As cybersecurity continues to become more complex and harder to manage, the role of security operations for organizations is also shifting across the board. Long gone are the days where firewalls or intrusion detection systems (IDS) could keep adversaries outside the perimeter. Instead, we are seeing increases in both size and frequency of attacks leading to more pronounced impacts to ...
Read More »Blog
‘Kill Switch’ to Mitigate Memcached DDoS Attacks — Flush ‘Em All
Security researchers have discovered a “kill switch” that could help companies protect their websites under massive DDoS attack launched using vulnerable Memcached servers. Massive Memcached reflection DDoS attacks with an unprecedented amplification factor of 50,000 recently resulted in some of the largest DDoS attacks in history. To make matter even worse, someone released proof-of-concept (PoC) exploit code for Memcached amplification attack yesterday, making it easier ...
Read More »Best Practices: Deploying an Effective Firewall
In early August, malware infiltrated the computer network and systems of a transmission plant in North Carolina. It was a potentially costly attack, as the factory stood to lose $270,000 for every hour that it wasn’t manufacturing and shipping its automotive parts to plants across the U.S. Fortunately, the facility had a firewall standing between the factory’s crown jewels and hackers, blocking the malware ...
Read More »Best business firewalls: Which firewall is suitable for your business?
Best business firewalls: Which firewall is suitable for your business? There are countless options to choose from when considering firewall protection. Should you invest in an external firewall, stick with a virtual firewall or take the plunge with both? The firewalls listed here cater to most sizes of organisation, from small businesses that only require virtual firewalls to larger enterprises ...
Read More »SONICWALL RECOGNIZED ON CRN’S 2018 SECURITY 100 LIST
This project recognizes the coolest security vendors in each of five categories: Endpoint Security; Identity Management and Data Protection; Network Security; SIEM and Security Analytics; and Web, Email and Application Security. The companies on CRN’s Security 100 list have demonstrated creativity and innovation in product development as well as a strong commitment to delivering those offerings through a vibrant ...
Read More »Businesses remain at risk of repeated ransomware attacks and exposed to exploits
Many businesses are still not prepared to defend against determined attackers, according to The State of Endpoint Security Today released by Sophos. The survey polled more than 2,700 IT decision makers from mid-sized businesses in 10 countries worldwide, including the US, Canada, Mexico, France, Germany, UK, Australia, Japan, India and South Africa. Ransomware continues to be a major issue across the globe, with ...
Read More »What is SQL injection? This oldie but goodie can make your web applications hurt
SQL injection, or SQLi, is one of the least sophisticated web application security attacks that can give an adversary complete control over your web application database. Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQLi was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists injection as the number one threat to ...
Read More »Fortinet founder sees network security in the bigger picture
When Ken Xie was a student at Stanford University in the early 1990s, the network security world was a different place. Security was based on software firewalls running on personal computers and servers, which Xie capitalized on with his first company — Systems Integration Solutions, Inc. As the computer industry matured, Xie realized that firewalls were not enough, so he founded ...
Read More »Akamai report finds sharp increase in credential abuse
Newly released data that analyzed more than 7.3 trillion bot requests per month found a sharp increase in the threat of credential abuse, with more than 40 percent of login attempts being malicious, according to the Fourth Quarter, 2017 State of the Internet / Security Report released by Akamai Technologies, Inc. According to the Ponemon Institute, credential stuffing attacks can cost businesses ...
Read More »Check Point introduces a new cloud security product family
Check Point Software Technologies Ltd. has announced the CloudGuard product family to protect enterprises from Gen V cyber attacks on cloud applications and infrastructure. The company is also introducing CloudGuard SaaS protecting enterprises against cyber attacks on SaaS applications. CloudGuard is a part of the Check Point Infinity architecture, built on industry-proven and award-winning technologies to provide comprehensive Gen V ...
Read More »