Security News

SonicWall on Wednesday urged customers of Global Management System firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information. "The suite of vulnerabilities allows an attacker to view data that they are not normally able to retrieve," SonicWall said.

A Russian network security specialist and former editor of Hacker magazine who is wanted by the US and Russia on cybercrime charges has been detained in Kazakhstan as the two governments seek his extradition. Maybe the second part wasn't such a good idea after all - an update to the statement notes that Kislitsin is also wanted by Russia.

This policy from TechRepublic Premium will help you create security guidelines for devices that transport and store data. The IT department will be responsible for implementing, adhering to and maintaining these controls.

Egress filters post-compromise, where Ingress filters pre-compromise#. Ingress traffic handling was by then less trendy, it was supposed to be a done deal.

5G encompasses robust security features that guarantee confidentiality, integrity, and availability of network services and user data. Essential 5G security methods and technologies include encryption, privacy protection, authentication and authorization, network slicing, and network equipment security assurance.

Passbolt: Open-source password manager for security-conscious organizationsIn this Help Net Security interview, Kevin Muller, CEO at Passbolt, delves into the critical concerns linked to password usage, outlines how the Passbolt password manager guarantees the utmost level of security for businesses, highlights its features in the competitive landscape, sheds light on how Passbolt meets the distinct requirements of teams and organizations, and more. Rorschach ransomware deployed by misusing a security toolAn unbranded ransomware strain that recently hit a US-based company is being deployed by attackers who are misusing a tool included in a commercial security product, Check Point researchers have found.

"Complex networks, large customer bases, and long supply chains make these industries highly susceptible to attacks. The study reveals that given the current organizational approaches to network security, companies cannot be continuously compliant, and as a result carry with them unquantified levels of risk to the confidentiality, integrity, and availability of systems and data." said Phil Lewis, CEO, Titania. "A determined attacker will try a combination of approaches to access a network until they gain entry, and known vulnerabilities or misconfigurations are an easy way in. Companies must adopt both a zero trust mindset and network security best practices, to minimise the attack surface, inhibit lateral movement, and prevent intruders from meeting their goals," continued Lewis.

Data storage devices maker Western Digital on Monday disclosed a "Network security incident" that involved unauthorized access to its systems.The breach is said to have occurred on March 26, 2023, enabling an unnamed third party to gain access to a "Number of the company's systems."

US-based data storage company Western Digital has announced that it has suffered a network security incident that resulted in an unauthorized third party gaining access to a number of the company's systems and some company data. Western Digital identified the network security incident on March 26, 2023.

Data backups get a lot of attention, but sadly, sometimes, the operational work that keeps networks secure - like device backups, upgrades, and configuration grooming - goes undone. Recent high-profile network outages have brought attention to the importance of not just automating improvements in network security and operations but recovering quickly and minimizing downtime when disaster strikes.