Nmap, short for Network Mapper, is a free and open source tool used for vulnerability checking, port scanning and, of course, network mapping. Despite being created back in 1997, Nmap remains the gold standard against which all other similar tools, either commercial or open source, are judged.Nmap has maintained its preeminence because of the large community of developers and coders who help to maintain and update it. The Nmap community reports that the tool, which anyone can get for free, is downloaded several thousand times every week.To read this article in full, please click here
The U.S. Cybersecurity and Infrastructure Agency issues emergency security directive over VMware vulnerabilities CVE-2022-22972 and CVE-2022-22973, which threat actors are likely to exploit.
The increased deployment of core business applications in the cloud and the shift to remote work brought on by the pandemic have obliterated any notion of the traditional “corporate moat” style of security.Today’s hybrid workplace, where employees are on the road, working from home and maybe visiting the office once or twice a week, has forced network and security teams to adopt a more flexible approach to managing the network, identities, and authentication.Zero Trust Network Access (ZTNA) has emerged as the preferred approach to address today’s security challenges. The concept is relatively simple: Instead of building a layered perimeter defense of firewalls, IDS/IPSes and anti-virus software, Zero Trust assumes that every user or device is untrusted until it becomes sufficiently verified.To read this article in full, please click here
Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.At its annual Google Cloud Security Summit, the company said it's building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies."Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up," wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. "This helps explain research done by Sonatype software that shows that there’s a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers."To read this article in full, please click here
Google Cloud is rolling out new security services designed to address enterprise challenges including securing open-source software and accelerating the adoption of zero-trust architectures.At its annual Google Cloud Security Summit, the company said it's building on its Invisible Security effort, which promises to bake security into tools and services that enterprises and other customers use most.One example is a new service called Assured Open Source Software (Assured OSS), which is aimed at making it easier for organizations to securely manage their open-source dependencies."Today patching security vulnerabilities in open source software often feels like a high-stakes game of whack-a-mole: fix one, and two more pop up," wrote Sunil Potti, vice president and general manager of Google Cloud Security, in a blog about the new services. "This helps explain research done by Sonatype software that shows that there’s a 650% year-over-year increase in cyberattacks aimed at open source software (OSS) suppliers."To read this article in full, please click here
It's a war zone out there. In the seemingly endless game of cyber cat and mouse, accurate intelligence remains the best tool for beating attackers at their own game.Here's an analysis of today's six top network threats and tips for how to identify and quash them.1. Ransomware
Ransomware is easily the greatest network threat, since it gives attackers the biggest bang for the buck with a relatively low probability of getting caught. "There's also a low bar in the skill category to break into this sort of thing," says Andy Rogers, a senior assessor at cybersecurity and compliance firm Schellman. "There are plenty of Ransomware-as-a-Service (RaaS) businesses that will be more than willing to ensure you have the tools you need to unleash a ransomware campaign."To read this article in full, please click here
Intel is betting that future data-center operations will depend on increasingly powerful servers running ASIC-based, programable CPUs, and its wager rides on the development of infrastructure processing units (IPU), which are Intel’s programmable networking devices designed to reduce overhead and free up performance for CPUs.
Read more: SmartNICs set to infiltrate enterprise networksTo read this article in full, please click here
Data management specialist Cohesity is launching a new data isolation and recovery tool called FortKnox, in a bid to help customers protect their data from ransomware attacks.FortKnox provides an additional layer of off-site protection for customers by keeping data in a secure ‘vault,’ with physical separation, network and management isolation to keep threat actors from accessing sensitive data.An object lock requires a minimum of two or more people to approve critical actions, such as changes of vault policy, and access can be managed using granular role-based access control, multi-factor authentication, and encryption both in-flight and at rest.To read this article in full, please click here
Multiple vulnerabilities have been discovered in Cisco's Enterprise NFV Infrastructure Software (NFVIS). The worst of the vulnerabilities could let an attacker escape from the guest virtual machine (VM) to the host machine, Cisco disclosed. The other two problems involve letting a bad actor inject commands that execute at the root level and allowing a remote attacker to leak system data from the host to the VM.NFVIS is Linux-based infrastructure software designed to help enterprises and service providers to deploy virtualized network functions, such as a virtual router, firewall and WAN acceleration, Cisco stated.To read this article in full, please click here
Dell is offering an expanded ecosystem of multicloud data management tools for its customers with a focus on data recovery services, adding recovery vault support for on-premises as well as public cloud assets."Our customers want help reducing complexity and are seeking solutions that use a common approach to managing data wherever it lives — from public clouds, to the data center, to the edge," said Chuck Whitten, co-chief operating officer, Dell Technologies, in a statement. "We are building a portfolio of software and services that simplifies on-premises and multicloud environments and offers." To read this article in full, please click here
Last month, software tools vendor Atlassian suffered a major network outage that lasted two weeks and affected more than 400 of their over 200,000 customers. The outage took down several of their products, including Jira, Confluence, Atlassian Access, Opsgenie, and Statuspage. While only a few customers were affected for the full two weeks, the outage was significant in terms of the depth of problems uncovered by the company’s engineers and the lengths they had to go to find and fix the problems.The outage was the result of a series of unfortunate internal errors by Atlassian’s own staff, and not the result of a cyberattack or malware. In the end, no customer lost more than a few minutes’ worth of data transactions, and the vast majority of customers didn’t see any downtime whatsoever.To read this article in full, please click here
Cisco is encouraging users of its popular Catalyst 2960X/2960XR switches to upgrade their IOS operating systems in an effort to combat counterfeiting.Because of the pervasiveness of these switches on the gray market, it’s imperative that customers enable the latest software release – IOS release 15.2(7)E4 or later – to validate the authenticity, security, and performance of their Catalyst 2960X/2960XR 24/48 port Gigabit Ethernet switches, Cisco stated in a notice to customers. To read this article in full, please click here
The network switch vulnerabilities are considered critical and could allow attackers to break network segmentation, exfiltrate data, and escape captive portals.
