No one can completely avoid risk when it comes to their network security, but there are steps that you can take to minimize your organization's vulnerability. In this blog post, we will discuss 10 ways to reduce your network security risk.
A few weeks ago, a cybersecurity analyst unexpectedly discovered that he could dump files from the hotel network system where he was staying in Qatar to his own computer using the sync tool (used for file synchronization). Through an HSMX Gateway, he managed to access a welter of sensitive data held on an FTP server used for backup purposes. This included personal information on guests such as their room numbers, emails, and cell phone numbers.
In our new threat briefing report, Forescout’s Vedere Labs presents the most detailed public technical analysis of Industroyer2 and INCONTROLLER (also known as PIPEDREAM), the newest examples of ICS-specific malware that were disclosed to the public almost simultaneously, on April 12 and 13. Thankfully, both Industroyer2 and INCONTROLLER were caught before causing physical disruption.
Digital transformation has ushered in interconnected networks that enable information sharing and collaboration. That’s great for efficiency and productivity, but many networks are flat, leaving organizations susceptible to cyberthreats that can move laterally, even across distributed environments, enabling hackers to exploit openings and pivot into their most valuable data.
BPF (not eBPF), typically viewed from a defender/sysadmin’s perspective, provides easy access to network packets and the ability to take actions via programs written based on custom filters BEFORE they ever reach a (local) firewall. This same power, according to the PWC report and pending conference talk, was leveraged by a threat actor named Red Menshen, where the attackers have used BPFDoor technique to gain stealthy remote access to compromised devices from at least 2018 to the present.
People commonly think that any “Internet Connection” is exactly the same, or they may be vaguely aware that some connections are faster than others. However, there are significant differences between the connections. While these differences may not matter to someone who just wants to browse websites and read email, they can be significant or even showstoppers for more advanced users or s. This is especially true for anyone looking to do security testing or vulnerability scanning.
