Most people working for organizations have been exposed at some point in their careers to security awareness programs. Some of these programs are well-executed and delivered, while others consist of a disinterested security person talking through slides for 45 minutes. I’ve seen many good security awareness programs over the years, and at the same time, […]
KPMG: Cyber Security Risk Is Now No. 1 Threat To Growth
KPMG in the UK just released their CEO 2021 Outlook Pulse Survey where global leaders were asked about their 3-year outlook. CEOs of the world’s most influential companies are planning what a return to ‘normal’ will look like. Nearly half (45 percent) expect normality to resume in 2022, with only one-third (31 percent) anticipating a […]
Top Predictions in Service Provider Networks for 2021
The Fanciful and Serious Predictions of Post-pandemic Impact 2020 has been a challenging year for the entire world. Between the pandemic, shutdowns, wildfires and other natural disasters, most of us will look forward to a new year in 2021. Here are a few light-hearted predictions plus some more thoughtful reflections on what’s to come in […]
What’s so bad about the NXNSAttack DNS Amplification Attack?
How did NXNSAttack Against DNS Services get Noticed? In May 2020, the NXNSAttack was identified as a new DDoS attack on DNS servers by the cybersecurity researchers at Tel Aviv University. The NXNSAttack exploits the vulnerability at recursive DNS resolvers and triggers an amplification attack to other recursive DNS servers and authoritative DNS servers by […]
IT security: Disrupting the cybersecurity kill chain by detecting domain reconnaissance
Cyberattacks are a growing threat, and organizations are investing time and money in security strategies to make certain that their infrastructures are secure. Active Directory (AD) is a constant target for compromise, as it’s at the core of any organization’s security — it handles authentication and authorization for all users in an organization. Hardening the […]
IT security: PowerShell as a cyberattack tool
Tools and features introduced with the intention of benefiting and empowering an organization can sometimes end up being misused. PowerShell is a classic example. PowerShell is a more powerful command-line interface that combines the old Command Prompt (CMD) functionality with a built-in scripting environment that can be leveraged to gain unprecedented access to a machine’s […]
Five worthy reads: Insider threats—what’s in the cards for 2020?
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we explore the growing landscape of insider threats, and what organizations could do to equip themselves against these threats in 2020. Insider threats are increasingly becoming common knowledge among organizations preparing to foolproof their […]
Next Generation Firewalls May Not Stop Malware
Best Defense Against Malicious Encrypted Traffic Bad actors and malicious insiders are concealing threats in encrypted traffic in an attempt to steal sensitive data. In fact, it is predicted that as much as 70% of cyberattacks will use encryption as part of their delivery mechanism by 2019. Meanwhile, the use of encryption is growing rapidly. […]
What Are You Doing to Inspect Encrypted Traffic? [Video]
Adversaries are using sophisticated tactics to bypass security defenses and infiltrate networks. Along with employing HTTPS, they’ve begun using SSH and other advanced protocols for data exfiltration. SSH, for example, is often used for remote management access because it performs well. Adversaries now use remote desktop protocol (RDP) and data exfiltration over SSH. And when […]
Security for Intent-Based Networking
Networks have become more massive and complex than ever before. This year at Cisco Live US, people were talking about managing and defending networks at scale. Chuck Robbins, CEO of Cisco, said that 2.1 billion machine-to-machine connections have been added to the internet in the past year, and 27 billion more connections are expected to […]