NEWS: NETWORK WORLD SECURITY
Setup News Ticker
   NEWS: NETWORK WORLD SECURITY
Network World Security
Apr 24, 2019

Cisco: DNSpionage attack adds new tools, morphs tactics
The group behind the Domain Name System attacks known as DNSpionage have upped their dark actions with new tools and malware to focus their attacks and better hide their activities. 

Cisco Talos security researchers, who discovered DNSpionage in November, this week warned of new exploits and capabilities of the nefarious campaign.

More about DNS:

DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key "The threat actor's ongoing development of DNSpionage malware shows that the attacker continues to find new ways to avoid detection. DNS tunneling is a popular method of exfiltration for some actors and recent examples of DNSpionage show that we must ensure DNS is monitored as closely as an organization's normal proxy or weblogs," Talos wrote.   "DNS is essentially the phonebook of the internet, and when it is tampered with, it becomes difficult for anyone to discern whether what they are seeing online is legitimate."



Network World Security
Apr 18, 2019

Card skimming moves online | TECH(talk)
CSO staff writer Lucian Constantin offers advice on how online retailers can prevent online payment fraud.

Network World Security
Apr 18, 2019

Cisco warns WLAN controller, 9000 series router and IOS/XE users to patch urgent security holes
Cisco this week issued 31 security advisories but direct customer attention to "critical" patches for its  IOS and IOS XE Software Cluster Management and IOS software for Cisco ASR 9000 Series routers. A number of vulnerabilities also need attention if customers are running Cisco Wireless LAN Controllers.

The first critical patch has to do with a vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to send malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device, Cisco said.

To read this article in full, please click here



Network World Security
Apr 17, 2019

Cisco Talos details exceptionally dangerous DNS hijacking attack
Security experts at Cisco Talos have released a report detailing what it calls the "first known case of a domain name registry organization that was compromised for cyber espionage operations."

Talos calls ongoing cyber threat campaign "Sea Turtle" and said that state-sponsored attackers are abusing DNS to harvest credentials to gain access to sensitive networks and systems in a way that victims are unable to detect, which displays unique knowledge on how to manipulate DNS, Talos stated.

More about DNS:

DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key By obtaining control of victims' DNS, the attackers can change or falsify any data on the Internet, illicitly modify DNS name records to point users to actor-controlled servers; users visiting those sites would never know, Talos reported. 

To read this article in full, please click here



Network World Security
Apr 12, 2019

Gov't warns on VPN security bug in Cisco, Palo Alto, F5, Pulse software
The Department of Homeland Security has issued a warning that some VPN packages from Cisco, Palo Alto, F5 and Pusle may improperly secure tokens and cookies, allowing nefarious actors an opening to invade and take control over an end user's system. 

The DHS's Cybersecurity and Infrastructure Security Agency (CISA) warning comes on the heels of a notice from Carnegie Mellon's CERT that multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files.

To read this article in full, please click here



Network World Security
Apr 12, 2019

Gov't warns on VPN security bug in Cisco, Palo Alto, F5, Pulse software
The Department of Homeland Security has issued a warning that some VPN packages from Cisco, Palo Alto, F5 and Pulse may improperly secure tokens and cookies, allowing nefarious actors an opening to invade and take control over an end user's system. 

The DHS's Cybersecurity and Infrastructure Security Agency (CISA) warning comes on the heels of a notice from Carnegie Mellon's CERT that multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files.

To read this article in full, please click here



Network World Security
Apr 10, 2019

You Can Now Get This Award-Winning VPN For Just $1/month
If you use the internet (which you clearly do), you likely know how important it is to protect your data in an increasingly dangerous cyber environment. But like other essential tasks that tend to be tedious (like filing taxes early and brushing your teeth for the full two minutes), most installing and running a VPN can sound unappealing to many: sure, they encrypt your internet traffic and hide your location — but they can also run frustratingly slowly, delaying the way you'd usually use the internet for entertainment and work.

That's where Ivacy VPN is different: not only will the speedy service let you browse and stream lag-free, it also offers real-time threat detection technology, removing malware and viruses at the server level. It ensures that all your downloads and devices stay totally secure, so you can stay safe online without being inconvenienced.

To read this article in full, please click here



Network World Security
Apr 08, 2019

How to quickly deploy, run Linux applications as unikernels
Building and deploying lightweight apps is becoming an easier and more reliable process with the emergence of unikernels. While limited in functionality, unikernals offer many advantages in terms of speed and security.

What are unikernels? A unikernel is a very specialized single-address-space machine image that is similar to the kind of cloud applications that have come to dominate so much of the internet, but they are considerably smaller and are single-purpose. They are lightweight, providing only the resources needed. They load very quickly and are considerably more secure -- having a very limited attack surface. Any drivers, I/O routines and support libraries that are required are included in the single executable. The resultant virtual image can then be booted and run without anything else being present. And they will often run 10 to 20 times faster than a container.

To read this article in full, please click here



Network World Security
Apr 01, 2019

Meta Networks builds user security into its Network-as-a-Service
Network-as-a-Service (NaaS) is growing in popularity and availability for those organizations that don't want to host their own LAN or WAN, or that want to complement or replace their traditional network with something far easier to manage.

With NaaS, a service provider creates a multi-tenant wide area network comprised of geographically dispersed points of presence (PoPs) connected via high-speed Tier 1 carrier links that create the network backbone. The PoPs peer with cloud services to facilitate customer access to cloud applications such as SaaS offerings, as well as to infrastructure services from the likes of Amazon, Google and Microsoft. User organizations connect to the network from whatever facilities they have — data centers, branch offices, or even individual client devices — typically via SD-WAN appliances and/or VPNs.

To read this article in full, please click here



Network World Security
Mar 29, 2019

Russia demands access to VPN providers' servers
The Russian censorship agency Roskomnadzor has ordered 10 VPN service providers to link their servers in Russia to its network in order to stop users from reaching banned sites.

If they fail to comply, their services will be blocked, according to a machine translation of the order.

RELATED: Best VPN routers for small business The 10 VPN  providers are ExpressVPN, HideMyAss!, Hola VPN, IPVanish, Kaspersky Secure Connection NordVPN, OpenVPN, VPN Unlimited and VyprVPN.

To read this article in full, please click here



Network World Security
Mar 28, 2019

Cisco warns of two security patches that don't work, issues 17 new ones for IOS flaws
Cisco has dropped 17 Security advisories describing 19 vulnerabilities in the software that runs most of its routers and switches, IOS and IOS/XE.

The company also announced that two previously issued patches for its RV320 and RV325 Dual Gigabit WAN VPN Routers were "incomplete" and would need to be redone and reissued.

[ Also see What to consider when deploying a next generation firewall. | Get regularly scheduled insights by signing up for Network World newsletters. ] Cisco rates both those router vulnerabilities as "High" and describes the problems like this:   

To read this article in full, please click here



Network World Security
Mar 27, 2019

Cisco forms VC firm looking to weaponize fledgling technology companies
Cisco this week stepped deeper into the venture capital world by announcing Decibel, an early-stage investment firm that will focus on bringing enterprise-oriented startups to market.

Veteran VC groundbreaker and former general partner at New Enterprise Associates Jon Sakoda will lead Decibel. Sakoda had been with NEA since 2006 and focused on startup investments in software and Internet companies. 

[ Now see 7 free network tools you must have. ] Of Decibel Sakoda said: "We want to invest in companies that are helping our customers use innovation as a weapon in the game to transform their respective industries."

To read this article in full, please click here



Network World Security
Mar 26, 2019

How to hack your own Wi-Fi network
One way to bolster your understanding of Wi-Fi security is to do some hacking yourself. That doesn't mean you should infiltrate a company's network or snoop on a neighbor's setup. Rather, ethical hacking and legitimate Wi-Fi penetration testing - done in cooperation with the network owner - can help you learn more about the strengths and limitations of wireless security. Understanding potential Wi-Fi vulnerabilities can help you to better protect the networks you manage and ensure safer connections when you access other wireless networks.

