Blog

Author: Jonathan Petkevich. It is well known that using network taps for out-of-band monitoring is an effective way to improve both network performance and uptime. However, taps are typically labeled as a less-desirable monitoring deployment for security. This is simply not true and the National Security Agency (NSA) knows it.
Article Byline Date:
02/11/2016
A uthor: Roark Pollock It's a college football legend, Paul (Bear) Bryant , who is credited with the adage so many sports fans, players, coaches and owners hold to be true: "Offense sells tickets. Defense wins championships.” And this weekend in Super Bowl 50 , the Denver Broncos did their very best to prove the old adage true. If you watched the game you saw players Von Miller and Demarcus Ware and Defensive Coordinator Wade Phillips help bring the NFL’s best offense to a screeching halt. But how does this timeless adage apply to those of us that spend our days in the IT world – under...
Article Byline Date:
02/10/2016
Author: Anthony Lecorchick. In February 2015, the Internet Engineering Task Force (IETF) released RFC 7465, prohibiting the RC4 cipher suite in TLS. At this point, the IETF considers RC4 to be “on the verge of becoming practically exploitable...[and] can no longer be seen as providing a sufficient level of security for TLS sessions.”
Article Byline Date:
02/10/2016
WiFi
The Ethernet port is dead on mobile. That means our brands, revenue, and reputations run over Wi-Fi. How does this impact mobile device use and development?
Article Byline Date:
02/10/2016
Author: Oana Murarasu. Ixia’s ATI Research Center recently discovered multiple authentication bypass vulnerabilities inside SearchBlox 8.3. These vulnerabilities are due to lack of or improper validation of HTTP requests to the SearchBlox Web UI. An attacker could exploit these to add or delete business users, delete collections, delete reports, and import and export the configuration file. By importing and exporting the configuration file, the admin password could be compromised or overwritten. In some cases, overwriting the configuration file can cause the application to crash, resulting in a Denial-of-Service condition.
Article Byline Date:
02/09/2016
gold_hour
Author: Keith Bromley Are you prepared for the Golden Hour of a network security intrusion? Most enterprises are not. According to an Ixia security resilience survey , many enterprises and carriers are still highly vulnerable to the effects of a security breach. So when an intrusion occurs, how quickly will you be alerted to the problem and then how quickly will you respond? Medical Golden Hour The Golden Hour of a security intrusion is the first 60 minutes of the intrusion into your network. The term Golden Hour actually comes from medical industry terminology. This is the first 10 to 60...
Article Byline Date:
02/05/2016
Inside_out_security
Author Jeff Harris. "It isn't just about bad apples — people that are deliberately out to steal information or harm organizations." That, from a recent CIO.com article, may not be surprising to some security experts. But to many, security risks from within can blindside organizations. What does it take to keep this in check? Policy, awareness, and tools that secure your data and corporate assets, without stifling innovation or productivity. Oh, and in case it needs to be said—trust isn’t really a security policy. In the 2015 Security Report from Check Point, a couple of statistics give one...
Article Byline Date:
02/04/2016
spherical structure
Authored by Jeff Harris. No one in his or her right mind would want to be responsible for a business, city, or government going down because of lax network security. For those not immersed in the security world, it’s hard to imagine a city being brought to its knees by a mouse and a keyboard. Yet that scenario is beginning to become more of a reality than anyone would like to acknowledge.
Article Byline Date:
02/01/2016
Roark Pollock
Author: Roark Pollock Most hackers would prefer that you use an ineffective network packet broker to deliver packet data to your security tools. Perhaps one that drops lots of packets while filtering mirrored network traffic before it gets to your critical security tools like intrusion detection systems (IDS). Why do I so rapidly arrive at this conclusion? Let’s look at a simple example. Let’s say you have an IDS in your network passively monitoring for malicious security events. This intrusion detection system is one of the more powerful tools in your security arsenal for maintaining the...
Article Byline Date:
01/29/2016
ModPOS is a new, very advanced malware framework targeting point-of-sale (POS) systems. Its name comes from the fact that it has a modular architecture, which uses packed kernel drivers that are challenging to detect. The modules that researchers have currently discovered include one for downloading additional components and uploading information, one for memory scraping and one for keylogging, the downloading/uploading one being the only one with anti-virus detections. What enhances the sophistication of this malware is its uniqueness per system (low indicator of compromise - IoC), which is...
Article Byline Date:
01/27/2016

Pages

Subscribe to Blog