Discover Network Security News
Segmenting for security: Five steps to protect your network
Relying on a DMZ to protect your network and data is like putting money in a bank that depends on one guard and a single gate to secure its deposits. Imagine how tempting all those piles of money would be to those who had access
Exploiting MS14-068 - just another pentest
This is a short post on how to exploit MS14-068 on Linux. This came up on my recent internal infrastructure engagement. The primary DC was a vulnerable Windows 2008 R2 SP1 server.
How the cloud is changing the security game
Cloud computing offers many advantages, but with those benefits come a new range of security concerns.
DDoS attackers turn fire on ISPs and gaming servers
DDoS attackers seem to have switched their attention from banks to gaming hosts, ISPs and even enterprises, half-year figures from Chinese mitigation vendor NSFOCUS have confirmed.
Middle-School Dropout Codes Clever Chat Program That Foils NSA Spying
The National Security Agency has some of the brightest minds working on its sophisticated surveillance programs, including its metadata collection efforts. But a new chat program designed by a middle-school dropout in his spare time may turn out to be one of the best solutions to thwart those efforts.
Cloud security: We're asking the wrong questions
In the wake of the celebrity photo breach, the media is humming with stories disparaging the safety of the cloud. Many longtime cloud critics are crowing, "I told you so!" and waiting for the world to go back to on-premises solutions only.
Boffins build FREE SUPERCOMPUTER from free cloud server trials
Researchers Rob Ragan and Oscar Salazar have built a free LiteCoin-mining botnet that generates $US1750 a week using free cloud signup promotions.
Attackers raid SWISS BANKS with DNS and malware bombs
Attackers suspected of residing in Russia are raiding Swiss bank accounts with a multi-faceted attack that intercepts SMS tokens and changes domain name system settings, researchers have warned.
Evernote, Deezer and Feedly fess up to DDoS attacks
EVERNOTE, DEEZER AND FEEDLY have revealed that they have been struck by hackers, with the firms admitting on Tuesday to having suffered distributed denial of service (DDoS) attacks.
Want 'perfect' security? Then threat data must be shared
Here's a surprise for you: We actually have a fairly good understanding of who is attacking us on the Internet and why. Various entities know not only which groups are doing the attacking, but also the names of the people in those groups. They know where they live, who their family members are, where they went to school, and when they go on vacation.
DNS-Based Amplification Attacks Key on Home Routers
DNS providers Nominum have published new data on DNS-based DDoS amplification attacks that are using home and small office routers as a jumping off point.
Hypervisors: The cloud's potential security Achilles heel
A cloud is only as secure as the hypervisors that support its virtual machines and how secure are those? That's a darn good question and one we tend to avoid looking at.
Hackers hijack 300,000-plus wireless routers, make malicious changes
Researchers said they have uncovered yet another mass compromise of home and small-office wireless routers, this one being used to make malicious configuration changes to more than 300,000 devices made by D-Link, Micronet, Tenda, TP-Link, and others.
DDoSing a Cell Phone Network
The HLR/AuC is considered to be one of the most important network elements of a 3G network. It can serve up to five million subscribers and at least one transaction with HLR/AuC is required for every single phone call or data session.
Don't be a DDoS dummy: Patch your NTP servers, plead infosec bods
Security researchers have responded to recent denial of service attacks against gaming websites and service providers that rely on insecure Network Time Protocol servers by drawing up a list of vulnerable systems.
Cloud-based security services poised for rapid growth
The rush of businesses to move their operations to the cloud is creating a slipstream that's pulling security services into the nimbus.