Start with a Wi-Fi stumbler General purpose Wi-Fi stumblers are the simplest and most innocent tools to add to your pen testing kit. Though typically passive tools, they serve an important purpose. They allow you to see what access points (AP) are nearby and their details, such as the signal level, security/encryption type, and media access control (MAC) address. It's a tool even a hacker would utilize to find the next victim.

To read this article in full, please click here



Network World Security
Mar 22, 2019

Triton and the new wave of IIoT security threats
As IIoT grows in prominence, so too does its status as a target for malicious hackers - particularly given its increased impact on the physical world; the latest and potentially most dangerous is called Triton.

Triton first reared its ugly head near the end of 2017, according to security company Fireeye. It targets an industrial safety system made by Schneider Electric that monitors and secures valves, turbines and the like and shuts them down if it determines they are about to fail and cause explosions or other consequences that could damage the facility or cause harm to people. (It's named Triton because it targets the widely used Schneider Electric Triconex industrial safety system.)

To read this article in full, please click here

(Insider Story)

Network World Security
Mar 21, 2019

Cisco directs high priority patches for IP phone security exposures
Cisco this week advised customers using its 7800 and 8800 series IP phones they should patch a variety of high-priority vulnerabilities that could lead to denial of service and other security problems.

The company issued five security advisories, four for the 8800 and one for both the 8800 and 7800 series of IP phones. The 8800 is a high-end business desktop device that features high-definition video and mobile device integration. The 7800 is more of a general business IP phone. 

Learn about 5g networks:

How enterprises can prep for 5G networks 5G vs 4G: How speed, latency and apps support differ Private 5G networks are coming 5G and 6G wireless have security issues How millimeter-wave wireless could help support 5G and IoT The security advisories include:

To read this article in full, please click here



Network World Security
Mar 20, 2019

Quantum computing will break your encryption in a few years
Modern public-key encryption is currently good enough to meet enterprise requirements, according to experts. Most cyberattacks target different parts of the security stack these days - unwary users in particular. Yet this stalwart building block of present-day computing is about to be eroded by the advent of quantum computing within the next decade, according to experts.

"About 99% of online encryption is vulnerable to quantum computers," said Mark Jackson, scientific lead for Cambridge Quantum Computing, at the Inside Quantum Technology conference in Boston on Wednesday.

[ Now read: What is quantum computing (and why enterprises should care) ] Quantum computers - those that use the principles of quantum entanglement and superposition to represent information, instead of electrical bits - are capable of performing certain types of calculation orders of magnitude more quickly than classical, electronic computers. They're more or less fringe technology in 2019, but their development has accelerated in recent years, and experts at the IQT conference say that a spike in deployment could occur as soon as 2024.

To read this article in full, please click here



Network World Security
Mar 20, 2019

How to audit Windows Task Scheduler to detect attacks
Learn how to prevent attackers from using Task Scheduler to hide and set up tasks to access Windows systems.

Network World Security
Mar 15, 2019

Exec: How SDN, SD-WAN, security fit in VMware's strategy
It has been just 10 months since Tom Gillis became VMware's senior vice president and general manager of its networking and security business, and in that time he has overseen some major changes in the company's core products.

Most recent is a milestone release of the company's NSX-T Data Center software, making it VMware's primary networking platform for organizations looking to support multivendor cloud-native applications, bare-metal workloads as well as the growing hybrid and multi-cloud worlds.

To read this article in full, please click here



Network World Security
Mar 11, 2019

Software-defined perimeter brings trusted access to multi-cloud applications, network resources
Many companies today have a hybrid approach to their networking and IT infrastructure. Some elements remain in an on-premise data center, while other portions have gone to the cloud and even to multi-cloud. As a result, the network perimeter is permeable and elastic. This complicates access requirements at a time when it's more important than ever to enable accessibility while preventing unauthorized access to applications and data.

To reduce risk, some organizations are applying a zero-trust strategy of "verification before trust" by incorporating stronger, stateful user and device authentication; granular access control; and enhanced segmentation no matter where the applications and resources reside.

To read this article in full, please click here



Network World Security
Mar 08, 2019

VMware firewall takes aim at defending apps in data center, cloud
VMware has taken the wraps off a firewall it says protects enterprise applications and data inside data centers or clouds.

Unlike perimeter firewalls that filter traffic from an unlimited number of unknown hosts, VMware says its new Service-defined Firewall gains deep visibility into the hosts and services that generate network traffic by tapping into into its NSX network management software, vSphere hypervisors and AppDefense threat-detection system.

To read this article in full, please click here



Network World Security
Mar 07, 2019

How blockchain will manage networks
Ethernet networking technology is flawed, say some engineers. The problem is it doesn't have any inherent security built in to it. Ethernet also hard to manage because it's centralized. It's out-of-date, and it needs revamping, researchers say.

One attempt to address the issue is the Marconi protocol, which is a strategy to shift network and packet management over to a smart contract, decentralized chain-based system. Smart contracts are trackable, verifiable transactions. They're performed through encrypted blockchains and are self-enforcing.

To read this article in full, please click here



Network World Security
Mar 06, 2019

Cisco uncorks 26 security patches for switches, firewalls
Cisco has bundled 25 security advisories that describe 26 vulnerabilities in Cisco NX-OS switch and Firepower FXOS firewall software.

While the 26 alerts describe vulnerabilities that have a Security Impact Rating of "High," most -23 - affect Cisco NX-OS software, and the remaining three involve both software packages.

[ Also see What to consider when deploying a next generation firewall. | Get regularly scheduled insights by signing up for Network World newsletters. ] The vulnerabilities span a number of problems that would let an attacker gain unauthorized access, gain elevated privileges, execute arbitrary commands, escape the restricted shell, bypass the system image verification checks or cause denial of service (DoS) conditions, Cisco said.

To read this article in full, please click here



Network World Security
Mar 05, 2019

Huawei's possible lawsuit, ransomware readiness, old malware resurfaces | TECH(feed)
The ongoing battle between the U.S. and Huawei could soon go to court as Huawei reportedly prepares to sue the U.S. government. Plus, 2019 will see ride sharing companies going public… but which will be first? And as a decade-old malware resurfaces in enterprise networks, a report questions if the world is ready for the next large-scale ransomware attack.

Network World Security
Mar 05, 2019

Cryptocurrency miners exploit Docker flaw
According to Imperva research, a container flaw reported last month (CVE-2019-5736) in Docker's remote API has already been taken advantage of by hundreds of attackers.

Imperva claims that they were able to locate 3,822 Docker hosts with the remote API (port 2735) publicly exposed. Of these, approximately 400 were accessible, and most of these were running a cryptocurrency miner for a lesser-known form of cryptocurrency called Monero.

[ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] Monero (ticker symbol XMR) is an open-source cryptocurrency that was created in April 2014. It focuses on fungibility (individual units are essentially interchangeable), privacy, and decentralization. It also takes advantage of an obfuscated public ledger. That means anyone can broadcast or send transactions, but outside observers cannot tell the source, amount, or destination of the funds.

To read this article in full, please click here



Network World Security
Feb 28, 2019

Cisco warns a critical patch is needed for a remote access firewall, VPN and router
Cisco is warning organizations with remote users that have deployed a particular Cisco wireless firewall, VPN and router to patch a critical vulnerability in each that could let attackers break into the network.

The vulnerability, which has an impact rating of 9.8 out of 10 on the Common Vulnerability Scoring System lets a potential attacker send malicious HTTP requests to a targeted device. A successful exploit could let the attacker execute arbitrary code on the underlying operating system of the affected device as a high-privilege user, Cisco stated.

