cache poisoning
Domain Name System (DNS) is our root of trust and is one of the most critical components of the internet. It is a mission-critical service because if it goes down, a business’s web presence goes down.DNS is a virtual database of names and numbers. It serves as the backbone for other services critical to organizations. This includes email, internet site access, voice over internet protocol (VoIP), and the management of files.You hope that when you type a domain name that you are really going where you are supposed to go. DNS vulnerabilities do not get much attention until an actual attack occurs and makes the news. For example, in April 2018, public DNS servers that managed the domain for Myetherwallet were hijacked and customers were redirected to a phishing site. Many users reported losing funds out of their account, and this brought a lot of public attention to DNS vulnerabilities.To read this article in full, please click here
0
Prepare for the future without net neutrality
Net neutrality officially ended on June 11, 2018, and many people are concerned that this is the end of an open internet. Many supporters of it believe the internet should be regulated no different than the phone system or power utility and that this change will decrease the performance of it. Opponents of net neutrality, argue that the end of it will now increase competition among the various internet service providers (ISPs) and increase coverage, improve performance, and lower costs.What is net neutrality? Net neutrality became effective by the Federal Communication Commission (FCC) under President Barack Obama in 2015. It is a set of rules that ensured ISPs treated all data transmissions, irrespective to content, that flowed through their infrastructure equally. Net neutrality protections prevented ISPs from slowing web services, blocking access to sites, or charging content organizations for faster delivery of streaming movies or videos. It is believed that antitrust laws did not go far enough in ensuring that all content received equal treatment.To read this article in full, please click here
0
Prepare for the future without net neutrality
Net neutrality officially ended on June 11, 2018, and many people are concerned that this is the end of an open internet. Many supporters of it believe the internet should be regulated no different than the phone system or power utility and that this change will decrease the performance of it. Opponents of net neutrality, argue that the end of it will now increase competition among the various internet service providers (ISPs) and increase coverage, improve performance, and lower costs.What is net neutrality? Net neutrality became effective by the Federal Communication Commission (FCC) under President Barack Obama in 2015. It is a set of rules that ensured ISPs treated all data transmissions, irrespective to content, that flowed through their infrastructure equally. Net neutrality protections prevented ISPs from slowing web services, blocking access to sites, or charging content organizations for faster delivery of streaming movies or videos. It is believed that antitrust laws did not go far enough in ensuring that all content received equal treatment.To read this article in full, please click here
0
What to do if your cloud provider stops offering its services
What would your organization do if your cloud provider were to go out of business? What happens if your cloud provider suddenly stops offering critical services that your organization requires for its business to function properly? Businesses need to start asking these important questions and develop plans to address these scenarios.The cloud is a new market that continues to grow, and there are more small players offering their services. According to Gartner, Cloud System Infrastructure Services (IaaS) are expected to grow from $45.8 billion in revenue in 2018 to $72.4 billion in 2020. As the market matures, it's only natural that some of these organizations will disappear or stop offering certain services. In 2013, Nirvanix stopped offering it cloud services and gave customers only two weeks’ notice to move their data off of their platform.To read this article in full, please click here
0
What to do if your cloud provider stops offering its services
What would your organization do if your cloud provider were to go out of business? What happens if your cloud provider suddenly stops offering critical services that your organization requires for its business to function properly? Businesses need to start asking these important questions and develop plans to address these scenarios.The cloud is a new market that continues to grow, and there are more small players offering their services. According to Gartner, Cloud System Infrastructure Services (IaaS) are expected to grow from $45.8 billion in revenue in 2018 to $72.4 billion in 2020. As the market matures, it's only natural that some of these organizations will disappear or stop offering certain services. In 2013, Nirvanix stopped offering it cloud services and gave customers only two weeks’ notice to move their data off of their platform.To read this article in full, please click here
0
Secure your SDN controller
Managing networks has become increasingly complex, and it will remain a challenge as the use of Internet of Things devices continues to grow. This complexity makes it difficult to reconfigure a traditional network in a timely manner to respond to malicious events or fix configuration errors.A software-defined network (SDN) can help by giving network engineers the flexibility to dynamically change the behavior of a network on a node-by-node basis — something not typically available in a traditional network. An SDN uses virtualization to simplify the management of network resources and offers a solution for increased capacity without significantly increasing costs.To read this article in full, please click here
0
Secure your SDN controller
Managing networks has become increasingly complex, and it will remain a challenge as the use of Internet of Things devices continues to grow. This complexity makes it difficult to reconfigure a traditional network in a timely manner to respond to malicious events or fix configuration errors.A software-defined network (SDN) can help by giving network engineers the flexibility to dynamically change the behavior of a network on a node-by-node basis — something not typically available in a traditional network. An SDN uses virtualization to simplify the management of network resources and offers a solution for increased capacity without significantly increasing costs.To read this article in full, please click here
0
Secure your SDN controller
Managing networks has become increasingly complex, and it will remain a challenge as the use of Internet of Things devices continues to grow. This complexity makes it difficult to reconfigure a traditional network in a timely manner to respond to malicious events or fix configuration errors.A software-defined network (SDN) can help by giving network engineers the flexibility to dynamically change the behavior of a network on a node-by-node basis — something not typically available in a traditional network. An SDN uses virtualization to simplify the management of network resources and offers a solution for increased capacity without significantly increasing costs.To read this article in full, please click here
0
Increase your network security: Deploy a honeypot
Have you ever wondered how a hacker breaks into a live system? Would you like to keep any potential attacker occupied so you can gather information about him without the use of a production system? Would you like to immediately detect when an attacker attempts to log into your system or retrieve data? One way to see and do those things is to deploy a honeypot. It’s a system on your network that acts as a decoy and lures potential hackers like bears get lured to honey. Honeypots do not contain any live data or information, but they can contain false information. Also, a honeypot should prevent the intruder from accessing protected areas of your network.To read this article in full or to leave a comment, please click here
0
Increase your network security: Deploy a honeypot
Have you ever wondered how a hacker breaks into a live system? Would you like to keep any potential attacker occupied so you can gather information about him without the use of a production system? Would you like to immediately detect when an attacker attempts to log into your system or retrieve data? One way to see and do those things is to deploy a honeypot. It’s a system on your network that acts as a decoy and lures potential hackers like bears get lured to honey. Honeypots do not contain any live data or information, but they can contain false information. Also, a honeypot should prevent the intruder from accessing protected areas of your network.To read this article in full or to leave a comment, please click here
0
Increase your network security: Deploy a honeypot
Have you ever wondered how a hacker breaks into a live system? Would you like to keep any potential attacker occupied so you can gather information about him without the use of a production system? Would you like to immediately detect when an attacker attempts to log into your system or retrieve data? One way to see and do those things is to deploy a honeypot. It’s a system on your network that acts as a decoy and lures potential hackers like bears get lured to honey. Honeypots do not contain any live data or information, but they can contain false information. Also, a honeypot should prevent the intruder from accessing protected areas of your network.To read this article in full or to leave a comment, please click here