NEWS: NETWORK WORLD SECURITY
Setup News Ticker
   NEWS: NETWORK WORLD SECURITY
Network World Security
Nov 15, 2019

IoT in 2020: The awkward teenage years
Much of the hyperbole around the Internet of Things isn't really hyperbole anymore - the instrumentation of everything from cars to combine harvesters to factories is just a fact of life these days. IoT's here to stay.

Yet despite the explosive growth - one widely cited prediction from Gartner says that the number of enterprise and automotive IoT endpoints will reach 5.8 billion in 2020 - the IoT market's ability to address its known flaws and complications has progressed at a far more pedestrian pace. That means ongoing security woes and a lack of complete solutions are most of what can be safely predicted for the coming year.

To read this article in full, please click here



Network World Security
Nov 14, 2019

Balancing patient security with healthcare innovation | TECH(talk)
Healthcare organizations are one of the most targeted verticals when it comes to cyberattacks. While those organizations must work to secure patients' sensitive data, it can also be helpful to analyze that data to improve patient outcomes. Jason James, CIO of Net Health, joins Juliet to discuss why attackers target healthcare organizations, Google's Project Nightingale and what it means for a tech giant to have access to the medical data of millions of people.

Network World Security
Nov 13, 2019

Red Hat Responds to Zombieload v2
Three Common Vulnerabilities and Exposures (CVEs) opened yesterday track three flaws in certain Intel processors, which, if exploited, can put sensitive data at risk.

Of the flaws reported, the newly discovered Intel processor flaw is a variant of the Zombieload attack discovered earlier this year and is only known to affect Intel's Cascade Lake chips.

[Get regularly scheduled insights by signing up for Network World newsletters.] Red Hat strongly suggests that all Red Hat systems be updated even if they do not believe their configuration poses a direct threat, and it is providing resources to their customers and to the enterprise IT community.

To read this article in full, please click here



Network World Security
Nov 13, 2019

Get 70% off NordVPN Virtual Private Network Service 3 months free - Deal Alert
Safeguard yourself against snoops, and access blocked content with this no-log VPN service. NordVPN has discounted their popular VPN software 70%, with 3 extra months on top. Use our link and see the discount applied when you click "buy now".

Network World Security
Nov 12, 2019

SASE is more than a buzzword for BioIVT
It seems the latest buzzword coming from those analysts at Gartner is SASE (pronounced "sassy"), which stands for "Secure Access Service Edge." Network World has published several articles recently to explain what SASE is (and perhaps isn't). See Matt Conran's The evolution to Secure Access Service Edge (SASE) is being driven by necessity as well as Zeus Kerravala's article How SD-WAN is evolving into Secure Access Service Edge.

To read this article in full, please click here



Network World Security
Nov 07, 2019

How to harden web browsers against cyberattacks
Use these techniques to limit attackers' ability to compromise systems and websites.

Network World Security
Nov 07, 2019

Printers: The overlooked security threat in your enterprise | TECHtalk
Printers, often a forgotten target in the enterprise, are vulnerable to all the usual cyberattacks. Watch as IDG TECH(talk) hosts Ken Mingis and Juliet Beauchamp and CSO Online's J.M. Porup discuss the threats to these devices, plus how to secure them and protect your network.

Network World Security
Nov 06, 2019

Cisco Meraki ups security with new switch, software
Cisco Meraki has introduced new hardware and software the company says will help customers more effectively support and secure a wide variety of distributed network resources.

The new products, which include a raft of new security features as well a new class of switches and a cellular gateway will help Meraki address customers who perhaps don't have the IT expertise nor staffing to support the increasing number of devices that need to be managed, said Lawrence Huang, vice president of product management at Cisco Meraki.

Network pros react to new Cisco certification curriculum "Threat vectors are evolving and the way customers need to protect themselves need to evolve as well - how customers support applications and IoT devices exemplify the idea its not just one perimeter that needs protecting but a collection of micorperimenters," Huang said.

To read this article in full, please click here



Network World Security
Nov 05, 2019

Boeing's insecure networks threaten security and safety
Aircraft manufacturer Boeing's insecure networks leave the company--and potentially its aircraft--at risk of exploitation. Security researcher Chris Kubecka uncovered these threats in April, and new reporting by CSO's J.M. Porup reveals little has been done to patch these vulnerabilities. They both join Juliet to discuss how Kubecka discovered this information and what it means for national security and passenger safety.

Network World Security
Nov 05, 2019

Boeing's unsecure networks threaten security and safety
Aircraft manufacturer Boeing's unsecure networks leave the company--and potentially its aircraft--at risk of exploitation. Security researcher Chris Kubecka uncovered these threats in April, and new reporting by CSO's J.M. Porup reveals little has been done to patch these vulnerabilities. They both join Juliet to discuss how Kubecka discovered this information and what it means for national security and passenger safety.

Network World Security
Nov 05, 2019

VMware amps security with in-house, Carbon Black technology
VMware is moving quickly to meld its recently purchased Carbon Black technology across its product lines with an eye toward helping users protect their distributed enterprises.

VMware just closed the $2.1 billion buy of cloud-native endpoint-security vendor Carbon Black in October and in the process created a new security business unit that will target cybersecurity and analytics to protect networked enterprise resources.

More about edge networking

To read this article in full, please click here



Network World Security
Nov 04, 2019

A VPN service that gets around the Great Firewall of China legally
The saying goes that China is the world's factory. For many companies around the world, their products or components of their products are produced in mainland China. At the same time, China's population of more than a billion people makes it one of the world's largest consumer markets. Thus, for either production or sales, many companies want to do business in China and have established facilities there.

On the networking front, this means that multinational companies need to extend their wide area network into China to support their large or rapidly growing operations—and that's easier said than done.

[Get regularly scheduled insights by signing up for Network World newsletters.] Many organizations had done this using VPNs, but in early 2018, the Chinese government placed restrictions on IPsec traffic to basically block it from going in and out of the country. The Ministry of Industry and Information Technology (MIIT) said these restrictions are in accordance with the China Cross-border Data Telecommunications Industry Alliance (CDTIA), which was created to regulate cross-border data communication.

To read this article in full, please click here



Network World Security
Nov 04, 2019

An SD-WAN service that gets around the Great Firewall of China legally
The saying goes that China is the world's factory. For many companies around the world, their products or components of their products are produced in mainland China. At the same time, China's population of more than a billion people makes it one of the world's largest consumer markets. Thus, for either production or sales, many companies want to do business in China and have established facilities there.

On the networking front, this means that multinational companies need to extend their wide area network into China to support their large or rapidly growing operations—and that's easier said than done.

[Get regularly scheduled insights by signing up for Network World newsletters.] Many organizations had done this using VPNs, but in early 2018, the Chinese government placed restrictions on IPsec traffic to basically block it from going in and out of the country. The Ministry of Industry and Information Technology (MIIT) said these restrictions are in accordance with the China Cross-border Data Telecommunications Industry Alliance (CDTIA), which was created to regulate cross-border data communication.