More about edge networking

How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The vulnerability is in the web-based management interface of three products: Cisco's RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router and RV215W Wireless-N VPN Router. All three products are positioned as remote-access communications and security devices.

To read this article in full, please click here



Network World Security
Feb 27, 2019

Protecting the IoT: 3 things you must include in an IoT security plan
With many IT projects, security is often an afterthought, but that approach puts the business at significant risk. The rise of IoT adds orders of magnitude more devices to a network, which creates many more entry points for threat actors to breach. A bigger problem is that many IoT devices are easier to hack than traditional IT devices, making them the endpoint of choice for the bad guys.

IoT is widely deployed in a few industries, but it is in the early innings still for most businesses. For those just starting out, IT and security leaders should be laying out their security plans for their implementations now. However, the landscape of security is wide and confusing so how to secure an IoT deployment may not be obvious. Below are three things you must consider when creating an IoT security plan.

To read this article in full, please click here



Network World Security
Feb 26, 2019

Linux security: Cmd provides visibility, control over user activity
There's a new Linux security tool you should be aware of — Cmd (pronounced "see em dee") dramatically modifies the kind of control that can be exercised over Linux users. It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems.

Provided by a company of the same name, Cmd focuses on cloud usage. Given the increasing number of applications being migrated into cloud environments that rely on Linux, gaps in the available tools make it difficult to adequately enforce required security. However, Cmd can also be used to manage and protect on-premises systems.

To read this article in full, please click here



Network World Security
Feb 25, 2019

ICANN urges adopting DNSSEC now
Powerful malicious actors continue to be a substantial risk to key parts of the Internet and its Domain Name System security infrastructure, so much so that The Internet Corporation for Assigned Names and Numbers is calling for an intensified community effort to install stronger DNS security technology. 

Specifically ICANN is calling for full deployment of the Domain Name System Security Extensions (DNSSEC) across all unsecured domain names. DNS,often called the internet's phonebook, is part of the global internet infrastructure that translates between common language domain names and IP addresses that computers need to access websites or send emails.  DNSSEC adds a layer of security on top of DNS.

To read this article in full, please click here



Network World Security
Feb 21, 2019

Cisco warns on HyperFlex security vulnerabilities
Cisco this week identified two "High" security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  

HyperFlex is Cisco's hyperconverged infrastructure that offers computing, networking and storage resources in a single system.

More about edge networking

How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings - an 8.8 on Cisco's severity scale of 1-10 - is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.

To read this article in full, please click here



Network World Security
Feb 19, 2019

Edge security: There's lots of attack surfaces to worry about
The problem of edge security isn't unique - many of the issues being dealt with are the same ones that have been facing the general IT sector for decades.

But the edge adds its own wrinkles to those problems, making them, in many cases, more difficult to address. Yet, by applying basic information security precautions, most edge deployments can be substantially safer.

More about edge networking

How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The most common IoT vulnerability occurs because many sensors and edge computing devices are running some kind of built-in web server to allow for remote access and management. This is an issue because many end-users don't - or, in some cases, can't - change default login and password information, nor are they able to seal them off from the Internet at large. There are dedicated gray-market search sites out there to help bad actors find these unsecured web servers, and they can even be found with a little creative Googling, although Joan Pepin, CISO at security and authentication vendor Auth0, said that the search giant has taken steps recently to make that process more difficult.

To read

Network World Security
Feb 14, 2019

IoT providers need to take responsibility for performance
Last year saw the continued growth of enterprises adopting internet of things solutions, with companies harnessing the power of wireless data collection, analytics and connectivity to enhance productivity and efficiency in ways we could previously not imagine.

Analysts expect corporate spending on IoT in the U.S. to approach $200B in 2019, with global spending exceeding $800B. As adoption has grown, privacy and security advocates have called for regulating IoT to enhance personal privacy and to strengthen the security of IoT devices and services.

To read this article in full, please click here

(Insider Story)

Network World Security
Feb 13, 2019

That VPN may not be as secure as you think
If you're a VPN subscriber and have ever wondered just how secure the supposedly encrypted pipe that you're using through the internet is — and whether the anonymity promise made by the VPN provider is indeed protecting your privacy— well, your hunches may be correct. It turns out several of these connections are not secure.

Academics say they've discovered a whopping 13 programming errors in 61 separate VPN systems tested recently. The configuration bungles "allowed Internet traffic to travel outside the encrypted connection," the researchers say.

The independent research group, made up of computer scientists from UC San Diego, UC Berkeley, University of Illinois at Chicago, and Spain's Madrid Institute of Advanced Studies (IMDEA) with International Computer Science Institute, write in the Conversation this month, some of which is redistributed by Homeland Security Newswire, that six of 200 VPN services also scandalously monitored user traffic. That's more serious than unintended leaks, the team explains — users trust providers not to snoop. The point of a VPN is to be private and not get monitored. VPN use ranges from companies protecting commercial secrets on public Wi-Fi to dissidents.

To read this article in full, please click here



Network World Security
Feb 11, 2019

Red Hat announces container flaw CVE-2019-5736
Red Hat announced a vulnerability this morning - one that can be exploited if a user runs malicious or modified containers. The flaw in runC (a lightweight portable container runtime) and Docker that this vulnerability exposes allows an attacker to escape a container and access the underlying file system. That might sound bad, but there's more.

The good news is that this vulnerability cannot be exploited if SELinux is enabled and that this is the default on Red Hat systems. To check whether your Red Hat system is enforcing SELinux, use one of the following commands:

$ /usr/sbin/getenforce Enforcing $ sestatus SELinux status: enabled [ Read also: Linux hardening: A 15-step checklist for a secure Linux server ] This vulnerability also requires local access to the system. Affected Red Hat systems include:

To read this article in full, please click here



Network World Security
Feb 08, 2019

SD-WAN creates new security challenges
SD-WAN products have been available for the better part of five years. Early adopters of the technology focused primarily on transport-related issues such as replacing or augmenting MPLS with broadband. As any technology matures and moves out of the early adopter phase, the buying criteria changes — and SD-WAN is no different.

In 2018, a ZK Research survey asked respondents to rank SD-WAN buying criteria, and security came out as the top response, well ahead of technology innovation and price. (Note: I am employee of ZK Research.) To better understand this trend and what it means to network professionals, I sat down with Fortinet's executive vice president of products and solutions, John Maddison, who sets the company's product strategy, making him well versed in both SD-WAN and security.

To read this article in full, please click here



Network World Security
Feb 07, 2019

Get TotalAV Essential AntiVirus for $19.99 (80% off)
The term "computer virus" calls to mind imagery of pathogenic creepy-crawlies bringing down a device's operating system, their flagella wriggling as they multiply into hordes that infiltrate its chips and wires. And while it's true that our computers can be infected with literal biological bacteria like staphylococci, per Science Illustrated, the threat of malicious codes and programs intent on corrupting data and files looms far larger: According to a recent study from the University of Maryland's Clark School of Engineering, attacks on computers with internet access is virtually ceaseless, with an incident occurring every 39 seconds on average, affecting a third of Americans every year.

To read this article in full, please click here



Network World Security
Feb 01, 2019

National pen test execution standard would improve network security
As the number of cyber attacks increases, the demand for penetration tests - to determine the strength of a company's defense - is also going up. People are worried about their companies' networks and computer systems being hacked and data being stolen. Plus, many regulatory standards such PCI and HITRUST require these tests to be performed on at least an annual basis.

The demand for these tests is only going to increase as attackers get more sophisticated. And it's essential these tests catch all possible vulnerabilities.

[ Also read: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ] Benefits and gaps of penetration tests Penetration tests involve live tests of computer networks, systems, or web applications to find potential vulnerabilities. The tester actually attempts to exploit the vulnerabilities and documents the details of the results to their client. They document how severe the vulnerabilities are and recommend the steps that should be taken in order to resolve them.

