In this episode, host Steve Ragan talks with Engin Akyol, CTO at Distil Networks at the Black Hat 2018 conference, about bot account takeovers and how they can be detected.
As enterprises endeavor to expand domestic and global footprints, agile network infrastructure connectivity across geographies continues to prove an ongoing challenge. In particular, ensuring that data shared over these networks is protected from unauthorized access is a primary directive in today’s evolving cyber threat landscape. These often-contradictory demands call for IT decision makers to invest in innovation that will facilitate network flexibility and agility without compromising security, productivity or performance.This challenge begs a simple question. How can a WAN deliver the flexibility and agility necessary to help an organization grow without increasing exposure to data breaches and other security problems? After all, if the cost of convenience is increased network vulnerabilities, can it be considered a sound approach?To read this article in full, please click here
Network administrators, IT managers and security professionals face a never-ending battle, constantly checking on what exactly is running on their networks and the vulnerabilities that lurk within. While there is a wealth of monitoring utilities available for network mapping and security auditing, nothing beats Nmap's combination of versatility and usability, making it the widely acknowledged de facto standard.What is Nmap?
Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.To read this article in full, please click here
Domain Name System (DNS) is our root of trust and is one of the most critical components of the internet. It is a mission-critical service because if it goes down, a business’s web presence goes down.DNS is a virtual database of names and numbers. It serves as the backbone for other services critical to organizations. This includes email, internet site access, voice over internet protocol (VoIP), and the management of files.You hope that when you type a domain name that you are really going where you are supposed to go. DNS vulnerabilities do not get much attention until an actual attack occurs and makes the news. For example, in April 2018, public DNS servers that managed the domain for Myetherwallet were hijacked and customers were redirected to a phishing site. Many users reported losing funds out of their account, and this brought a lot of public attention to DNS vulnerabilities.To read this article in full, please click here
Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?L1TF, L1 Terminal Fault, and Foreshadow
The processor vulnerability goes by L1TF, L1 Terminal Fault, and Foreshadow. Researchers who discovered the problem back in January and reported it to Intel called it "Foreshadow". It is similar to vulnerabilities discovered in the past (such as Spectre).This vulnerability is Intel-specific. Other processors are not affected. And like some other vulnerabilities, it exists because of design choices that were implemented to optimize kernel processing speed but exposed data in ways that allowed access by other processes.To read this article in full, please click here
Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?L1TF, L1 Terminal Fault, and Foreshadow
The processor vulnerability goes by L1TF, L1 Terminal Fault, and Foreshadow. Researchers who discovered the problem back in January and reported it to Intel called it "Foreshadow". It is similar to vulnerabilities discovered in the past (such as Spectre).This vulnerability is Intel-specific. Other processors are not affected. And like some other vulnerabilities, it exists because of design choices that were implemented to optimize kernel processing speed but exposed data in ways that allowed access by other processes.To read this article in full, please click here
Network packet brokers (NPB) have played a key role in helping organizations manage their management and security tools. The tool space has exploded, and there is literally a tool for almost everything. Cybersecurity, probes, network performance management, forensics, application performance, and other tools have become highly specialized, causing companies to experience something called “tool sprawl” where connecting a large number of tools into the infrastructure creates a big complex mesh of connections.Ideally, every tool would receive information from every network device, enabling it to have a complete view of what’s happening, who is accessing what, where they are coming in from, and when events occurred.To read this article in full, please click here
Taiwanese chip-making giant Taiwan Semiconductor Manufacturing Co. (TSMC), whose customers include Apple, Nvidia, AMD, Qualcomm, and Broadcom, was hit with a WannaCry infection last weekend that knocked out production for a few days and will cost the firm millions of dollars.Most chip companies are fabless, meaning they don’t make their own chips. It’s a massively expensive process, as Intel has learned. Most, like the aforementioned firms, simply design the chips and farm out the manufacturing process, and TSMC is by far the biggest player in that field.CEO C.C. Wei told Bloomberg that TSMC wasn’t targeted by a hacker; it was an infected production tool provided by an unidentified vendor that was brought into the company. The company is overhauling its procedures after encountering a virus more complex than initially thought, he said.To read this article in full, please click here
Cisco today laid out $2.35 billion in cash and stock for network- identity, authentication and security company Duo.According to Cisco, Duo helps protect organizations against cyber breaches through the company’s cloud-based software that verifies the identity of users and the health of their devices before granting access to applications with the idea of preventing breaches and account takeover.[ Learn who's developing quantum computers.]
A few particulars of the deal include:To read this article in full, please click here
Troy Gill, manager of security research at AppRiver, explains conversation hijacking attacks, or CHAs, with host Steve Ragan, including who is typically targeted and how to prevent them.
Asaf Cidon, vice president of email security at Barracuda Networks, talks with host Steve Ragan about a recent uptick in phishing attacks, including a spike in business email compromise (BEC) attacks.
When selecting VPN routers, small businesses want ones that support the VPN protocols they desire as well as ones that fit their budgets, are easy to use and have good documentation.We looked at five different models from five different vendors: Cisco, D-Link, and DrayTek, Mikrotik and ZyXEL. Our evaluation called for setting up each unit and weighing the relative merits of their price, features and user-friendliness.[ Learn who's developing quantum computers.]
Below is a quick summary of the results:To read this article in full, please click here(Insider Story)
When selecting VPN routers, small businesses want ones that support the VPN protocols they desire as well as ones that fit their budgets, are easy to use and have good documentation.We looked at five different models from five different vendors: Cisco, D-Link, and DrayTek, Mikrotik and ZyXEL. Our evaluation called for setting up each unit and weighing the relative merits of their price, features and user-friendliness.[ Learn who's developing quantum computers.]
Below is a quick summary of the results:To read this article in full, please click here(Insider Story)
As consumer Internet of Things (IoT) devices inevitably find their way into the workplace, IT pros need to isolate them from the rest of the enterprise network, perhaps on a network of their own, so they don’t become backdoors exploitable by attackers, according to the head of the Online Trust Alliance.Jeff Wilbur, the director of the alliance, which is an initiative within the larger Internet Society, says that it is better to embrace employees’ IoT devices and allow them to be used safely than to ban them and risk their unauthorized, unprotected use that could undermine network security.To read this article in full, please click here
Paul Vixie, CEO of Farsight Security, explains how global Internationalized Domain Names, or global IDNs, sparked the emergence of confusingly similar website addresses with nefarious goals -- and how to combat them.