To read this article in full, please click here



Network World Security
Oct 30, 2019

IoT roundup: Carriers expand NB-IoT, Congress eyes IoT security …
A powerful IoT networking technology used by the major carriers continues to gain ground, Congress makes noise about training and a prominent researcher warns of security trouble ahead.

Network World Security
Oct 30, 2019

How to and why you should disable LLMNR with Windows Server
Link-Local Multicast Name Resolution could enable a man-in-the-middle attack, so it's best to disable the protocol when setting up Windows Server 2019.

Network World Security
Oct 28, 2019

How SD-WAN is evolving into Secure Access Service Edge
SASE, pronounced "sassy," stands for secure access service edge, and it's being positioned by Gartner as the next big thing in enterprise networking. The technology category, which Gartner and other network experts first introduced earlier this year, converges the WAN edge and network security into a cloud-based, as-a-service delivery model. According to Gartner, the convergence is driven by customer demands for simplicity, scalability, flexibility, low latency, and pervasive security.

SASE brings together security and networking A SASE implementation requires a comprehensive technology portfolio that only a few vendors can currently deliver. The technology is still in its infancy, with less than 1% adoption. There are a handful of existing SD-WAN providers, including Cato Networks, Juniper, Fortinet and Versa, that are expected to compete in the emerging SASE market. There will be other SD-WAN vendors jumping on this wagon, and the industry is likely to see another wave of startups. 

To read this article in full, please click here



Network World Security
Oct 28, 2019

IoT roundup: Carriers expand NB-IoT footprints, Congress eyes security bill, and 'IT asbestos' looms
The major U.S. mobile carriers are eager participants in the rise of IoT, and it's tough to argue that they don't have a major role to play - the ability to connect largely anywhere, coupled with the ability to handle high-throughput applications, means that cellular data can be an attractive option for the connectivity piece of an IoT deployment.

AT&T announced a deal with Vodafone last week to interconnect their respective narrow-band IoT networks across the Atlantic, mating AT&T's U.S. coverage with Vodafone's in western Europe. That means that businesses with NB-IoT deployments in those areas can use that single network to connect their entire implementation. Not to be outdone, Sprint announced that it, too, is rolling out NB-IoT on its Curiosity IoT platform. Sprint shared its plans during a panel discussion at Mobile World Congress in Los Angeles last week.

To read this article in full, please click here



Network World Security
Oct 28, 2019

IoT roundup: VMware, Nokia beef up their IoT
The major U.S. mobile carriers are eager participants in the rise of IoT, and it's tough to argue that they don't have a major role to play - the ability to connect largely anywhere, coupled with the ability to handle high-throughput applications, means that cellular data can be an attractive option for the connectivity piece of an IoT deployment.

AT&T announced a deal with Vodafone last week to interconnect their respective narrow-band IoT networks across the Atlantic, mating AT&T's U.S. coverage with Vodafone's in western Europe. That means that businesses with NB-IoT deployments in those areas can use that single network to connect their entire implementation. Not to be outdone, Sprint announced that it, too, is rolling out NB-IoT on its Curiosity IoT platform. Sprint shared its plans during a panel discussion at Mobile World Congress in Los Angeles last week.

To read this article in full, please click here



Network World Security
Oct 24, 2019

Gartner crystal ball: Looking beyond 2020 at the top IT-changing technologies
ORLANDO -  Forecasting long-range IT technology trends is a little herding cats - things can get a little crazy.

But Gartner analysts have specialized in looking forwardth, boasting an 80 percent  accuracy rate over the years, Daryl Plummer, distinguished vice president and Gartner Fellow told the IT crowd at this year's IT Symposium/XPO.  Some of those successful prediction have included the rise of automation, robotics, AI technology  and other ongoing trends.

Now see how AI can boost data-center availability and efficiency Like some of the other predictions Gartner has made at this event, this year's package of predictions for 2020 and beyond is heavily weighted toward the human side of technology rather than technology itself. 

To read this article in full, please click here



Network World Security
Oct 23, 2019

How to double-check permissions post migration from Windows 7
It pays to make sure all permissions in your Windows environment are correct after migrating from Windows 7 or Server 2008 R2. Here's how to check.

Network World Security
Oct 22, 2019

Cisco issues critical security warning for IOS XE REST API container
Cisco this week said it issued a software update to address a vulnerability in its Cisco REST API virtual service container for Cisco IOS XE software that scored a critical 10 out of 10 on the Common Vulnerability Scoring System (CVSS) system.

With the vulnerability an attacker could submit malicious HTTP requests to the targeted device and if successful, obtain the token-id of an authenticated user. This token-id could be used to bypass authentication and execute privileged actions through the interface of the REST API virtual service container on the affected Cisco IOS XE device, the company said.

To read this article in full, please click here



Network World Security
Oct 22, 2019

Your best defense against insider threats | TECH(talk)
When employees are your weakest link, companies must have programs in place to prevent them from accidentally or intentionally putting the organization at risk. Watch as TECHtalk hosts Ken Mingis and Juliet Beauchamp discuss various options with CSO's Lucian Constantin.

Network World Security
Oct 21, 2019

Train to be a certified cyber security professional for just $39
Cyber crime is responsible for a staggering amount of damage and chaos around the world. Want to be a part of the solution? Then train for a career in this demanding field with The A to Z Cyber Security and IT Certification Training Bundle.

This e-training bundle is perfect for anyone who has an interest in putting a stop to cyber crime. It includes twelve courses that'll introduce students to ethical hacking methods, show them how to test a network for weaknesses, and identify problems so they can be fixed prior to being exploited. It's fast, flexible, and you can even apply your training in preparation for several certification exams

To read this article in full, please click here



Network World Security
Oct 16, 2019

Microsoft's Windows, Office 365 advice for secure elections
Microsoft has issued guidance and offered resources to help election officials and candidate campaigns to better protect their Windows and Office 365 systems.

Network World Security
Oct 11, 2019

Can microsegmentation help IoT security?
The Internet of Things (IoT) promises some big benefits for organizations, such as greater insights about the performance of corporate assets and finished products, improved manufacturing processes, and better customer services. The nagging security issues related to IoT, unfortunately, remain a huge concern for companies and in some cases might be keeping them from moving forward with initiatives. One possible solution to at least some of the security risks of IoT is microsegmentation, a  concept in networking that experts say could help keep IoT environments under control.

To read this article in full, please click here

(Insider Story)

Network World Security
Oct 10, 2019

VMware builds security unit around Carbon Black tech
VMware has wrapped up its $2.1 billion buy of cloud-native endpoint-security vendor Carbon Black and in the process created a new security business unit that will target cybersecurity and analytics to protect networked enterprise resources.

When VMware announced the acquisition in August, its CEO Pat Gelsinger said he expected Carbon Black technology to be integrated across VMware's product families such as NSX networking software and vSphere, VMware's flagship virtualization platform. "Security is broken and fundamentally customers want a different answer in the security space. We think this move will be an opportunity for major disruption," he said. 