To read this article in full, please click here



Network World Security
Jan 31, 2019

DARPA explores new computer architectures to fix security between systems
Solutions are needed to replace the archaic air-gapping of computers used to isolate and protect sensitive defense information, the U.S. Government has decided. Air-gapping, used often now, is the practice of physically isolating data-storing computers from other systems, computers, and networks. It theoretically can't be compromised because there is nothing between the machines — there are no links into the machines; they're removed.

However, many say air-gapping is no longer practical, as the cloud and internet takes a hold of massive swaths of data and communications.

"Keeping a system completely disconnected from all means of information transfer is an unrealistic security tactic," says Defense Advanced Research Projects Agency (DARPA) on its website, announcing an initiative to develop completely new hardware and software that will allow defense communications to take place securely among myriad existing systems, networks, and security protocols.

To read this article in full, please click here



Network World Security
Jan 29, 2019

The race to lock down industrial control systems | Salted Hash Ep 44
Guest host Juliet Beauchamp and CSO senior writer J.M. Porup talk about the challenges around securing the systems and networks used to control industrial plants and infrastructures.

Network World Security
Jan 28, 2019

Build security into your IoT plan or risk attack
The Internet of Things (IoT) is no longer some futuristic thing that's years off from being something IT leaders need to be concerned with. The IoT era has arrived. In fact, Gartner forecasts there will be 20.4 billion connected devices globally by 2020.

An alternative proof point is the fact that when I talk with people about their company's IoT plans, they don't look at me like a deer in headlights as they did a few years ago. In fact, often the term "IoT" doesn't even come up. Businesses are connecting more "things" to create new processes, improve efficiency, or improve customer service.

As they do, though, new security challenges arise. One of which is there's no "easy button." IT professionals can't just deploy some kind of black box and have everything be protected. Securing the IoT is a multi-faceted problem with many factors to consider, and it must be built into any IoT plan.

To read this article in full, please click here



Network World Security
Jan 25, 2019

What is a firewall? How they work and how they fit into enterprise security
Firewalls been around for three decades, but they've evolved drastically to include features that used to be sold as separate appliances and to pull in externally gathered data to make smarter decisions about what network traffic to allow and what traffic to block.

Now just one indespensible element in an ecosystem of network defenses, the latest versions are known as enterprise firewalls or next-generation firewalls (NGFW) to indicate who should use them and that they are continually adding functionality.

What is a firewall? A firewall is a network device that monitors packets going in and out of networks and blocks or allows them according to rules that have been set up to define what traffic is permissible and what traffic isn't.

To read this article in full, please click here



Network World Security
Jan 25, 2019

How SD-WAN can improve your security strategy
Data breaches and security threats are a top concern among IT leaders, yet it's harder than ever to hire skilled security professionals. That has organizations looking for ways to more easily improve their security strategy. One option is to implement a software-defined WAN (SD-WAN).

I recently talked with Hamza Seqqat, director of solutions architecture at Apcela, to get his take on how SD-WAN affects security strategy. Seqqat helps enterprise organizations redefine their wide-area networks to accommodate the growing use of cloud-based applications and services. In our discussion, he outlined four areas where SD-WAN offers new security benefits.

To read this article in full, please click here



Network World Security
Jan 25, 2019

Batten down the DNS hatches as attackers strike Feds
If enterprise IT folks haven't taken a look at their DNS ecosystem recently now may be a good time. 

This week the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) told all federal agencies to bolt down their Domain Name System in the face of a  series of global hacking campaigns.

More about DNS:

To read this article in full, please click here



Network World Security
Jan 25, 2019

Cisco patches serious SD-WAN software security holes
Cisco has patched security vulnerabilities in four packages of SD-WAN Solution software that address buffer overflow, arbitrary file override and privilege access weaknesses that could have led to denial of service attacks or access problems.

The first patch, called "Critical" by Cisco, fixes a vulnerability in the vContainer of the Cisco SD-WAN Solution that could let an authenticated, remote attacker cause a denial of service (DoS) and execute arbitrary code as the root user, the company wrote in a security advisory. 

To read this article in full, please click here



Network World Security
Jan 23, 2019

Durham County goes Cisco for enterprise network ops and security proficiency
The IT department in Durham County, N.C.'s government was spending far too much time manually addressing network and security operations and turned to Cisco to help achieve the operational and security effectiveness it was looking for.

The government in Durham County, N.C., was spending hours and hours manually provisioning its network and keeping security policies current, so it decided two-and-a-half years ago to upgrade for the sake of efficiency and security.

Since then, the government's IT staff of four has migrated its traditional point-to-point network to a more modern enterprise featuring the software-defined technologies of Cisco's Application Centric Infrastructure (ACI) and DNA Center that support its 2,100 enterprise end-users and online services for 315,000 county residents. 

To read this article in full, please click here

(Insider Story)

Network World Security
Jan 18, 2019

Get 3 Years of NordVPN Service for Just $2.99 Per Month - Deal Alert
NordVPN promises a private and fast path through the public internet, with no logs, unmetered access for 6 simultaneous devices and access to 5,232 servers worldwide. They are currently running a promotion, but you'll have to use this link to find it. Its typical price has been discounted for 3 years of service -- a good deal at just $2.99 per month.  See the $2.99/month NordVPN deal here.

To read this article in full, please click here



Network World Security
Jan 17, 2019

Quantum-embedded chips could secure IoT
Microprocessors that are unique to each Internet of Things (IoT) device is the way forward in the ongoing and tricky quest to secure the IoT, says Crypto Quantique. One idea is that by making each chip one of a kind and unclonable, an application would become almost impossible to hack.

The U.K.-based startup says it has introduced "the world's most advanced security product for IoT devices." The microprocessor-based solution uses quantum physics, combined with cryptography, all embedded in silicon, it explained in a press release last October.

To read this article in full, please click here



Network World Security
Jan 14, 2019

Top 10 IoT vulnerabilities
Security questions have dogged the Internet of Things (IoT) since before the name was invented. Everyone from vendors to enterprise users to consumers is concerned that their fancy new IoT devices and systems could be compromised. The problem is actually worse than that, as vulnerable IoT devices can be hacked and harnessed into giant botnets that threaten even properly secured networks.

But what exactly are the biggest problems and vulnerabilities to avoid when building, deploying, or managing IoT systems? And, more to the point, what can we do to mitigate these issues?

To read this article in full, please click here



Network World Security
Jan 12, 2019

First step to becoming a cybersecurity pro: Linux
If you're contemplating a career in cybersecurity and haven't come up to speed on Linux, now's the time to get ramped up and here's one easy way to do it. This new book from No Starch Press was written with people like you in mind. Authored by OccupyTheWeb, Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali provides everything from basic Linux command line skills through to scripting, manipulating logging, network scanning, using and abusing system services, and remaining stealthy in the process.

Why Linux is important to security Because Linux is open source, tool developers (and you) have a level of access that is unsurpassed. Linux is transparent, and that means you can learn to manipulate it in ways that are not possible with most OSes. In addition (and undoubtedly for the reason just mentioned), most cybersecurity tools are written to run on Linux.

To read this article in full, please click here



Network World Security
Jan 12, 2019

First step to becoming a hacker: Linux!
If you're contemplating a career in cybersecurity and haven't come up to speed on Linux, now's the time to get ramped up and here's one easy way to do it. This new book from no starch press was written with people like you in mind. Authored by OccupyTheWeb, the force behind Hackers-Arise, Linux Basics for Hackers provides everything from basic Linux command line skills through to scripting, manipulating logging, network scanning, using and abusing system services, and remaining stealthy in the process.

Why Linux? Because Linux is open source, tool developers (and you) have a level of access that is unsurpassed. Linux is transparent and this means that you can learn to manipulate it in ways that are not possible with most OSes. In addition (and undoubtedly for the reason just mentioned), most cybersecurity tools are written to run on Linux.

