Network News, Articles and Updates

SC Congress 2018: What's happening on your network?

Not knowing who or what is on your network is leaving organisations vulnerable to cyber-crime including ransomware. Although there are technical issues, training and personnel is a bigger problem.

Final Fantasy network recovers after losing health points to DDoS attack

The network hosting the role-playing video game Final Fantasy XIV experienced significant disruptions for three hours on 5 February as the result of a distributed denial of service (DDoS) attack.

Active Directory attack could enable malicious domain controller set up

DCShadow attack allows installation of backdoor. Hackers could set up their own fake domain controller in an existing corporate network to distribute malware and leave a backdoor.

Grey's Anatomy resolves hospital hacker plot, security experts analyse plot

Previously on Grey's Anatomy... Grey Sloan Memorial Hospital's network was taken over by a hacker who demanded millions in Bitcoin, in what was essentially a ransomware attack.

Google's DoubleClick network exploited to serve cryptominers

A malvertising campaign was observed exploiting Google's DoubleClick network to deliver silent cryptominers on high-traffic sites.

Securing the future of IoT; poor implementation will weaken security

IoT is part of a fundamental shift forward in enterprise networking - towards a cloud-enabled 'consume' approach - and yet most companies plan to implement IoT in a way that parallels an outdated way of 'DIY' networking.

Cyber-attack shuts down US Regional Hospital's online system

A cyber-attack that left computer screens at Hancock Regional Hospital in Greenfield, Indiana, USA, with a ransom message for bitcoin has caused the entire network at the hospital to go offline to stop damage to data of the patients.

Hackers use NSA exploits to mine Monero

Zealot campaign used Eternalblue and Eternalsynergy to mine Monero cryptocurrency on networks.

Understanding the threat of privilege identity theft

You'd think hackers will attempt social engineering exploits on your privileged users. In reality, it is more likely they will aim for a softer initial target. But once within the network, hackers will move onto their true target, the privileged user.

A postmortem of the Grey's Anatomy ransomware episode: Accurate or not?

In the mid-season finale of Grey's Anatomy, titled "Out of Nowhere," Grey-Sloan Memorial Hospital itself was on life support after its network became infected with ransomware - how realistic was the portrayal?

The evolution of analytics in threat detection

Cyber threats are evolving quickly. Fortunately, so is incident detection and response (IDR), powered by data explains Eric Sun, with techniques such as honeypots identifying suspect behaviour.

Will IETF proposal be the end of enterprise middlebox traffic snooping?

Is the ability to effectively bypass monitoring middleboxes is a good thing, both for the enterprise and more broadly network security?

Equifax hackers likely in network from March - 141 days before discovery

It took Equifax 141 days to discover a breach that exposed the data of 143 million US consumers with hackers likely accessing the credit monitoring firm's systems in March, a full two months before Equifax originally said they did.

'ShadowPad' attack sabotaged NetSarang software with backdoor

Attackers secretly modified at least five software packages distributed by network connectivity and server management solutions provider NetSarang in order to infect its business users with modular backdoor spyware.

Cyber due-diligence now forms an essential part of M&A planning

As cyber-concerns make their way up the boardroom agenda, companies involved in mergers and acquisitions are increasingly conducting cyber due-diligence.

RSA 2016: Gartner Tries To Demystify Security Analytics

With more companies adding tools that significantly increase the data flows used to analyse network traffic, a mythology seems to have been created surrounding security analytics according to Anton Chuvakin, research vice president at Gartner.

'Devastating flaws' in Kerberos authentication protocol

Security watchers warn of authentication and authorisation flaws in Windows network environments

Securing your organisation from insider threats

Living in a networked world has its advantages, but it also leaves organisations vulnerable to exploitation by malware, inadvertent employee actions and malicious attacks, says Salo Fajer

Is your app secure? Probably not

App vulnerabilities need to be thought about holistically, so the network and database in which they reside also need to be considered says Josh Shaul.

Poor measurement leaves networks dangerously open to attack

The ever-changing threat landscape is causing problems, with many business networks unable to keep up with the pace of innovation, argues Gavin Millard.

More questions than answers as BBC outage fuels DDoS talk

The British Broadcasting Corporation was hit by a prolonged outage on its website and iPlayer video-on-demand service (VOD) last weekend, raising questions about the cause and whether it was subjected to a distributed-denial-of-service (DDoS) attack.

'Complacency' to blame for undetected data breaches

A new study from IT governance reveals that a half of IT staff believe that their company may have suffered a data breach without it being detected.

Using analytics to secure your network

Knowing what's normal on the network will help identify attacks says Dirk Paessler

Monitoring the modern network environment

Importance of network visibility increases as complexity of modern enterprise networks increases: Enterprise Strategy Group survey.

Forrester report says firms spend 21% of security budget on networks

Corporates need to invest in the human firewall - Forrester analyst

Get people, privacy and policy correct before allowing collaborative working via mobiles

Managing control and compliance of mobile is key to collaborative working.

Getting the knack of NAC

De-perimeterisation, wireless, mobility and sophisticated threats have rejuvenated the adoption of network access control (NAC) technologies.

Deperimeterisation - nine years on

January 2014 will mark ten years since the Jericho Forum announced its concept of 'deperimeterisation', with regards to network IT.