To read this article in full, please click here



Network World Security
Oct 08, 2019

Top enterprise VPN vulnerabilities
Don't assume VPNs are always safe. These popular enterprise VPNs all have known remote code execution vulnerabilities.

Network World Security
Oct 02, 2019

How to safely erase data under Windows
Bitlocker and self-encrypting hard drives can make it easier to erase data so that it cannot be recovered. This is how the "crypto-erase" method works.

Network World Security
Sep 30, 2019

IoT roundup: Security holes abound, GE Digital makes noise and more
This week, we look at IoT security holes -- both usual and unusual -- an IIoT player makes a move, and mergers and partnerships worth noting.

Network World Security
Sep 26, 2019

Cisco: 13 IOS, IOS XE security flaws you should patch now
Cisco this week warned its IOS and IOS XE customers of 13 vulnerabilities in the operating system software they should patch as soon as possible.

All of the vulnerabilities - revealed in the company's semiannual IOS and IOS XE Software Security Advisory Bundle - have a security impact rating (SIR) of "high". Successful exploitation of the vulnerabilities could allow an attacker to gain unauthorized access to, conduct a command injection attack on, or cause a denial of service (DoS) condition on an affected device, Cisco stated. 

"How to determine if Wi-Fi 6 is right for you" Two of the vulnerabilities affect both Cisco IOS Software and Cisco IOS XE Software. Two others affect Cisco IOS Software, and eight of the vulnerabilities affect Cisco IOS XE Software. The final one affects the Cisco IOx application environment. Cisco has confirmed that none of the vulnerabilities affect Cisco IOS XR Software or Cisco NX-OS Software.  Cisco has released software updates that address these problems.

To read this article in full, please click here



Network World Security
Sep 25, 2019

How to move users to the Outlook app with Intune
Microsoft is turning off basic authentication, so it's wise to move mobile users to the Outlook app to better protect them from attackers.

Network World Security
Sep 18, 2019

How to monitor Windows to prevent credential theft attacks
Attackers are now enabling WDigest credential caching to allow them to harvest credentials. Here's how to spot it.

Network World Security
Sep 17, 2019

All about U.S. tech antitrust investigations | TECH(feed)
Four large tech companies -- Apple, Amazon, Google and Facebook are under investigation in the U.S. for allegedly anticompetitive behavior. These antitrust investigations on both the federal and state levels are aimed at uncovering the practices these companies engage in to eliminate competition. In this episode of TECH(feed), Juliet discusses the House investigation into big tech and how Congress plans to investigate potential wrongdoing by these companies.

Network World Security
Sep 17, 2019

Review: Blue Hexagon may make you rethink perimeter security
This fully functional, fully trained cybersecurity tool is ready on day 1 to spot threats on whatever network it's charged with protecting.

Network World Security
Sep 13, 2019

Shining light on dark data, shadow IT and shadow IoT
What's lurking in the shadows of YOUR organization? What you don't know can hurt you. Insider Pro columnist Mike Elgan looks at how your business is at risk and offers six steps to minimize it.

Network World Security
Sep 11, 2019

To secure industrial IoT, use segmentation instead of firewalls
The internet of things (IoT) has been top of mind for network and security professionals for the better part of the past five years. This has been particularly true for the area of industrial IoT (IIoT). Connected industrial devices are nothing new, but most IT people aren't familiar with them because they have been managed by operational technology (OT) teams. More and more, though, business leaders want to bring OT and IT together to drive better insights from the combined data set.

While there are many advantages to merging IT and OT and having IIoT fall under IT ownership, it has a profound impact on the cybersecurity team because it introduces several new security threats. Each connected endpoint, if breached, creates a backdoor into the other systems.

To read this article in full, please click here



Network World Security
Sep 11, 2019

How to set up Microsoft Teams for security and compliance
These are the security and compliance decisions you need to make when deploying Microsoft Teams.

Network World Security
Sep 06, 2019

How the California Consumer Privacy Act (CCPA) will affect you and your business | TECH(talk)
The California Consumer Privacy Act (CCPA) is, in some ways, similar to Europe's GDPR. This rule, which goes into effect in 2020, gives individual users more ownership over their own data. Users can even refuse to allow companies to sell their online data. As the compliance deadline approaches, CSO Online contributor Maria Kolokov and senior editor Michael Nadeau discuss with Juliet how CCPA may shift business models, change online behavior and reveal where exactly our data has been. Some tech companies, like Google, are even trying to exempt themselves from regulation. Failure to adhere to the rule could be an "extinction level" event.

Network World Security
Sep 06, 2019

HPE's vision for the intelligent edge
It's not just speeds and feeds anymore, it's intelligent software, integrated security and automation that will drive the networks of the future.

That about sums up the networking areas that Keerti Melkote, HPE's President, Intelligent Edge, thinks are ripe for innovation in the next few years.He has a broad perspective because his role puts him in charge of the company's networking products, both wired and wireless.

Now see how AI can boost data-center availability and efficiency "On the wired side, we are seeing an evolution in terms of manageability," said Melkote, who founded Aruba, now part of HPE. "I think the last couple of decades of wired networking have been about faster connectivity. How do you go from a 10G to 100G Ethernet inside data centers? That will continue, but the bigger picture that we're beginning to see is really around automation." 

To read this article in full, please click here



Network World Security
Sep 05, 2019

FTC fines YouTube, but do fines really encourage change? | TECH(feed)
The FTC hit yet another tech company with a seemingly massive fine for mishandling user data. This time, YouTube, owned by Google, is forced to pay $170 million for collecting data about children under 13 without parental consent. The Federal Trade Commission slapped Facebook with a $5 billion fine just a few months ago. In this episode of TECH(feed), Juliet asks whether or not these fines are effective in regulating the tech industry.

Network World Security
Sep 05, 2019

Exploit found in Supermicro motherboards could allow for remote hijacking
A security group discovered a vulnerability in three models of Supermicro motherboards that could allow an attacker to remotely commandeer the server. Fortunately, a fix is already available.

Eclypsium, which specializes in firmware security, announced in its blog that it had found a set of flaws in the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11.

[ Also see: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ] BMCs are designed to permit administrators remote access to the computer so they can do maintenance and other updates, such as firmware and operating system patches. It's meant to be a secure port into the computer while at the same time walled off from the rest of the server.

To read this article in full, please click here



Network World Security
Sep 05, 2019

Flaw found in Supermicro motherboards could allow for remote hijacking
A security group discovered a vulnerability in three models of Supermicro motherboards that could allow an attacker to remotely commandeer the server. Fortunately, a fix is already available.

Eclypsium, which specializes in firmware security, announced in its blog that it had found a set of flaws in the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11.

[ Also see: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ] BMCs are designed to permit administrators remote access to the computer so they can do maintenance and other updates, such as firmware and operating system patches. It's meant to be a secure port into the computer while at the same time walled off from the rest of the server.

To read this article in full, please click here



Network World Security
Sep 04, 2019

How to disable basic or legacy authentication to set up MFA in Office 365
Microsoft recommends setting up multi-factor authentication in Windows 10 for better security, but you have to disable basic or legacy authentication first.

