ThreatsHub.org
The network switch vulnerabilities are considered critical and could allow attackers to break network segmentation, exfiltrate data, and escape captive portals. READ MORE HERE…
Learn how supply chains, shadow IT, and other factors are growing the external attack surface—and where you need to defend your enterprise.
The post Discover the anatomy of an external cyberattack surface with new RiskIQ report appeared first on Microsoft Security Blog. READ MORE HERE…
Why is it that over 90% of enterprises tell me that they expect to spend more on security over the next three years, and almost 60% say they expect to spend less on networking? We obviously think that network technology is getting more efficient, more competitive. Why isn’t that the case for security? The short answer is that enterprises have been chasing acronyms and not solutions.Acronym-chasing comes about because by nature, security is hard to plan for. The average network expert finds out there’s an issue because some higher-up reads or hears about a breach. Maybe they do a quick search, and they find out that what they really need is SASE. Or maybe they need SSE, which we’re told is SASE without SD-WAN. In any event, what happens is that there’s pressure to add this new thing on, and that creates another layer of protection…maybe. Complication and cost? Surely.To read this article in full, please click here READ MORE HERE…
Why is it that over 90% of enterprises tell me that they expect to spend more on security over the next three years, and almost 60% say they expect to spend less on networking? We obviously think that network technology is getting more efficient, more competitive. Why isn’t that the case for security? The short answer is that enterprises have been chasing acronyms and not solutions.Acronym-chasing comes about because by nature, security is hard to plan for. The average network expert finds out there’s an issue because some higher-up reads or hears about a breach. Maybe they do a quick search, and they find out that what they really need is SASE. Or maybe they need SSE, which we’re told is SASE without SD-WAN. In any event, what happens is that there’s pressure to add this new thing on, and that creates another layer of protection…maybe. Complication and cost? Surely.To read this article in full, please click here READ MORE HERE…
Key US government security organizations are warning that industrial control system (ICS)/supervisory control and data acquisition (SCADA)-based networks are being threatened by bad actors armed with custom software tools.The Department of Energy (DOE), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint warning that certain advanced persistent threat (APT) actors have shown the ability to gain full system access to compromised ICS/SCADA systems.The alert did not identify which groups were making the threats, but it did recognize Dragos, Mandiant, Microsoft, Palo Alto Networks and Schneider Electric for helping put together the warning. Dragos has posted a paper about part of the threat.To read this article in full, please click here READ MORE HERE…
Virtualization and cloud vendor VMware this week disclosed eight vulnerabilities in five of its products, and urged users of Workspace ONE Access and all its products that include VMware Identity Manager components to patch immediately.Three of those vulnerabilities were rated critical on the CVSSv3 scale—two of them contain the possibility for remote code execution, while the third would allow a bad actor to bypass VMware’s user authentication systems to execute unauthorized operations.To read this article in full, please click here READ MORE HERE…
Picking just 10 Linux open source security tools isn’t easy, especially when network professionals and security experts have dozens if not several hundred tools available to them.There are different sets of tools for just about every task—network tunneling, sniffing, scanning, mapping. And for every environment—Wi-Fi networks, Web applications, database servers.We consulted a group of experts (Vincent Danen, vice president of product security, RedHat; Casey Bisson, head of product growth, BluBracket; Andrew Schmitt, a member of the BluBracket Security Advisory Panel; and John Hammond, senior security researcher, Huntress) to develop this list of must-have Linux security tools.To read this article in full, please click here READ MORE HERE…
Fortinet has made available a new release of its core FortiOS software that includes features the vendor says will help enterprises more tightly meld security and networking controls.FortiOS 7.2, has 300 new features including AI support to help stop network threats more quickly, sandboxing to help fight ransomware threats, and improved SD-WAN, branch, and edge orchestration.How to choose an edge gateway
FortiOS is the vendor’s operating system for the FortiGate family of hardware and virtual components. FortiOS implements Fortinet Security Fabric and includes network security such as firewalling, access control, and authentication in addition to SD-WAN, switching, and wireless services. To read this article in full, please click here READ MORE HERE…
In a zero-trust environment, trust is not static. Behavior has to be visible for trust to persist.One of the most important differences between old thinking on networking and the zero-trust mindset is the inversion of thinking on trust. Pre-ZT, the assumption was this: Once you get on the network, you are assumed to be allowed to use it any way you want until something extraordinary happens that forces IT to shut you down and remove your access. You are assumed broadly trustworthy, and confirming that status positively is very rare. It is also very rare to have that status revoked.To read this article in full, please click here READ MORE HERE…
Zero trust (ZT) is a mindset and a method, not a technology. The current push to adopt ZT is driven by an urgent and growing need to make a major leap forward in risk management and attack containment in enterprise networks, a need driven home by every successive wave of ransomware. IT can use the urgency of moving to ZT to root out some of the technical debt in the environment. Specifically, it can be a catalyst to find areas exempted from network and network security standards and bring them up to date under the new paradigm of zero trust.No more exempting network components from access-control roles
In a ZT environment, the network not only doesn’t trust a node new to it, but it also doesn’t trust nodes that are already communicating across it. When a node is first seen by a ZT network, the network will require that the node go through some form of authentication and authorization check. Does it have a valid certificate to prove its identity? Is it allowed to be connected where it is based on that identity? Is it running valid software versions, defensive tools, etc.? It must clear that hurdle before being allowed to communicate across the network.To read this article in full, please click here READ MORE HERE…