Who’s on your network? What’s on your network? These questions never change, but the ways we get to meaningful answers are always evolving. Providers of network visibility solutions are constantly upgrading their capabilities to detect threats and enable rapid, effective responses to network security incidents.
Choosing a virtual private network (VPN) can be difficult. Besides selecting a VPN provider, users must also choose between a paid VPN or a free VPN, among other factors. Simply picking a seemingly “free” VPN can have consequences ranging from having information logged and sold to advertisers, which may defeat the purpose of using a VPN in the first place, to having the VPN used as a portal to deliver malware to your device.
VPNs are the primary tool for securing remote access, but recently disclosed vulnerabilities point out the weakness of relying on them as the only tool.
It has been reported that the U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. According to the MAR AR19-100A advisory published on the US-CERT website, the new Trojan was detected while tracking the malicious cyber activity of the North Korean-backed hacking group HIDDEN COBRA (also known as Lazarus, Guardians of Peace, ZINC, and NICKEL ACADEMY).
Hackers have been breaking into home routers to change DNS server settings and hijack the traffic to redirect it to malicious sites, according to Troy Mursch, security researcher for Bad Packets.
Critical infrastructure operates so much in the back of our minds that it often doesn’t seem that critical. But, yet another report on the cyber vulnerabilities of critical infrastructure suggests it ought to be a bit more up front.
Enterprises have a password problem, and it’s one that is making the work of hackers a lot easier. From credential stuffing to brute force and password spraying attacks, modern hackers don’t have to do much hacking in order to compromise internal corporate networks. Instead, they log in using weak, stolen, or otherwise compromised credentials.
Taking advantage of recent stolen credential dumps, attackers have been exploiting legacy protocols like IMAP to engage in high-volume password-spraying campaigns for the purpose of breaking into companies’ cloud accounts, researchers at Proofpoint are reporting.
Bob Noel had an opportunity to speak with Charlene O’Hanlon, with Digital Anarchist, during RSA 2019 about the future of security and the value of NetOps and SecOps collaboration.
Plixer wins Editor’s Choice Award for Network Security and Management at the RSA Conference 2019.