Network World Security
Sep 03, 2019

IoT security essentials: Physical, network, software
Even in the planning stages of a deployment, IoT security is one of the chief stumbling blocks to successful adoption of the technology.

And while the problem is vastly complicated, there are three key angles to think about when laying out how IoT sensors will be deployed in any given setup: How secure are the device themselves, how many are there and can they receive security patches.

Physical access Physical access is an important but, generally, straightforward consideration for traditional IT security. Data centers can be carefully secured, and routers and switches are often located in places where they're either difficult to fiddle with discreetly or difficult to access in the first place.

To read this article in full, please click here



Network World Security
Aug 29, 2019

3 leading network access control products reviewed
Real IT users evaluate network access control solutions: Cisco Identity Services Engine, Aruba ClearPass and ForeScout CounterACT. (Download the 27-page comparison.)

Network World Security
Aug 28, 2019

What is phishing? Learn how this attack works
Phishing is a method of trying to gather personal information using deceptive e-mails and websites. Here's what you need to know about this increasingly sophisticated form of cyberattack.

Network World Security
Aug 26, 2019

Top 5 IoT networking security mistakes
Even though Brother International is a supplier of many  IT products, from machine tools to head-mounted displays to industrial sewing machines, it's best known for printers. And in today's world, those printers are no longer stand-alone devices, but components of the internet of things.

That's why I was interested in this list from Robert Burnett, Brother's director, B2B product & solution - basically, the company's point man for large customer implementations. Not surprisingly, Burnett focuses on IoT security mistakes related to printers and also shares Brother's recommendations for dealing with the top five.

To read this article in full, please click here



Network World Security
Aug 23, 2019

VMware spends $4.8B to grab Pivotal, Carbon Black to secure, develop integrated cloud world
All things cloud are major topics of conversation at the VMworld user conference next week, ratcheded up a notch by VMware's $4.8 billion plans to acquire cloud development firm Pivotal and security provider Carbon Black.

VMware said during its quarterly financial call this week it would spend about $2.7 billion on Pivotal and its Cloud Foundry hybrid cloud development technology, and about $2.1 billion for the security technology of Carbon Black, which includes its Predictive Security Cloud and other endpoint-security software.  Both amounts represent the enterprise value of the deals the actual purchase prices will vary, experts said.

To read this article in full, please click here



Network World Security
Aug 22, 2019

VMware spends $4.2B to grab Pivotal, Carbon Black to secure, develop integrated cloud world
All things cloud are certain to be major topics next week at the VMworld user conference, but VMware took things up a notch with plans to spend $4.2 billion to acquire cloud-development firm Pivotal, and security provider Carbon Black.

During its quarterly financial call VMware said it would spend about $2.7 billion on Pivotal and its Cloud Foundry hybrid cloud development technology and another $2.1 billion for Carbon Black, which includes its Predictive Security Cloud offering and other endpoint-security software.

[ Check out What is hybrid cloud computing and learn what you need to know about multi-cloud. | Get regularly scheduled insights by signing up for Network World newsletters. ] VMware had deep relationships with both companies. Carbon Black technology is part of VMware's AppDefense end point security product. Pivotal has a deeper relationship in that VMware and Dell, VMware's parent company spun out Pivotal in 2013.

To read this article in full, please click here



Network World Security
Aug 22, 2019

Texas ransomware attacks: to pay or not to pay? | TECH(feed)
Nearly two dozen cities in Texas have been hit by a ransomware attack executed by a single threat actor. These attacks beg the question: Is it ever worth it to pay a cyber attacker's ransom? In this episode of TECH(feed), Juliet discusses the pattern of ransomware attacks on local governments, how municipalities have responded and how to prevent a ransomware attack in the first place.

Network World Security
Aug 22, 2019

Don't worry about shadow IT. Shadow IoT is much worse.
For years, IT departments have been railing about the dangers of shadow IT and bring-your-own-device. The worry is that these unauthorized practices bring risks to corporate systems, introducing new vulnerabilities and increasing the attack surface.

That may be true, but it's not the whole story. As I've long argued, shadow IT may increase risks, but it can also cut costs, boost productivity and speed innovation. That's why users are often so eager to circumvent what they see as slow and conservative IT departments by adopting increasingly powerful and affordable consumer and cloud-based alternatives, with or without the blessing of the powers that be. Just as important, there's plenty of evidence of that enlightened IT departments should work to leverage those new approaches to serve their internal customers in a more agile manner.

To read this article in full, please click here



Network World Security
Aug 21, 2019

Cisco: 6 critical security alarms for UCS software, small-biz routers
Cisco today warned its Unified Computing System (UCS) customers about four critical fixes they need to make to stop nefarious agents from taking over or attacking their systems.The problems all have a severity rating of 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS).

The critical bugs are found in the Cisco UCS Director and UCS Director Express for Big Data packages.

To read this article in full, please click here



Network World Security
Aug 21, 2019

How to avoid using RDP in Windows
Several new vulnerability disclosures in Windows Remote Desktop Protocol suggest it's time to stop using it. Here's how.

Network World Security
Aug 16, 2019

Get ready for the convergence of IT and OT networking and security
Most IT networking professionals are so busy with their day-to-day responsibilities that they don't have time to consider taking on more work. But for companies with an industrial component, there's an elephant in the room that is clamoring for attention. I'm talking about the increasingly common convergence of IT and operational technology (OT) networking and security.

Traditionally, IT and OT have had very separate roles in an organization. IT is typically tasked with moving data between computers and humans, whereas OT is tasked with moving data between "things," such as sensors, actuators, smart machines, and other devices to enhance manufacturing and industrial processes. Not only were the roles for IT and OT completely separate, but their technologies and networks were, too.

To read this article in full, please click here



Network World Security
Aug 12, 2019

How SD-Branch addresses today's network security concerns
Secure software-defined WAN (SD-WAN) has become one of the hottest new technologies, with some reports claiming that 85% of companies are actively considering SD-WAN to improve cloud-based application performance, replace expensive and inflexible fixed WAN connections, and increase security.

But now the industry is shifting to software-defined branch (SD-Branch), which is broader than SD-WAN but introduced several new things for organizations to consider, including better security for new digital technologies. To understand what's required in this new solution set, I recently sat down with John Maddison, Fortinet's executive vice president of products and solutions.

To read this article in full, please click here



Network World Security
Aug 07, 2019

How to set up Edge Chromium security options
Edge Chromium can provide more protection for organizations that use older versions of Windows.

Network World Security
Aug 06, 2019

Microsoft finds Russia-backed attacks that exploit IoT devices
The STRONTIUM hacking group, which has been strongly linked by security researchers to Russia's GRU military intelligence agency, was responsible for an IoT-based attack on unnamed Microsoft customers, according to the company. a blog post from the company's security response center issued Monday.

Microsoft said in a blog that the attack, which it discovered in April, targeted three specific IoT devices - a VoIP phone, a video decoder and a printer (the company declined to specify the brands) - and used them to gain access to unspecified corporate networks. Two of the devices were compromised because nobody had changed the manufacturer's default password, and the other one hadn't had the latest security patch applied.

