At its core, DNS is what makes the internet work. Without it, everyone would need to remember the IP address of every website they wanted to visit, and content delivery networks would work because their anycast approach to IP would prevent dynamic association when a request is made to the IP address. Put simply, DNS makes it easy and affordable for websites to exist without those sites needing to own their own IP address. However, this easy and affordable approach is also what makes DNS a potential security vulnerability for organizations.
Read moreAuthor: Justin
Justin Jett is Director of Audit and Compliance at Plixer with roles ranging from system administration of web services to technical product marketing for Plixer’s incident response system, Scrutinizer. Jett, a graduate of the University of Maine at Farmington, is an avid learner of all things security, with a particular interest in TLS and DNS attacks.
Preparing for the next threat
Posted on - by Justin
It’s safe to say organizations have had their fair share of cyber attacks this past year—from threats discovered early last year with VMware (CVE-2021-21985 and CVE-2021-21972), which provided access to compromised environments and sensitive data, to the Apache Log4j vulnerability, which sent IT professionals scrambling to patch every system that might have a vulnerable release installed. These incidents don’t even touch threats like ransomware, which compromised the Colonial Pipeline network and forced gas prices to skyrocket above $3 a gallon for the first time in seven years—we’d all appreciate $3 a gallon these days! The year has been fraught with security challenges and the outlook continues to be troubling for the remainder of the year.
Read moreWhen EDR isn’t enough, be glad you have NDR
Posted on - by Justin
When tools that were created to help security teams simulate attacks are used by the attackers, you know there’s a problem. But that’s exactly what’s happened in recent news where the Brute Ratel C4 (BRc4) red-teaming and adversarial attack simulation tool was used by nation-state attackers to evade detection.
Read moreThe importance of network device discovery
Posted on - by Justin
Market research consulting firm Frost & Sullivan’s recent analysis found that enterprises were becoming more vulnerable to cyberattacks due to an expanded attack surface increase by “multiple touchpoints through an open network and easy accessibility to database[s] and applications.” As users join and leave the network from myriad devices, organizations need a way to improve their security posture without significantly increasing costs. But as the threat surface grows, what can organizations do to reduce risk?
Read moreProtect your network from Log4j and future vulnerabilities
Posted on - by Justin
Earlier this month, a vulnerability in the Apache Log4j logging framework was disclosed. The zero-day vulnerability was published by Alibaba Cloud’s security team as was called Log4Shell (CVE-2021-44228).
To protect business-critical applications and prevent remote code execution, which could give unfettered access to the hacker, businesses need to understand how to protect themselves from such attacks while patching vulnerable systems.
Read more