Network Security
Network Security | News, how-tos, features, reviews, and videos
Hashcat explained: Why you might need this password cracker
Hashcat is a popular and effective password cracker widely used by both penetration testers and sysadmins as well as criminals and spies.
Updated
Best new Windows 10 security features: Passwordless authentication, Chromium-based Edge support
Here's what you need to know about each security update to Windows 10 as they roll out from Microsoft. Now updated for the 2004 feature release.
Attacks against internet-exposed RDP servers surging during COVID-19 pandemic
Two new reports show a dramatic increase in cyber attacks that target open RDP ports as more people work remotely.
4 tips for protecting users from COVID-19-targeted attacks
Remote users in particular are vulnerable to coronavirus-themed phishing attempts, malicious domains, and repurposed malware. Protect them with these basic steps.
Google enters zero-trust market with BeyondCorp Remote Access offering
Google makes its internal zero-trust access infrastructure available to anyone on a subscription basis as an alternative to VPNs.
SOC analyst job description, salary, and certification
A SOC analyst is a cybersecurity professional who works as part of a team to monitor and fight threats to an organization's IT infrastructure, and to assess security systems and measures for weaknesses and possible improvements.
Threat modeling explained: A process for anticipating cyber attacks
Threat modeling is a structured process through which IT pros can identify potential security threats and vulnerabilities, quantify the seriousness of each, and prioritize techniques to mitigate attack and protect IT resources.
Attack campaign hits thousands of MS-SQL servers for two years
Newly discovered Vollgar attack uses brute force to infect vulnerable Microsoft SQL servers at a high rate.
Securing Windows and Office in a time of COVID-19: update policies, remote options
Delayed updates and a rush to support remote workers have forced IT and security teams to scramble. This information and advice will help them better deal with the crisis.
COVID-19 offers a unique opportunity to pilot zero trust, rapidly and at scale
A zero-trust model addresses many of the security concerns around supporting large numbers of remote workers, and new vendor free trials make fast deployment possible.
Open-source options offer increased SOC tool interoperability
Too many security tools in your SOC, and none of them talk to each other, but new vendor-supported open-source projects might lead to greater interoperability.
Lack of firmware validation for computer peripherals enables highly persistent attacks
Vulnerabilities in unvalidated peripheral firmware such as WiFi adapters, cameras, and network interface controllers give attackers control over systems.
Backdoors and Breaches incident response card game makes tabletop exercises fun
New Backdoors and Breaches card game makes it easy to build a random, realistic incident as part of a tabletop exercise.
Updated
Security software reviews, 2019: Lab tests of today's top tools
We go hands-on with some of the most innovative, useful and, arguably, best security software on the market.
Global threat groups pose new political and economic dangers
Nation-state players in Iran, North Korea, Saudi Arabia and Russia are getting new objectives and changing strategies, say experts.
Misconfigured WS-Discovery in devices enable massive DDoS amplification
Researchers were able to achieve amplification rates of up to 15,300%. Some mitigations are possible.
New NetCAT CPU side-channel vulnerability exploitable over the network
NetCAT takes advantage of Intel DDIO technology to remotely execute keystroke timing attacks.