To read this article in full, please click here



Network World Security
Aug 05, 2019

Is your enterprise software committing security malpractice?
Back when this blog was dedicated to all things Microsoft I routinely railed against the spying aspects of Windows 10. Well, apparently that's nothing compared to what enterprise security, analytics, and hardware management tools are doing.

An analytics firm called ExtraHop examined the networks of its customers and found that their security and analytic software was quietly uploading information to servers outside of the customer's network. The company issued a report and warning last week.

ExtraHop deliberately chose not to name names in its four examples of enterprise security tools that were sending out data without warning the customer or user. A spokesperson for the company told me via email, "ExtraHop wants the focus of the report to be the trend, which we have observed on multiple occasions and find alarming. Focusing on a specific group would detract from the broader point that this important issue requires more attention from enterprises."

To read this article in full, please click here



Network World Security
Aug 01, 2019

Black Hat 2019 and DEF CON 27: What to expect at hacker summer camp | TECH(talk)
Every year, thousands of hackers arrive in Las Vegas for three large security conferences -- DEF CON, Black Hat and Bsides Las Vegas -- taking place from Monday through Sunday next week. CSO Online's J.M. Porup chats with Juliet about what to expect at the conferences' sessions and what he's looking forward to.

Network World Security
Aug 01, 2019

Cisco pays $8.6M to settle security-software whistleblower lawsuit
Cisco has agreed to pay $8.6 million to settle claims it sold video security software that had a vulnerability that could have opened federal, state and local government agencies to hackers.

Under terms of the settlement Cisco will pay $2.6 million to the federal government and up to $6 million to 15 states, certain cities and other entities that purchased the product. The states that settled with Cisco are California, Delaware, Florida, Hawaii, Illinois, Indiana, Minnesota, Nevada, New Jersey, New Mexico, New York, North Carolina, Tennessee, Massachusetts and Virginia.

RELATED: A conversation with a white hat hacker According to Cisco, the software, which was sold between 2008 and 2014 was created by Broadware, a company Cisco bought in 2007 for its surveillance video technology and ultimately named it Video Surveillance Manager.

To read this article in full, please click here



Network World Security
Jul 31, 2019

The latest large-scale data breach: Capital One | TECH(feed)
Just a few days after Equifax settled with the FTC over its 2017 data breach, Capital One announced it was the target of a March attack. Identifying information and bank account numbers are among some of the data breached in the attack that affects 100 million people. A software engineer is behind the attack and is awaiting a hearing. In this episode of TECH(feed), Juliet discusses the consequences of the attack and how to find out if you've been affected.

Network World Security
Jul 31, 2019

Remote code execution is possible by exploiting flaws in Vxworks
Eleven zero-day vulnerabilities in WindRiver's VxWorks, a real-time operating system in use across an advertised 2 billion connected devices have been discovered by network security vendor Armis.

Six of the vulnerabilities could enable remote attackers to access unpatched systems without any user interaction, even through a firewall according to Armis.

About IoT:

What is the IoT? How the internet of things works What is edge computing and how it's changing the network Most powerful Internet of Things companies 10 Hot IoT startups to watch The 6 ways to make money in IoT What is digital twin technology? [and why it matters] Blockchain, service-centric networking key to IoT success Getting grounded in IoT networking and security

Network World Security
Jul 31, 2019

How an attacker can target phishing attacks
There are a number of ways attackers can exploit public information about your organization's employees. CSO Online's Susan Bradley walks through how an attacker can gain access to your organization's Office 365 accounts and how you can protect your enterprise from these potential attacks.

Network World Security
Jul 30, 2019

The role of next-gen firewalls in an evolving security architecture
As the commercial enterprise firewall approaches its 30th birthday, it is hard to overstate how dramatically the product has evolved. This 2,700-word research report looks the current state of next-generation firewall technology.

Network World Security
Jul 24, 2019

Reports: As the IoT grows, so do its threats to DNS
The internet of things is shaping up to be a more significant threat to the Domain Name System through larger IoT botnets, unintentional adverse effects of IoT-software updates and the continuing development of bot-herding software.

The Internet Corporation for Assigned Names and Numbers (ICANN) and IBM's X-Force security researchers have recently issued reports outlining the interplay between DNS and IoT that includes warnings about the pressure IoT botnets will put on the availability of DNS systems.

More about DNS:

DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key ICANN's Security and Stability Advisory Committee (SSAC) wrote in a report that "a significant number of IoT devices will likely be IP enabled and will use the DNS to locate the remote services they require to perform their functions. As a result, the DNS will continue to play the same crucial role for the IoT that it has for traditional applications that enable human users to interact with services and content," ICANN stated. "The  role of  the  DNS  might  become  even  more  crucial  from  a  security  and  stability perspective with IoT devices interacting with peo

Network World Security
Jul 24, 2019

When it comes to the IoT, Wi-Fi has the best security
When it comes to connecting internet of things (IoT) devices, there is a wide variety of networks to choose from, each with its own set of capabilities, advantages and disadvantages, and ideal use cases. Good ol' Wi-Fi is often seen as a default networking choice, available in many places, but of limited range and not particularly suited for IoT implementations.

According to Aerohive Networks, however, Wi-Fi is "evolving to help IT address security complexities and challenges associated with IoT devices." Aerohive sells cloud-managed networking solutions and was acquired recently by software-defined networking company Extreme Networks for some $272 million. And Aerohive's director of product marketing, Mathew Edwards, told me via email that Wi-Fi brings a number of security advantages compared to other IoT networking choices.

To read this article in full, please click here



Network World Security
Jul 24, 2019

How to set up Azure AD to spot risky users
You have several options to set up alerts in Azure Active Directory to help spot risky user behavior.

Network World Security
Jul 19, 2019

What is the dark web? And what will you find there?
The dark web may sound ominous, but it's really a catch-all term for the part of the internet that isn't indexed by search engines. Stay tuned for a guided tour of the web's less mainstream regions.

Network World Security
Jul 18, 2019

Worst DNS attacks and how to mitigate them
The Domain Name System remains under constant attack, and there seems to be no end in sight as threats grow increasingly sophisticated.

DNS, known as the internet's phonebook, is part of the global internet infrastructure that translates between familiar names and the numbers computers need to access a website or send an email. While DNS has long been the target of assailants looking to steal all manner of corporate and private information, the threats in the past year or so indicate a worsening of the situation.

To read this article in full, please click here



Network World Security
Jul 17, 2019

How to manage Microsoft Windows BitLocker
Use these techniques to inventory your network to determine which devices have BitLocker.

Network World Security
Jul 16, 2019

What the FTC's $5 billion fine really means for Facebook | TECH(feed)
Last week, the Federal Trade Commission hit Facebook with a $5 billion fine for mishandling user data. The fine comes after the FTC's investigation following the Cambridge Analytica scandal. On this episode of TECH(feed), Juliet discusses the implications of this fine -- and how Facebook may (or may not) change its practices.