To read this article in full, please click here



Network World Security
Jan 11, 2019

Oculeus anti-fraud offering protects against telecom system abuse
When most enterprise companies worry about having their systems hacked by attackers, the main concern is for the enterprise networks. Few companies consider that their phone systems may be vulnerable to hacking resulting in costly toll fraud. Nevertheless, the practice of hacking into corporate PBX systems and injecting fraudulent calls over the network is causing billions of dollars in damage worldwide every year.

Enterprise companies use modern PBX (private branch exchange) systems to run their communications. A PBX switches calls between enterprise users on local lines while allowing all users to share a certain number of external phone lines. Modern PBX systems work on the Session Initiation Protocol (SIP), which is a signaling protocol used for initiating, maintaining, and terminating real-time sessions that include voice, video, and messaging applications.

To read this article in full, please click here



Network World Security
Jan 11, 2019

Exploring the economic realities of cybersecurity insurance | Salted Hash Ep 43
Guest host Juliet Beauchamp talks with senior writer J.M. Porup about the newly created cybersecurity insurance industry, and how a policy could fit into an organization's overall security strategy to help minimize risk.

Network World Security
Jan 10, 2019

How edge computing can help secure the IoT
Data created by Internet of Things (IoT) sensors must be secured better, say some. A simple password-on-device solution is no longer sufficient thanks to increasing data protection regulations, a new public awareness of tracking, and hugely proliferating devices. 

A new kind of architecture using Security Agents should be aggressively built into local routers and networks to handle IoT security and computation rather than offloading the number-crunching to a data center or the cloud, or indeed trying to perform it on the resource-limited IoT device, IEEE researchers say. In other words, IoT security should be handled at the network level rather than device for best results.

To read this article in full, please click here



Network World Security
Jan 08, 2019

How ASLR protects Linux systems from buffer overflow attacks
Address Space Layout Randomization (ASLR) is a memory-protection process for operating systems that guards against buffer-overflow attacks. It helps to ensure that the memory addresses associated with running processes on systems are not predictable, thus flaws or vulnerabilities associated with these processes will be more difficult to exploit.

ASLR is used today on Linux, Windows, and MacOS systems. It was first implemented on Linux in 2005. In 2007, the technique was deployed on Microsoft Windows and MacOS. While ASLR provides the same function on each of these operating systems, it is implemented differently on each one.

The effectiveness of ASLR is dependent on the entirety of the address space layout remaining unknown to the attacker. In addition, only executables that are compiled as Position Independent Executable (PIE) programs will be able to claim the maximum protection from ASLR technique because all sections of the code will be loaded at random locations. PIE machine code will execute properly regardless of its absolute address.

To read this article in full, please click here



Network World Security
Jan 08, 2019

What does ASLR do for Linux?
Address Space Layout Randomization (ASLR) is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks. It helps to ensure that the memory addresses associated with running processes on systems are not predictable and, thus, flaws or vulnerabilities associated with these processes will be more difficult to exploit. ASLR is used today on Linux, Windows and MacOS systems. It was first implemented on Linux in 2005. In 2007, the technique was deployed on Microsoft Windows and MacOS. While ASLR provides the same function on each of these operating systems, it is implemented differently on each OS.

The effectiveness of ASLR is dependent on the entirety of the address space layout remaining unknown to the attacker. In addition, only executables that are compiled as Position Independent Executable (PIE) programs will be able to claim the maximum protection from ASLR technique because all sections of the code will be loaded at random locations. PIE machine code will execute properly regardless of its absolute address.

To read this article in full, please click here



Network World Security
Jan 07, 2019

ICANN housecleaning revokes old DNS security key
The Internet Corporation for Assigned Names and Numbers (ICANN) this week will do some important housecleaning from its successful, first-ever cryptographic key change performed last October.

In October, ICANN rolled out a new, more secure root zone Key Signing Key -2017 (KSK-2017), but the process wasn't complete because the old key, KSK-2010 remained in the zone. On Jan. 10, ICANN will revoke the old key and remove it from the root zone. The KSK helps protect the internet's address book — the Domain Name System (DNS) and overall Internet security.

To read this article in full, please click here



Network World Security
Jan 07, 2019

ICANN housecleaning will revoke old DNS security key this week
The Internet Corporation for Assigned Names and Numbers will this week do some important housecleaning from its successful, first-ever cryptographic key change performed last October.

In October ICANN rolled out a new, more secure root zone Key Signing Key -2017 (KSK-2017) but the process wasn't complete as the old key, KSK-2010 remained in the zone. On January 10 ICANN will revoke the old key and remove it from the root zone. The KSK helps protect the internet's address book - the Domain Name System (DNS) and overall Internet security.

To read this article in full, please click here



Network World Security
Jan 02, 2019

Six IoT predictions for 2019
This time of year, it can seem like the world is swimming in predictions for the new year, and the Internet of Things (IoT) is no exception. In fact, in fast-evolving areas like IoT, multitudes of trends and opportunities and challenges are in play, making predictions ridiculously easy — just about anything can happen, and probably will.

[ Also read: Gartner's top 10 IoT trends for 2019 and beyond | Get regularly scheduled insights: Sign up for Network World newsletters ] So, my goal here is to identify a set of IoT predictions that are both likely to happen … and likely to have a significant impact on the development and implementation of the technology.

To read this article in full, please click here



Network World Security
Dec 21, 2018

Cisco patches a critical patch on its software license manager
Cisco this week said it patched a "critical" patch for its Prime License Manager (PLM) software that would let attackers execute random SQL queries.

The Cisco Prime License Manager offers enterprise-wide management of user-based licensing, including license fulfillment.

RELATED: What IT admins love/hate about 8 top network monitoring tools Released in November, the first version of the Prime License Manager patch caused its own "functional" problems that Cisco was then forced to fix. That patch, called ciscocm.CSCvk30822_v1.0.k3.cop.sgn addressed the SQL vulnerability but caused backup, upgrade and restore problems, and should no longer be used Cisco said.

To read this article in full, please click here



Network World Security
Dec 21, 2018

Cisco patches a critical patch on its software-license manager
Cisco this week said it patched a "critical" patch for its Prime License Manager (PLM) software that would let attackers execute random SQL queries.

The Cisco Prime License Manager offers enterprise-wide management of user-based licensing, including license fulfillment.

RELATED: What IT admins love/hate about 8 top network monitoring tools Released in November, the first version of the Prime License Manager patch caused its own "functional" problems that Cisco was then forced to fix. That patch, called ciscocm.CSCvk30822_v1.0.k3.cop.sgn addressed the SQL vulnerability but caused backup, upgrade and restore problems, and should no longer be used Cisco said.

To read this article in full, please click here



Network World Security
Nov 30, 2018

10 of the coolest and wackiest tech stories of 2018
It's not necessarily easy to pick the coolest and wackiest tech stories of the year, especially when you have so much to choose from. Rather than trying to be all- inclusive as we have done in the past, see (here and here and here) we have tried to more "exclusive."  Have fun!

To read this article in full, please click here



Network World Security
Nov 27, 2018

What will be hot for Cisco in 2019?
Software, software and more software.  That seems to be the mantra for Cisco in 2019 as the company pushes software-defined WANs, cloud partnerships, improved application programs and its over-arching drive to sell more subscription-based software licenses.

As the year closed on Cisco's first quarter 2019 financials the company was indeed touting its software growth saying subscriptions were 57% of total software revenue, up five points year-over-year, and its application software businesses was up 18 percent to $1.42 billion. The company also said its security business, which is mostly software,  rose 11 percent year-over-year to $651 million.

[ Check out What is hybrid cloud computing and learn what you need to know about multi-cloud. | Get regularly scheduled insights by signing up for Network World newsletters. ] And that's not to mention the company's total  product revenue was up 9% to $9.9 billion which included a 9 percent growth in its switching and router business to $7.64 billion.

