Security News
The role DNS plays in network securityNew EfficientIP and IDC research sheds light on the frequency of the different types of DNS attack and the associated costs for the last year throughout the COVID-19 pandemic. New Google tool reveals dependencies for open source projectsGoogle has been working on a new, experimental tool to help developers discover the dependencies of the open source packages/libraries they use and known security vulnerabilities they are currently sporting.
The former chief operating officer of Securolytics, a network security company providing services for the health care industry, was charged with allegedly conducting a cyberattack on Georgia-based Gwinnett Medical Center. 45-year-old Vikas Singla supposedly disrupted the health provider's Ascom phone service and network printer service and obtained information from a Hologic R2 Digitizer digitizing device in September 2018.
Verizon Business announced the launch of its new Advanced Secure Access Service Edge solution, merging SD WAN capabilities with hybrid network connectivity and security services to create a unified, cloud-delivered service able to meet the increasingly complex digital demands of enterprises. More than ever, businesses are looking for scalable, flexible solutions that are able to adapt to business requirements, while optimizing performance and security.
These figures illustrate the pivotal role of DNS for network security, both as a threat vector and security objective. Around a quarter of companies have suffered a DNS attack abusing cloud misconfiguration, with 47% of companies suffering cloud service downtime as a result of DNS attacks.
Three security vulnerabilities have been found in Trend Micro's Home Network Security systems, which can allow denial of service, privilege escalation, code execution and authentication bypass. The Home Network Security Station is an all-in-one device that scans for vulnerabilities for connected devices, performs intrusion detection and allows consumers to control access settings for all devices on the network.
Vulnerabilities identified by security researchers with Cisco's Talos unit in Trend Micro Home Network Security devices could be exploited to elevate privileges or achieve arbitrary authentication. The Home Network Security station provides users with monitoring and protection capabilities, including vulnerability scanning, intrusion prevention, threat protection, and device-based access control.
Fudo Security announced that the company has signed a distribution agreement with SYNNEX. "Quite often, the misconception is that identity access management solutions are an alternative to privileged access management, but this leaves an organization open to exploits from insider misuse and breached credentials." "Fudo PAM is a comprehensive, all-in-one solution that monitors all remote access and sessions. Other elements like MFA or VPN are insufficient to guarantee a complete safeguard against internal or external threats," explained Patryk Brozek, CEO, Fudo Security.
Five major areas for EMEA network security investments Automation - 21 percent of organizations are investing in automating policy management to safeguard against inefficient and risky functions. Security-development misalignment - 73 percent of IT leaders admit their application development and network security operations teams are not well aligned.
"The study shows that a cocktail of multiplying threats, the proliferation of hybrid and cloud architectures, blended with a pandemic-fueled explosion in distributed and remote work has created a perfect storm for network security teams," said Satin H. Mirchandani, President and CEO of FireMon. Five major areas for network security investment Automation - More than 50 percent of organizations are currently investing in automating policy management to safeguard against inefficient and risky functions and 79 percent say they'll implement security orchestration and automation within two years to improve agility and responsiveness.
Authors of a new botnet are targeting connected devices affected by critical-level vulnerabilities, some of them impacting network security devices. Successfully compromised devices end up with a variant of the Mirai botnet malware specific to the architecture of the device.