Network World Security
Jul 11, 2019

How to set up Microsoft Cloud App Security
This new add-on will let you set up alerts about suspicious sign-on activity for Office 365 and other cloud apps.

Network World Security
Jul 01, 2019

Tempered Networks simplifies secure network connectivity and microsegmentation
The TCP/IP protocol is the foundation of the internet and pretty much every single network out there. The protocol was designed 45 years ago and was originally only created for connectivity. There's nothing in the protocol for security, mobility, or trusted authentication.

The fundamental problem with TCP/IP is that the IP address within the protocol represents both the device location and the device identity on a network. This dual functionality of the address lacks the basic mechanisms for security and mobility of devices on a network.

This is one of the reasons networks are so complicated today. To connect to things on a network or over the internet, you need VPNs, firewalls, routers, cell modems, etc. and you have all the configurations that come with ACLs, VLANs, certificates, and so on. The nightmare grows exponentially when you factor in internet of things (IoT) device connectivity and security. It's all unsustainable at scale.

To read this article in full, please click here



Network World Security
Jun 28, 2019

Cisco sounds warning on 3 critical security patches for DNA Center
Cisco issued three "critical" security warnings for its DNA Center users - two having a Common Vulnerability Scoring System rating of 9.8 out of 10.

The two worst problems involve Cisco Data Center Network Manager (DCNM).  Cisco DNA Center controls access through policies using Software-Defined Access, automatically provision through Cisco DNA Automation, virtualize devices through Cisco Network Functions Virtualization (NFV), and lower security risks through segmentation and Encrypted Traffic Analysis.

More about SD-WAN

How to buy SD-WAN technology: Key questions to consider when selecting a supplier How to pick an off-site data-backup method SD-Branch: What it is and why you'll need it What are the options for security SD-WAN? In one advisory Cisco said a vulnerability in the web-based management interface of DCNM could let an attacker obtain a valid session cookie without knowing the administrative user password by sending a specially crafted HTTP request to a specific web servlet that is available on affected devices. The vulnerability is due to improper session management on affected DCNM software.



Network World Security
Jun 26, 2019

How updates to MongoDB work to prevent data breaches | TECH(talk)
CSO senior writer Lucian Constantin and Computerworld Executive Editor Ken Mingis talk database security and how MongoDB's new field-level encryption takes security to the next level.

Network World Security
Jun 26, 2019

Oracle does-in Dyn, resets DNS services to cloud
Some may call it a normal, even boring course of vendor business operations but others find it a pain the rump or worse.

That about sums up the reaction to news this week that Oracle will end its Dyn Domain Name System enterprise services by 2020 and try to get customers to move to DNS services provided through Oracle Cloud.

More about DNS:

DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key Oracle said that since its acquisition of Dyn in 2016 and the ensuing acquisition of Zenedge, its engineering teams have been working to integrate Dyn's products and services into the Oracle Cloud Infrastructure platform. "Enterprises can now leverage the best-in-class DNS, web application security, and email delivery services within Oracle Cloud Infrastructure and enhance their applications with a comprehensive platform to build, scale, and operate their cloud infrastructure," according to

Network World Security
Jun 26, 2019

Tracking down library injections on Linux
While not nearly commonly seen on Linux systems, library (shared object files on Linux) injections are still a serious threat. On interviewing Jaime Blasco from AT&T's Alien Labs, I've become more aware of how easily some of these attacks are conducted.

In this post, I'll cover one method of attack and some ways that it can be detected. I'll also provide some links that will provide more details on both attack methods and detection tools. First, a little background.

[ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] Shared library vulnerability Both DLL and .so files are shared library files that allow code (and sometimes data) to be shared by various processes. Commonly used code might be put into one of these files so that it can be reused rather than rewritten many times over for each process that requires it. This also facilitates management of commonly used code.

To read this article in full, please click here



Network World Security
Jun 25, 2019

7 steps to enhance IoT security
One of the biggest concerns with the Internet of Things (IoT) is making sure networks, data, and devices are secure. IoT-related security incidents have already occurred, and the worries among IT, security and networking managers that similar events will take place are justified.

"In all but the most restrictive environments, you're going to have IoT devices in your midst," says Jason Taule, vice president of standards and CISO at security standards and assurance company HITRUST. "The question then isn't if, but how you are going to allow such devices to connect to and interact with your networks, systems and data."

To read this article in full, please click here



Network World Security
Jun 18, 2019

How the Huawei ban could become a security threat | TECH(feed)
We've already talked about how the Huawei ban may affect business, but how will it affect security? Google has already warned of security threats should the company be unable to send updates to Huawei's Android-powered devices. And even if Huawei responds with its own OS, will people trust it? In this episode of TECH(feed), Juliet discusses those security implications and what some people think the U.S. should do instead.

Network World Security
Jun 14, 2019

Report: Mirai tries to hook its tentacles into SD-WAN
Mirai - the software that has hijacked hundreds of thousands of internet-connected devices to launch massive DDoS attacks - now goes beyond recruiting just IoT products; it also includes code that seeks to exploit a vulnerability in corporate SD-WAN gear.

That specific equipment - VMware's SDX line of SD-WAN appliances - now has an updated software version that fixes the vulnerability, but by targeting it Mirai's authors show that they now look beyond enlisting security cameras and set-top boxes and seek out any vulnerable connected devices, including enterprise networking gear.

More about SD-WAN

To read this article in full, please click here



Network World Security
Jun 14, 2019

Report: Mirai tries to wrap its tentacles around SD-WAN
Mirai - the software that has hijacked hundreds of thousands of internet-connected devices to launch massive DDoS attacks - now goes beyond recruiting just IoT products; it also includes code that seeks to exploit a vulnerability in corporate SD-WAN gear.

That specific equipment - VMware's SDX line of SD-WAN appliances - now has an updated software version that fixes the vulnerability, but by targeting it Mirai's authors show that they now look beyond enlisting security cameras and set-top boxes and seek out any vulnerable connected devices, including enterprise networking gear.

More about SD-WAN

To read this article in full, please click here

(Insider Story)

Network World Security
Jun 12, 2019

IoT security vs. privacy: Which is a bigger issue?
If you follow the news surrounding the internet of things (IoT), you know that security issues have long been a key concern for IoT consumers, enterprises, and vendors. Those issues are very real, but I'm becoming increasingly convinced that related but fundamentally different privacy vulnerabilities may well be an even bigger threat to the success of the IoT.

In June alone, we've seen a flood of IoT privacy issues inundate the news cycle, and observers are increasingly sounding the alarm that IoT users should be paying attention to what happens to the data collected by IoT devices.

