Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Networks

algosec

Cloud security study reveals: over 50% of system failures are caused by human error and mismanagement

Jun 20, 2023 By Malynnda Littky-Porath In AlgoSec

The past few years have witnessed a rapid surge in the use of SaaS applications across various industries. But with this growth comes a significant challenge: managing security and assessing risk in application connectivity.

Read Post
alienvault

What is NFV

Jun 15, 2023 By Keith Thomas In AT&T Cybersecurity

In today's fast-paced digital landscape, businesses proactively seek innovative ways to optimize their networks, enhance operational efficiency, and reduce costs. Network Functions Virtualization (NFV) emerges as a transformative technology that leads the charge. NFV revolutionizes traditional, hardware-based network functions by converting them into flexible, software-based solutions.

Read Post
Forward Networks

Today's Networks are Complex and Complicated, but do they have to be?

Jun 15, 2023 By Mike Lossmann In Forward Networks

Networks today are different from what they were ten years ago, and one could argue that depending on the organization you work for, these networks are different from those just a few years ago. The rise of hybrid networks has made troubleshooting these networks that much more complex. Before, it could have been a hub and spoke design from your end users to the resources they need to access in one of the data centers.

Read Post
Forescout

How Do You Know If You're Covered for TTPs in CISA Critical Advisories?

Jun 14, 2023 By Shawn Taylor In Forescout

Depending on what the world’s threat actors are up to and whether their activity is detected, CISA may issue a cybersecurity advisory (CSA) every few days or have nothing for a month. It’s hard to predict, and you never know what’s coming your way. One thing is certain: If you managed cybersecurity for a critical infrastructure entity and this #StopRansomware: BianLian Ransomware Group CSA landed in your inbox, you would probably want to take swift action.

Read Post
securitysenses

4 Tips to Improve Cybersecurity for Your Business

Jun 13, 2023 By SecuritySenses In SecuritySenses
Businesses of all sizes must be concerned about cybersecurity in today's interconnected world. Trust and survival depend on your company's ability to keep private information secret, protect consumer data, and repel cyberattacks. To better protect your company online, we've compiled five tried-and-true strategies.
Read Post
Arctic Wolf

CVE-2023-27997: Critical Fortinet Fortigate SSL-VPN RCE Vulnerability

Jun 13, 2023 By James Liolios In Arctic Wolf
On June 9th 2023, security researchers from Olympe CyberDefense published a blog stating that they responsibly disclosed a critical vulnerability in SSL-VPN firewalls to Fortinet. This vulnerability, CVE-2023-27997, is a critical, pre-authentication RCE vulnerability that impacts all versions of Fortinet SSL-VPN firewalls, even if multi-factor authentication (MFA) is enabled. The security researchers responsibly disclosed the vulnerability to Fortinet.
Read Post
Forescout

Mass Exploitation of MOVEit Transfer Critical Vulnerability - Recommended Mitigations and How Forescout Can Help

Jun 13, 2023 By Prashant Tilekar and Sai Molige In Forescout

On May 31, Forescout Research – Vedere Labs uncovered a significant incident where threat actors exploited a critical zero-day vulnerability in the MOVEit Transfer software, which resulted in unauthorized access to and exfiltration of private data, as well as privilege escalation. MOVEit Transfer is a widely adopted managed file transfer (MFT) solution that enables organizations to securely exchange files with their business partners and customers.

Read Post
centripetal

Shielding Against the Most Recent Fortinet Vulnerability

Jun 13, 2023 By Lauren Farrell In Centripetal

During a red team assessment for a client, Charles Fol and Dany Bach from LEXFO, discovered a heap overflow bug in Fortigate’s SSL VPN that can be exploited to achieve remote code execution on Fortigate instances. This vulnerability is reachable without authentication, and can be used to execute arbitrary code on vulnerable systems, which could lead to a complete compromise of the system.

Read Post

Domain and IP intelligence with alphaMountain and LimaCharlie

Jun 13, 2023 By LimaCharlie In LimaCharlie
With how quickly threat actors move, your network and security teams need additional data to triangulate security investigations and ensure your users are safe. Learn how you can leverage LimaCharlie's integration with alphaMountain to provide domain and IP intelligence feeds for cyber protection based on continuously trained AI models. alphaMountain helps security architects and analysts make better, faster decisions about the risks posed by a host on the internet.
View Video
Corelight

Lessons Learned Deploying Corelight in the Black Hat Asia NOC

Jun 12, 2023 By Dustin Lee In Corelight

Last month, Corelight had the distinct privilege of joining Cisco, NetWitness, Palo Alto Networks, Arista, and our internet service provider, MyRepublic, to provide availability and network security overwatch to the Black Hat Asia network in Singapore. This marked our first appearance in the Black Hat Network Operations Center (NOC).

Read Post
Subscribe to Networks

Copyright © 2024 OpsMatters™. All rights reserved.