To read this article in full, please click here



Network World Security
Nov 20, 2018

DNS over HTTPS seeks to make internet use more private
Unauthorized interception of DNS traffic provides enough information to ascertain internet users' thoughts, desires, hopes and dreams.  Not only is there concern for privacy from nearby nosey neighbors, but governments and corporations could use that information to learn about individuals' internet behavior and use it to profile them and their organization for political purposes or target them with ads. 

Efforts like the DNS Privacy Project aim to raise awareness of this issue and provide pointers to resources to help mitigate these threats.

To read this article in full, please click here

(Insider Story)

Network World Security
Nov 16, 2018

Securing the IoT has become business-critical
The IoT era has arrived.

Here's some proof: 83% of organizations say the Internet of Things (IoT) is important to business today, and 92% say it will be in two years.

That's according to a recent DigiCert survey conducted by ReRez Research of 700 organizations in five countries to better understand the IoT and IoT security.

Anecdotally, I always find that markets have matured when it's no longer an unusual thing. For example, a few years ago, it was hard to find IoT deployments that were outside of the traditional machine-to-machine industries such as manufacturing and oil and gas. Today, connected things are everywhere. Case in point: I recently interviewed the IT director at an entertainment venue and he walked me through all the connected things without ever saying "IoT." The organization was connecting more things to improve customer experience, and it was treated as no big deal.

To read this article in full, please click here



Network World Security
Nov 15, 2018

The perils of using voice commands with IoT machines
Earlier this week, German carmaker Volkswagen announced an upgrade to its VW Car-Net mobile app that lets iPhone users control their Golfs and Jettas using Siri commands. Specifically, iPhone users on iOS 12 can say, "Hey, Siri" to lock and unlock the car, check estimated range remain, flash the warning lights, and toot the horn. You can also add Shortcuts to Siri with personalized phrases to start/stop charging, defrosting, and climate controls; set the temperature; and even ask, "Where is my car?"

Woo-hoo, pretty exciting right? Not in most cases, actually, but the announcement got me thinking about the limits and perils of voice commands in automotive applications.

To read this article in full, please click here



Network World Security
Nov 15, 2018

Download Malwarebytes Today and Protect Your Data for Free
Everyone lives on the internet, period. Whether you're streaming a standup special on Netflix, answering emails from your boss, chatting on Tinder, or completing everyday errands like paying bills online, you're likely spending most of your day tangled up in the world wide web.

Unfortunately, that makes you a high-risk candidate for a cyber attack at some point along the way, be it through malware, phishing, or hacking. Best-case scenario, it sucks up your time to fix (or your money by paying someone else to fix it). Worst case scenario, it puts you and your computer out of commission for days and damages your files beyond repair. Not to mention the sheer terror of knowing some hacker has complete and total access to virtually everything about you, including all of your banking and credit card information. Malwarebytes is a free program built to help you avoid the above scenarios altogether — and it makes traditional antivirus look old, tired, and played out (seriously it's free,

Network World Security
Nov 13, 2018

GPUs are vulnerable to side-channel attacks
Computer scientists at the University of California at Riverside have found that GPUs are vulnerable to side-channel attacks, the same kinds of exploits that have impacted Intel and AMD CPUs.

Two professors and two students, one a computer science doctoral student and a post-doctoral researcher, reverse-engineered a Nvidia GPU to demonstrate three attacks on both graphics and computational stacks, as well as across them. The researchers believe these are the first reported side-channel attacks on GPUs.

[ Read also: What are the Meltdown and Spectre exploits? | Get regularly scheduled insights: Sign up for Network World newsletters ] A side-channel attack is one where the attacker uses how a technology operates, in this case a GPU, rather than a bug or flaw in the code. It takes advantage of how the processor is designed and exploits it in ways the designers hadn't thought of.

To read this article in full, please click here



Network World Security
Nov 13, 2018

Get 90% Off Your First Year of RemotePC, Up To 50 Computers for $6.95
iDrive has activated a significant discount on their Remote access software RemotePC in these days leading into Black Friday. RemotePC by iDrive is a full-featured remote access solution that lets you connect to your work, home or office computer securely from anywhere, and from any iOS or Android device. Right now, their 50 computer package is 90% off or just $6.95 for your 1st year. If you've been thinking about remote access solutions, now is a good time to consider RemotePC.

Network World Security
Nov 09, 2018

What is Transport Layer Security (TLS)?
Despite the goal of keeping Web communications private, flaws in the design and implementation of Transport Layer Security have led to breaches, but the latest version - TLS 1.3 - is an overhaul that strengthens and streamlines the crypto protocol.

What is TLS? TLS is a cryptographic protocol that provides end-to-end communications security over networks and is widely used for internet communications and online transactions. It is an IETF standard intended to prevent eavesdropping, tampering and message forgery. Common applications that employ TLS include Web browsers, instant messaging, e-mail and voice over IP.

To read this article in full, please click here



Network World Security
Nov 02, 2018

What is WPA3? And some gotchas to watch out for in this Wi-Fi security upgrade
The Wi-Fi Alliance has introduced the first major security improvement to Wi-Fi in about 14 years: WPA3. The most significant additions to the new security protocol are greater protection for simple passwords, individualized encryption for personal and open networks, and even more secure encryption for enterprise networks.

The original Wi-Fi Protected Access (WPA) standard was released back in 2003 to replace WEP, and the second edition of WPA came the year after. The third edition of WPA is a long-awaited and much-welcomed update that will benefit Wi-Fi industry, businesses, and the millions of average Wi-Fi users around the world—even though they might not know it.

To read this article in full, please click here



Network World Security
Nov 02, 2018

What is WPA3? Wi-Fi security protocol strengthens connections
The Wi-Fi Alliance has introduced the first major security improvement to Wi-Fi in about 14 years: WPA3. The most significant additions to the new security protocol are greater protection for simple passwords, individualized encryption for personal and open networks, and even more secure encryption for enterprise networks.

The original Wi-Fi Protected Access (WPA) standard was released back in 2003 to replace WEP, and the second edition of WPA came the year after. The third edition of WPA is a long-awaited and much-welcomed update that will benefit Wi-Fi industry, businesses, and the millions of average Wi-Fi users around the world—even though they might not know it.

To read this article in full, please click here



Network World Security
Oct 30, 2018

What is a firewall? How they work and all about next-generation firewalls
A firewall is a network device that monitors packets going in and out of networks and blocks or allows them according to rules that have been set up to define what traffic is permissible and what traffic isn't.

There are several types of firewalls that have developed over the years, becoming progressively more complex over time and taking more parameters into consideration when determining whether traffic should or should not be allowed to pass. The most modern are commonly known as next-generation firewalls (NGF) and incorporate many other technologies beyond packet filtering.

[ Also see What to consider when deploying a next generation firewall. | Get regularly scheduled insights by signing up for Network World newsletters. ] Initially placed at the boundaries between trusted and untrusted networks, firewalls are now also deployed to protect internal segments of networks, such as data centers, from other segments of organizations' networks.

To read this article in full, please click here



Network World Security
Oct 30, 2018

The recent right-to-repair smartphone ruling will also affect farm and industrial equipment
Last week, the tech press made a big deal out of a ruling by the Librarian of Congress and the U.S. Copyright Office to allow consumers to break vendors' digital rights management (DRM) schemes in order to fix their own smartphones and digital voice assistants. According to The Washington Post, for example, the ruling — which goes into effect Oct. 28 — was a big win for consumer right-to-repair advocates. 

To read this article in full, please click here



Network World Security
Oct 30, 2018

Right-to-repair smartphone ruling loosens restrictions on industrial, farm IoT
Last week, the tech press made a big deal out of a ruling by the Librarian of Congress and the U.S. Copyright Office to allow consumers to break vendors' digital rights management (DRM) schemes in order to fix their own smartphones and digital voice assistants. According to The Washington Post, for example, the ruling — which goes into effect Oct. 28 — was a big win for consumer right-to-repair advocates. 