[ Also read: It's time for the IoT to 'optimize for trust' and A corporate guide to addressing IoT security ] Predictably, most of the teeth-gnashing has come on the consumer side, but that doesn't mean enterprises users are immune to the issue. One the one hand, just like consumers, companies are vulnerable to their proprietary information being improperly shared and misused. More immediately, companies may face backlash from their own customers if they are seen as not properly guarding the data they collect via the IoT. Too often, in fact, enterprises shoot themselves in the foot on privacy issues, with practices that range from tone-deaf to exploitative to downright illegal—leading almost two-thirds (63%) of consumers to describe IoT data collection as "creepy," while more than half (53%) "distrust connected devices to protect their privacy and handle

Network World Security
Jun 12, 2019

Free course - Ethical Hacking: Hacking the Internet of Things
IoT devices are proliferating on corporate networks, gathering data that enables organizations to make smarter business decisions, improve productivity and help avoid costly equipment failures, but there is one big downside - security of the internet of things remains a problem.

It makes sense, then, for enterprises to try to spot vulnerabilities in the IoT gear in their networks before they can be exploited by malicious actors.

[ For more on IoT security see tips to securing IoT on your network and 10 best practices to minimize IoT security vulnerabilities. | Get regularly scheduled insights by signing up for Network World newsletters. ] To help this along, Network World and Pluralsight have teamed up to present a free course, Ethical Hacking: Hacking the Internet of Things, that provides IT pros with skills they need to protect their network infrastructure.

To read this article in full, please click here

(Insider Story)

Network World Security
Jun 06, 2019

Cisco to buy IoT security, management firm Sentryo
Looking to expand its IoT security and management offerings Cisco plans to acquire Sentryo, a company based in France that offers anomaly detection and real-time threat detection for Industrial Internet of Things (IIoT) networks.

Founded in 2014 Sentryo products include ICS CyberVision - an asset inventory, network monitoring and threat intelligence platform - and CyberVision network edge sensors, which analyze network flows.

More on IoT:

To read this article in full, please click here



Network World Security
May 30, 2019

What do recent public SAP exploits mean for enterprises? | TECH(talk)
Recently released public SAP exploits (dubbed 10KBLAZE) could pose a security risk for thousands of businesses. Computerworld executive editor Ken Mingis and CSO Online's Lucian Constantin discuss the fallout of 10KBLAZE, and how businesses using SAP should respond.

Network World Security
May 29, 2019

Cisco security spotlights Microsoft Office 365 e-mail phishing increase
It's no secret that if you have a cloud-based e-mail service, fighting off the barrage of security issues has become a maddening daily routine.

The leading e-mail service - in Microsoft's Office 365 package - seems to be getting the most attention from those attackers hellbent on stealing enterprise data or your private information via phishing attacks. Amazon and Google see their share of phishing attempts in their cloud-based services as well. 

[ Also see What to consider when deploying a next generation firewall. | Get regularly scheduled insights by signing up for Network World newsletters. ] But attackers are crafting and launching phishing campaigns targeting Office 365 users, wrote Ben Nahorney, a Threat Intelligence Analyst focused on covering the threat landscape for Cisco Security in a blog focusing on the Office 365 phishing issue.

To read this article in full, please click here



Network World Security
May 29, 2019

Survey finds SD-WANs are hot, but satisfaction with telcos is not
This week SD-WAN vendor Cato Networks announced the results of its Telcos and the Future of the WAN in 2019 survey. The study was a mix of companies of all sizes, with 42% being enterprise-class (over 2,500 employees). More than 70% had a network with more than 10 locations, and almost a quarter (24%) had over 100 sites. All of the respondents have a cloud presence, and almost 80% have at least two data centers.  The survey had good geographic diversity, with 57% of respondents coming from the U.S. and 24% from Europe.

Highlights of the survey include the following key findings:

To read this article in full, please click here



Network World Security
May 23, 2019

Study: Most enterprise IoT transactions are unencrypted
Of the millions of enterprise-IoT transactions examined in a recent study, the vast majority were sent without benefit of encryption, leaving the data vulnerable to theft and tampering.

The research by cloud-based security provider Zscaler found that about 91.5 percent of transactions by internet of things devices took place over plaintext, while 8.5 percent were encrypted with SSL. That means if attackers could intercept the unencrypted traffic, they'd be able to read it and possibly alter it, then deliver it as if it had not been changed.

To read this article in full, please click here



Network World Security
May 17, 2019

Microsoft issues fixes for non-supported versions of Windows Server
Microsoft took the rare step of issuing security fixes for both the server and desktop versions of Windows that are long out of support, so you know this is serious.

The vulnerability (CVE-2019-0708) is in the Remote Desktop Services component built into all versions of Windows. RDP, formerly known as Terminal Services, itself is not vulnerable. CVE-2019-0708 is pre-authentication and requires no user interaction, meaning any future malware could self-propagate from one vulnerable machine to another.

CVE-2019-0708 affects Windows XP, Windows 7, Windows Server 2003, Windows Server 2008 R2, and Windows Server 2008. It does not impact Microsoft's newest operating systems; Windows 8 through 10 and Windows Server 2012 through 2019 are not affected.

To read this article in full, please click here



Network World Security
May 16, 2019

WhatsApp attacked by spyware | TECH(feed)
WhatsApp's recent spyware hack took advantage of a security vulnerability and allowed attackers to access private, digital communication. In this episode of TECH(feed), Juliet walks through the hack, who was affected and how you can secure your devices ASAP.

Network World Security
May 15, 2019

Extreme addresses networked-IoT security
Extreme Networks has taken the wraps off a new security application it says will use machine learning and artificial intelligence to help customers effectively monitor, detect and automatically remediate security issues with networked IoT devices.

The application - ExtremeAI security—features machine-learning technology that can understand typical behavior of IoT devices and automatically trigger alerts when endpoints act in unusual or unexpected ways, Extreme said.

More about edge networking

To read this article in full, please click here



Network World Security
May 15, 2019

How to set up a Microsoft Azure backup process
Setting up a backup process in Azure is one way to quickly recover from a ransomware attack.

Network World Security
May 15, 2019

4 vulnerabilities and exposures affect Intel-based systems; Red Hat responds
Four vulnerabilities were publicly disclosed related to Intel microprocessors. These vulnerabilities allow unprivileged attackers to bypass restrictions to gain read access to privileged memory. They include these common vulnerabilities and exposures (CVEs):

CVE-2018-12126 - a flaw that could lead to information disclosure from the processor store buffer CVE-2018-12127 - an exploit of the microprocessor load operations that can provide data to an attacker about CPU registers and operations in the CPU pipeline CVE-2018-12130 - the most serious of the three issues and involved the implementation of the microprocessor fill buffers and can expose data within that buffer CVE-2019-11091 - a flaw in the implementation of the "fill buffer," a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache [ Also read: Linux hardening: a 15-step checklist for a secure Linux server ] Red Hat customers should update their systems Security updates will degrade system performance, but Red Hat strongly suggests that customers update their systems whether or not they believe themselves to be at risk.

To read this article in full, please click here



Network World Security
May 09, 2019

Cisco adds AMP to SD-WAN for ISR/ASR routers
Cisco has added support for Advanced Malware Protection (AMP) to its million-plus ISR/ASR edge routers, in an effort to reinforce branch and core network malware protection at across the SD-WAN.

Cisco last year added its Viptela SD-WAN technology to the IOS XE version 16.9.1 software that runs its core ISR/ASR routers such as the ISR models 1000, 4000 and ASR 5000, in use by organizations worldwide. Cisco bought Viptela in 2017. 