Why is it that over 90% of enterprises tell me that they expect to spend more on security over the next three years, and almost 60% say they expect to spend less on networking? We obviously think that network technology is getting more efficient, more competitive. Why isn’t that the case for security? The short answer is that enterprises have been chasing acronyms and not solutions.Acronym-chasing comes about because by nature, security is hard to plan for. The average network expert finds out there’s an issue because some higher-up reads or hears about a breach. Maybe they do a quick search, and they find out that what they really need is SASE. Or maybe they need SSE, which we’re told is SASE without SD-WAN. In any event, what happens is that there’s pressure to add this new thing on, and that creates another layer of protection...maybe. Complication and cost? Surely.To read this article in full, please click here
Why is it that over 90% of enterprises tell me that they expect to spend more on security over the next three years, and almost 60% say they expect to spend less on networking? We obviously think that network technology is getting more efficient, more competitive. Why isn’t that the case for security? The short answer is that enterprises have been chasing acronyms and not solutions.Acronym-chasing comes about because by nature, security is hard to plan for. The average network expert finds out there’s an issue because some higher-up reads or hears about a breach. Maybe they do a quick search, and they find out that what they really need is SASE. Or maybe they need SSE, which we’re told is SASE without SD-WAN. In any event, what happens is that there’s pressure to add this new thing on, and that creates another layer of protection...maybe. Complication and cost? Surely.To read this article in full, please click here
Key US government security organizations are warning that industrial control system (ICS)/supervisory control and data acquisition (SCADA)-based networks are being threatened by bad actors armed with custom software tools.The Department of Energy (DOE), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint warning that certain advanced persistent threat (APT) actors have shown the ability to gain full system access to compromised ICS/SCADA systems.The alert did not identify which groups were making the threats, but it did recognize Dragos, Mandiant, Microsoft, Palo Alto Networks and Schneider Electric for helping put together the warning. Dragos has posted a paper about part of the threat.To read this article in full, please click here
Disaster Recovery as a Service (DRaaS) provides data replication, hosting, and recovery services from the cloud in the event of a disaster, power outage, ransomware attack, or other business interruption.DRaaS backs up data, applications, and IT infrastructure to the cloud, with providers typically having geographically dispersed data center footprints. In the event of a disaster, the business will failover to the DRaaS provider’s data center in a different region. As opposed to traditional disaster recovery methods, which require businesses to operate an off-site DR facility, DRaaS shifts that burden to service providers, and, thus, expands the market beyond the large enterprises that could afford such capital-intensive setups.To read this article in full, please click here
Cisco has tweaked its flagship SD-WAN software package to increase customer application flexibility and improve visibility into the performance of distributed resources.The company announced Cisco SD-WAN release 17.8, which adds support for new business and customized cloud applications, analytics and security features.SD-WAN buyers guide: Key questions to ask vendors
Specifically, the company upgraded the SD-WAN Cloud OnRamp for SaaS service, which links branch offices or individual remote users to cloud applications such as Cisco’s Webex, Microsoft 365, AWS, Google, Oracle, Salesforce and more.To read this article in full, please click here
Virtualization and cloud vendor VMware this week disclosed eight vulnerabilities in five of its products, and urged users of Workspace ONE Access and all its products that include VMware Identity Manager components to patch immediately.Three of those vulnerabilities were rated critical on the CVSSv3 scale—two of them contain the possibility for remote code execution, while the third would allow a bad actor to bypass VMware’s user authentication systems to execute unauthorized operations.To read this article in full, please click here
Picking just 10 Linux open source security tools isn’t easy, especially when network professionals and security experts have dozens if not several hundred tools available to them.There are different sets of tools for just about every task—network tunneling, sniffing, scanning, mapping. And for every environment—Wi-Fi networks, Web applications, database servers.We consulted a group of experts (Vincent Danen, vice president of product security, RedHat; Casey Bisson, head of product growth, BluBracket; Andrew Schmitt, a member of the BluBracket Security Advisory Panel; and John Hammond, senior security researcher, Huntress) to develop this list of must-have Linux security tools.To read this article in full, please click here