Networks
The latest technologies and best practices to secure local, virtual, cloud, and hybrid networks.
-
Critical Infrastructure, ICS/SCADA Systems Under Attack by Advanced Threat Groups
Critical infrastructure, industrial control (ICS) and supervisory control and data acquisition (SCADA) systems are under increasing threat of cyber attacks, according to a number of recent warnings from government agencies and private security researchers. CERT-UA (Computer Emergency Response Team of Ukraine) reported a major attack on Ukrainian energy infrastructure last week. Researchers at ESET and…
-
Top 8 Deception Tools
As technologies advance, and cyber threats with them, deception has become a big part of the 21st century cybersecurity battle. From bank transfer cons to CEO fraud to elaborate phishing and spear phishing campaigns, cyber criminals have been quick to use deception as a major means of infiltrating networks and systems, and for remaining undetected…
-
SAML: Still Going Strong After Two Decades
SAML is an open standard facilitating the communication and verification of credentials between identity providers and service providers for users everywhere. In 2005, the open standard consortium OASIS released SAML 2.0 to broad appeal. As smart mobile devices boomed, so did the number of web applications and the need to address never-ending logins. SAML was…
-
Addressing Remote Desktop Attacks and Security
The Remote Desktop Protocol (RDP) has long been essential for IT service management and remote access. Still, in the wrong hands, RDP attacks and vulnerabilities related to remote desktop software are a severe threat. Recent years presented a torrent of research showing how vulnerable RDP systems are for organizations not taking additional cybersecurity precautions. Because…
-
Top Security Orchestration, Automation and Response (SOAR) Solutions
Organizations are under pressure on both the cybersecurity and staffing fronts. They often struggle to fill vital security roles such as security analysts, leaving their data and infrastructure vulnerable to attacks at a time when cyber threats are soaring. One way to alleviate the strain on security operation centers (SOCs) is to reinforce the security…
-
U.S. Security Agencies Release Network Security, Vulnerability Guidance
The U.S. National Security Agency (NSA) released comprehensive network security guidance on March 3, on the same day that the Cybersecurity and Infrastructure Security Agency (CISA) released its longest-ever list of exploited vulnerabilities. With organizations around the world on heightened alert in the wake of Russia’s unprovoked war against Ukraine, government agencies have stepped up…
-
SANS Outlines Critical Infrastructure Security Steps as Russia, U.S. Trade Cyberthreats
Critical infrastructure security has moved to the forefront of cybersecurity concerns amid the Russian invasion of Ukraine – and in at least one case has led to some pretty unique cybersecurity advice. Despite Russia and the U.S. trading cyber threats – and one disputed NBC News report that outlined possible options presented to U.S. President…
-
Three Ways to Protect Unfixable Security Risks
How can a hospital protect an MRI machine with an unchangeable password and still connect it to the network? How can an industrial recycler safely secure its $400,000 hard drive recertification rack with control software that only runs on Windows XP? These are not uncommon risks. The devices themselves can’t be secured, but that doesn’t…
-
What is Cybersecurity Risk Management?
Risk management is a concept that has been around as long as companies have had assets to protect. The simplest example may be insurance. Life, health, auto, and other insurance are all designed to help a person protect against losses. Risk management also extends to physical devices, such as doors and locks to protect homes…
-
SIEM vs. SOAR vs. XDR: What Are The Differences?
Endpoint security and firewalls are two foundational elements of enterprise security, but with remote work, IoT devices and other technologies expanding the boundaries of the network edge, centralized management and response tools increasingly have become a core security component too. These central management tools – SIEM (security information and event management), SOAR (security orchestration, automation…