More about SD-WAN

How to buy SD-WAN technology: Key questions to consider when selecting a supplier How to pick an off-site data-backup method SD-Branch: What it is and why you'll need it What are the options for security SD-WAN? The release of Cisco IOS XE offered an instant upgrade path for creating cloud-controlled SD-WAN fabrics to connect distributed offices, people, devices and applications operating on the installed base, Cisco said. At the time Cisco said that Cisco SD-WAN on edge routers builds a secure virtual IP fabric by combining routing, segmentation, security, policy and orchestration.

To read this article in full, please click here



Network World Security
May 08, 2019

Cisco releases a critical security patch for a virtualized automation tool
Cisco has released a  patch for a critical vulnerability in software used to control large virtual environments.

The weakness gets a 10 out of 10 severity score and is found in Cisco's Elastic Services Controller (ESC), which the company describes as offering a single point of control to manage all aspects of Virtual Network Functions and offers capabilities such as VM and service monitoring, auto-recovery and dynamic scaling. With ESC users control the lifecycle all virtualized resources, whether using Cisco or third-party VNFs, Cisco stated.

RELATED: What IT admins love/hate about 8 top network monitoring tools The vulnerability in this case lies in the REST API of ESC and could let  an unauthenticated remote attacker to bypass authentication on the REST API and execute arbitrary actions through with administrative privileges on an affected system. The vulnerability is due to improper validation of API requests, Cisco wrote in its advisory.

To read this article in full, please click here



Network World Security
May 03, 2019

10 Hot IoT security startups to watch
The internet of things is growing at breakneck pace and may end up representing a bigger economic shift in networking than the internet itself did, making security threats associated with the IoT a major concern.

This worry is reflected by investments being made in startups that focus on stopping threats to the IoT, the industrial IoT (IIoT) and the operational technology (OT) surrounding them.

To read this article in full, please click here

(Insider Story)

Network World Security
May 01, 2019

Cisco issues critical security warning for Nexus data-center switches
Cisco issued some 40 security advisories today but only one of them was deemed "critical" - a vulnerability in the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode data-center switch that could let an attacker secretly access system resources.

The exposure, which was given a Common Vulnerability Scoring System importance of 9.8 out of 10, is described as a problem with secure shell (SSH) key-management for the Cisco Nexus 9000 that lets a remote attacker to connect to the affected system with the privileges of a root user, Cisco said.

To read this article in full, please click here



Network World Security
Apr 30, 2019

How to shop for enterprise firewalls
Firewalls have been around for years, but the technology keeps evolving as the threat landscape changes. Here are some tips about what to look for in a next-generation firewall (NGFW) that will satisfy business needs today and into the future.

Don't trust firewall performance stats Understanding how a NGFW performs requires more than looking at a vendor's specification or running a bit of traffic through it. Most firewalls will perform well when traffic loads are light. It's important to see how a firewall responds at scale, particularly when encryption is turned on. Roughly 80% of traffic is encrypted today, and the ability to maintain performance levels with high volumes of encrypted traffic is critical.

To read this article in full, please click here



Network World Security
Apr 29, 2019

Does your cloud-access security broker support IPv6? It should.
Cloud access security brokers (CASB) insert security between enterprises and their cloud services by providing visibility and access control, but IPv6 could be causing a dangerous blind spot.

That's because CASBs might not support IPv6, which could be in wide corporate use even in enterprises that choose IPv4 as their preferred protocol.

[ Related: What is IPv6, and why aren't we there yet? For example, end users working remotely have a far greater chance of connecting via IPv6 than when they are in the office.  Mobile providers collectively have a high percentage of IPv6-connected subscribers and broadband residential Internet customers often have IPv6 connectivity without realizing it.  Internet service providers and software-as-a-service (SaaS) vendors both widely support IPv6, so a mobile worker accessing, say, DropBox over a Verizon 4G wireless service might very well connect via IPv6.

To read this article in full, please click here

(Insider Story)

Network World Security
Apr 24, 2019

Cisco: DNSpionage attack adds new tools, morphs tactics
The group behind the Domain Name System attacks known as DNSpionage have upped their dark actions with new tools and malware to focus their attacks and better hide their activities. 

Cisco Talos security researchers, who discovered DNSpionage in November, this week warned of new exploits and capabilities of the nefarious campaign.

More about DNS:

DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key "The threat actor's ongoing development of DNSpionage malware shows that the attacker continues to find new ways to avoid detection. DNS tunneling is a popular method of exfiltration for some actors and recent examples of DNSpionage show that we must ensure DNS is monitored as closely as an organization's normal proxy or weblogs," Talos wrote.   "DNS is essentially the phonebook of the internet, and when it is tampered with, it becomes difficult for anyone to discern whether what they are seeing online is legitimate."



TRENDING TAGS
AramcoIPO Saudi trillion Value UPDATE
StocksThese Buy Love Hedge Funds
Reporting
XeroxRejects HP Offer bid company
HereHow Ford Mustang Stock Should
IPOAramco Saudi trillion Value set
RECORDVenice week Stock market Flooding
holidayGifts Gift year season Guide
StockMarket Dividend Here Week Buy
Fordv Ferrari here Mustang Box

NEWS SOURCES
Top News (Business News)
Accounting Today
AdWeek News
Banking Business Review
Barron's This Week Magazine
Barron's Up and Down Wall Street Daily
Brad Ideas
Chicago Tribune Business News
CNBC Business
CNBC Economy
CNBC Finance
CNN/Money
CNN/Money Real Estate News
Dismal.com: Analysis
Dismal.com: Indicators
Enterprise Application News
Entrepreneur.com
Forbes Headlines
Forbes Social Media News
FT.com - China, Economy & Trade
FT.com - Financial Markets
FT.com - Hedge Funds
FT.com - Telecoms
FT.com - US
Google Business News
Google Market News
HBS Working Knowledge
Inc.com
INSEAD Knowledge
International Tax Review
Kiplinger
Knowledge@Wharton
L.S. Starrett News
MarketWatch
MarketWatch Breaking News
MarketWatch MarketPulse
McKinsey Quarterly
MSNBC.com: Business
Nielsen Trends
NonProfit Times
NPR Topics: Business
NYTimes Business
OpinionJournal.com
Private Equity Breaking News
Reuters Business
Reuters Company News
Reuters Money
SEC.gov Updates: News Digest
SHRM HR News
Tax Policy News
The Economist International News
The Motley Fool
USA Today Money
Wall Street Journal US Business
Wall Street Transcript
Washington Post Business
WSJ Asia
WSJ Europe
WSJ MoneyBeat
WSJ Opinion
WSJ US News
WSJ World Markets
Yahoo Business
  • CEOExpress
  • 1 Boston Place | Suite 2600
    Boston MA 02108
  • 617 482 1200
    617 299 8649 (fax)
  • Contact
  • As an Amazon Associate
    CEOExpress earns from
    qualifying purchases.

©1999-2019 CEOExpress Company LLC