To read this article in full, please click here



Network World Security
Oct 23, 2018

The best enterprise level firewalls: Rating 10 top products
You know you need to protect your company from unauthorized or unwanted access. You need a network-security tool that examines the flow of packets in and out of the enterprise, governed by rules that decide whether that flow is safe, malicious or questionable and in need of inspection. You need a firewall.

Recognizing that you need a firewall is the first - and most obvious -- step. The next crucial step in the decision-making process is determining which firewall features and policies best-suit your company's needs.

Today's enterprise firewalls must be able to secure an increasingly complex network that includes traditional on-premises data center deployments, remote offices and a range of cloud environments. Then you have to implement and test the firewall once it's installed. Perhaps the only element more complex than configuring, testing and managing a next-generation firewall is the decision-making process regarding which product to trust with your enterprise security.

To read this article in full, please click here

(Insider Story)

Network World Security
Oct 18, 2018

How to use the Shodan search engine to secure an enterprise's internet presence
Shodan, a search engine for all ports within the internet, can help enterprises identify and lock down security vulnerabilities. Senior writer J.M. Porup and content producer Juliet Beauchamp talk through the security scenarios.

Network World Security
Oct 12, 2018

ICANN's internet DNS security upgrade apparently goes off without a glitch
So far so good.  That's the report from Internet Corporation for Assigned Names and Numbers (ICANN) as it rolled out the first-ever changing of the cryptographic key that helps protect the internet's address book - the Domain Name System (DNS) on Oct. 11.

The change is central to ICANN's project to upgrade the top pair of cryptographic keys used in the Domain Name System Security Extensions (DNSSEC) protocol — commonly known as the root zone key signing key (KSK)  -- which secures the Internet's foundational servers. This so-called  root KSK rollover from the 2010 KSK to the 2017 KSK was supposed to take place almost a year ago but was delayed until Oct. 11 of this year because of concerns it might disrupt internet connectivity to significant numbers of web users.

To read this article in full, please click here



Network World Security
Oct 12, 2018

How secure are electronic voting machines? | Salted Hash Ep 48
With the midterm elections looming, electronic voting machines are getting increased scrutiny. J.M. Porup, senior writer at CSO, sits in the hosts chair this episode, breaking down the security risk with content producer Juliet Beauchamp.

Network World Security
Oct 12, 2018

Regulating the IoT: A conversation with Bruce Schneier | Salted Hash Ep 49
Security expert and author Bruce Schneier talks with senior writer J.M. Porup about that widespread use of connected chips -- allowing hackers to access cars, refrigerators, toys and soon, even more home consumer items.

Network World Security
Oct 12, 2018

Talking DerbyCon, Chinese whispers and Google's data breach | Salted Hash Ep 47
Steve Ragan and J.M. Porup catch up post-DerbyCon conference to discuss psychological issues in the infosec community, supply chain security and whether it's time to make China the boogeyman again, as well as Google's recent data breach.

Network World Security
Oct 12, 2018

Talking DerbyCon, spy chip whispers and Google's data breach | Salted Hash Ep 47
Steve Ragan and J.M. Porup catch up post-DerbyCon conference to discuss psychological issues in the infosec community, supply chain security and whether it's time to make China the boogeyman again, as well as Google's recent data breach.

Network World Security
Oct 11, 2018

Mingis on Tech: Data breaches in a world of 'surveillance capitalism'
Facebook and Google recently acknowledged data breaches affecting millions of users. This won't be the last time that happens. CSO's J.M. Porup and Computerworld's Ken Mingis examine what's really going.

Network World Security
Oct 04, 2018

IDG Contributor Network: Identity awareness: it's more than just a packet
It was about 20 years ago when I plugged my first Ethernet cable into a switch. It was for our new chief executive officer. Little did she know that she was about to share her traffic with most others on the first floor. At that time being a network engineer, I had five floors to be looked after.

Having a few virtual LANs (VLANs) per floor was a common design practice in those traditional days. Essentially, a couple of broadcast domains per floor were deemed OK. With the VLAN-based approach, we used to give access to different people on the same subnet. Even though people worked at different levels but if in the same subnet, they were all treated the same.

To read this article in full, please click here



Network World Security
Oct 01, 2018

Cisco sets $2.3B deal for unified access, multi-factor authentication security firm Duo
Cisco said today it had closed the $2.35 billion deal it made for network identity, authentication security company Duo.

According to Cisco, Duo's zero trust security model authorizes secure connections to all applications based on the trustworthiness of users and devices. Duo's cloud-delivered technology lets IT professionals set and enforce risk-based, adaptive access policies and get enhanced visibility into users' devices and activities.  As more devices come onto the network remotely this issue takes on more importance.

"Outdated devices are particularly vulnerable to being compromised, which can easily spiral into a full-blown, major breach," wrote Richard Archdeacon, Duo Advisory CISO about a recent Duo study on remote access security.   "Organizations don't necessarily need to block individuals from using their personal devices, but they do need to re-shape their security models to fit these evolving working practices…If you don't know what's connecting to the network, how can you protect data from being compromised? "

To read this article in full, please click here



Network World Security
Sep 27, 2018

Cisco unearths 13 "High Impact" IOS vulnerabilities you need to patch now
Cisco today exposed 13 vulnerabilities in its IOS and IOS XE switch and router operating software that the company said should be patched as soon as possible.

The vulnerabilities were detailed in Cisco's twice-yearly dump of IOS exposures. All have a High Impact security rating and fixes should be evaluated by users quickly.

[ Also see Invaluable tips and tricks for troubleshooting Linux. ] The company said this particular batch of issues could let an attacker gain elevated privileges for an affected device or cause a denial of service (DoS) on an affected device.

To read this article in full, please click here



Network World Security
Sep 27, 2018

Cisco unearths 13 'High Impact' IOS vulnerabilities you need to patch now
Cisco today exposed 13 vulnerabilities in its IOS and IOS XE switch and router operating software that the company said should be patched as soon as possible.

The vulnerabilities were detailed in Cisco's twice-yearly dump of IOS exposures. All have a High Impact security rating, and fixes should be evaluated by users quickly.

[ Also see Invaluable tips and tricks for troubleshooting Linux. ] The company said this particular batch of issues could let an attacker gain elevated privileges for an affected device or cause a denial of service (DoS) on an affected device.

To read this article in full, please click here



Network World Security
Sep 21, 2018

Apple's dropping Back To My Mac Remote Access. Here's an Alternative, Currently Discounted.
Apple is dropping the Back To My Mac remote access feature, and in a recent support document they urge you to be prepared by looking for alternatives.

RemotePC by iDrive is a full-featured remote access solution that lets you connect to your work or office computer securely from anywhere, and from any iOS or Android device. Right now, their 50 computer package is 90% off or just $6.95 for your 1st year. So if you need an alternative to Back To My Mac, or have been thinking about remote access, now is a good time to consider RemotePC. Learn more about it here.



Network World Security
Sep 19, 2018

ICANN sets plan to reinforce Internet DNS security
In a few months, the Internet will be a more secure place. 

That's because the Internet Corporation for Assigned Names and Numbers (ICANN) has voted to go ahead with the first-ever changing of the cryptographic key that helps protect the Internet's address book - the Domain Name System (DNS). 

[ Now see the hidden cause of slow internet and how to fix it.] The ICANN Board at its meeting in Belgium this week, decided to proceed with its plans to change or "roll" the key for the DNS root on October 11, 2018. It will mark the first time the key has been changed since it was first put in place in 2010.

