Why should your endpoints be an important part of your network security strategy? Because even though they are out in the wild, endpoints are part of your network! We really should stop viewing endpoint devices as being separate from the rest of the network. … [Read more...] about More on Endpoint Visibility: Mobile Security and Your Network Security Strategy
Cybersecurity is never easy, but maintaining a secure small business network is arguably even harder because the IT team has much fewer staff. Even high-stakes networks, such as in hospitals or schools, are often managed by a single person. In situations like … [Read more...] about How to Maintain a Secure Small Business Network (Even When You Work Alone)
Earlier today, the newest Distributed Denial of Service attack vectors, such as memcached and CLDAP, came up during a customer’s training session. It sparked quite a few interesting discussions, and I was asked if we could monitor CLDAP traffic with NetFlow. … [Read more...] about How to Monitor CLDAP Traffic with NetFlow
Microsegmention refers to the use of software to secure traffic between virtual machines (VMs) within virtualized data centers. Virtualization has increased organizations’ agility and efficiency while reducing cost. The ease and speed at which new applications … [Read more...] about Three Microsegmentation Challenges Facing NetOps and SecOps
In the wake of recent vulnerabilities with memcached, Distributed Reflection Denial of Service (DRDoS) is currently in the focus of public attention. Using this technique has generated some of the largest attacks seen to date. This blog will cover how you can … [Read more...] about What is Distributed Reflection Denial of Service?
To detect a phishing scam, we typically examine hyperlinks for odd domains or subtle character changes (like a “1” in place of an “I”). But suppose a bad link looked completely normal, or perfectly mimicked one you often visit? The traditional detection … [Read more...] about Unicode Domain Phishing Attacks: Can You Spot the Difference?
Screen sharing applications have changed the landscape of the modern office. These tools allow users to remotely control another PC and receive image data that represents what the local user would see on their monitor. This greatly simplifies telecommuting, … [Read more...] about Identify Screen Sharing Network Traffic
In the past month I have been on a couple support calls where Locky ransomware came up. Locky sounded familiar but wasn’t a topic I had yet tackled with any customers. So I took to Google and what I found was surprising. Pages of recent articles surrounded … [Read more...] about How I Used Behavioral Analytics to Track Locky
While we have supported Gigamon reports for a couple of years, we now leverage the SSL information pulled from Gigamon flows. This enables you to run a series of reports that provide context-rich SSL information. … [Read more...] about Uncovering SSL Vulnerabilities with Gigamon Metadata Exports
Much advice about avoiding malware revolves around only clicking links from trusted sources. Unfortunately, it gets harder all the time to determine who and what is a trusted source. Malware is more insidious than ever. Below, I've found some recent instances … [Read more...] about Protecting Yourself from Hidden Malware