To read this article in full, please click here



Network World Security
Sep 07, 2018

IDG Contributor Network: Visibility is key for devops and the hybrid cloud
Cloud has undoubtedly become a key component of successful business in recent years, especially when you consider the race to digitally transform. Across the globe, companies are moving their applications and services to the cloud and are consequently reaping the benefits of lower capex and opex as a result.

However, with this process, cloud migration is only a beginning for any organization's digital transformation (DX) journey. If harnessed correctly, cloud is a pillar of innovation for DX, and can be a driving force for new business models and use cases that - even a few years ago - weren't possible. No one knows this better than devops teams; these teams hold the line when it comes to continuous delivery and deployment, and it therefore stands to reason that devops play a crucial role in the digital transformation journey. In practice however, the decision makers in charge of cloud strategies are rarely those in the bowels of the ship.

To read this article in full, please click here



Network World Security
Sep 05, 2018

What to expect when the Internet gets a big security upgrade
Ready or not, the upgrade to an important Internet security operation may soon be launched.  Then again, it might not.

The Internet Corporation for Assigned Names and Numbers (ICANN) will meet the week of September 17 and will likely decide whether or not to give the go ahead on its multi-year project to upgrade the top pair of cryptographic keys used in the Domain Name System Security Extensions (DNSSEC) protocol - commonly known as the root zone key signing key (KSK) -  which secures the Internet's foundational servers.

RELATED: Firewall face-off for the enterprise Changing these keys and making them stronger is an essential security step, in much the same way that regularly changing passwords is considered a practical habit by any Internet  user, ICANN says. The update will help prevent certain nefarious activities such as attackers taking control of a session and directing users to a site that for example might steal their personal information.

To read this article in full, please click here



Network World Security
Aug 31, 2018

VirusTotal Intelligence, a search engine for malware | Salted Hash Ep 45
In this episode, host Steve Ragan talks with Karl Hiramoto, technical solutions consultant for VirusTotal, maker of VirusTotal Intelligence, a searchable detection tool for malware.

Network World Security
Aug 28, 2018

VMware sharpens security focus with vSphere Platinum, ‘adaptive micro-segmentation'
VMware is expanding its security range with a new version of its virtualization software that has security integrated into the hypervisor.

"Our flagship VMware vSphere product now has AppDefense built right in," VMware CEO Pat Gelsinger told the audience at VMworld 2018, which kicked off this week in Las Vegas. "Platinum will enable virtualization teams - you - to give an enormous contribution to the security profile of your enterprise."

[See our review of VMware's vSAN 6.6 and check out IDC's top 10 data center predictions. Get regularly scheduled insights by signing up for Network World newsletters] Announced one year ago, AppDefense is VMware's data-center endpoint-security product, designed to protect applications running in virtualized environments. AppDefense uses machine learning and behavioral analytics to understand how an application is supposed to behave, and it detects threats by monitoring for changes to the application's intended state.

To read this article in full, please click here



Network World Security
Aug 23, 2018

Detecting bot attacks | Salted Hash Ep 44
In this episode, host Steve Ragan talks with Engin Akyol, CTO at Distil Networks at the Black Hat 2018 conference, about bot account takeovers and how they can be detected.

Network World Security
Aug 20, 2018

IDG Contributor Network: Security serves as an essential component to growing an enterprise with SD-WAN
As enterprises endeavor to expand domestic and global footprints, agile network infrastructure connectivity across geographies continues to prove an ongoing challenge. In particular, ensuring that data shared over these networks is protected from unauthorized access is a primary directive in today's evolving cyber threat landscape. These often-contradictory demands call for IT decision makers to invest in innovation that will facilitate network flexibility and agility without compromising security, productivity or performance.

This challenge begs a simple question. How can a WAN deliver the flexibility and agility necessary to help an organization grow without increasing exposure to data breaches and other security problems? After all, if the cost of convenience is increased network vulnerabilities, can it be considered a sound approach?

To read this article in full, please click here



Network World Security
Aug 17, 2018

What is Nmap? Why you need this network mapper
Network administrators, IT managers and security professionals face a never-ending battle, constantly checking on what exactly is running on their networks and the vulnerabilities that lurk within. While there is a wealth of monitoring utilities available for network mapping and security auditing, nothing beats Nmap's combination of versatility and usability, making it the widely acknowledged de facto standard.

What is Nmap? Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.

To read this article in full, please click here



Network World Security
Aug 16, 2018

How to protect your infrastructure from DNS cache poisoning
Domain Name System (DNS) is our root of trust and is one of the most critical components of the internet. It is a mission-critical service because if it goes down, a business's web presence goes down.

DNS is a virtual database of names and numbers. It serves as the backbone for other services critical to organizations. This includes email, internet site access, voice over internet protocol (VoIP), and the management of files.

You hope that when you type a domain name that you are really going where you are supposed to go. DNS vulnerabilities do not get much attention until an actual attack occurs and makes the news. For example, in April 2018, public DNS servers that managed the domain for Myetherwallet were hijacked and customers were redirected to a phishing site. Many users reported losing funds out of their account, and this brought a lot of public attention to DNS vulnerabilities.

To read this article in full, please click here



Network World Security
Aug 15, 2018

How the L1 Terminal Fault vulnerability affects Linux systems
Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or "L1 Terminal Fault" is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?

L1TF, L1 Terminal Fault, and Foreshadow The processor vulnerability goes by L1TF, L1 Terminal Fault, and Foreshadow. Researchers who discovered the problem back in January and reported it to Intel called it "Foreshadow". It is similar to vulnerabilities discovered in the past (such as Spectre).

This vulnerability is Intel-specific. Other processors are not affected. And like some other vulnerabilities, it exists because of design choices that were implemented to optimize kernel processing speed but exposed data in ways that allowed access by other processes.

To read this article in full, please click here



Network World Security
Aug 10, 2018

Blue Team Village, DEF CON 2018 | Salted Hash Ep 43
Host Steve Ragan talks to Munin, a staffer at the DEF CON Blue Team Village about what's happening and what you can expect.

Network World Security
Aug 10, 2018

Blue Team village, Deffcon 2018 | Salted Hash Ep. 43
Host Steve Ragan talks to Munin, a staffer at the DEF CON Blue Team Village about what's happening and what you can expect.

Network World Security
Aug 09, 2018

The rise of next-generation network packet brokers
Network packet brokers (NPB) have played a key role in helping organizations manage their management and security tools. The tool space has exploded, and there is literally a tool for almost everything. Cybersecurity, probes, network performance management, forensics, application performance, and other tools have become highly specialized, causing companies to experience something called "tool sprawl" where connecting a large number of tools into the infrastructure creates a big complex mesh of connections.

Ideally, every tool would receive information from every network device, enabling it to have a complete view of what's happening, who is accessing what, where they are coming in from, and when events occurred.

To read this article in full, please click here



Network World Security
Aug 08, 2018

Chip maker TSMC will lose millions for not patching its computers
Taiwanese chip-making giant Taiwan Semiconductor Manufacturing Co. (TSMC), whose customers include Apple, Nvidia, AMD, Qualcomm, and Broadcom, was hit with a WannaCry infection last weekend that knocked out production for a few days and will cost the firm millions of dollars.

Most chip companies are fabless, meaning they don't make their own chips. It's a massively expensive process, as Intel has learned. Most, like the aforementioned firms, simply design the chips and farm out the manufacturing process, and TSMC is by far the biggest player in that field.

CEO C.C. Wei told Bloomberg that TSMC wasn't targeted by a hacker; it was an infected production tool provided by an unidentified vendor that was brought into the company. The company is overhauling its procedures after encountering a virus more complex than initially thought, he said.

To read this article in full, please click here



  • CEOExpress
  • 1 Boston Place | Suite 2600
    Boston MA 02108
  • 617 482 1200
    617 299 8649 (fax)
  • Contact
  • As an Amazon Associate
    CEOExpress earns from
    qualifying purchases.

©1999-2019 CEOExpress Company LLC