network security - News, Features, and Slideshows

News

  • A true story of combating a large-scale DDoS attack

    Real tales of cyberattack response and recovery are hard to come by because organizations are reluctant to share details for a host of legitimate reasons, not the least of which is the potential for negative financial fallout. However, if we never tell our stories we doom others to blindly walk our path. Better to share our real-world battlefield experiences and become contributors to improved threat intelligence.

  • A new kind of DDoS threat: The "Nonsense Name" attack

    There's a new species of Distributed Denial of Service (DDoS) attack targeting name servers, which could be called the "nonsense name" attack. It can wreak havoc on recursive and authoritative name servers alike, and some of our customers at Infoblox have fallen victim to it--but it's not always clear whether they were actually the targets.

  • Ig Nobels promise scientific silliness – which is kind of the point

    Most of the time, the world of science is dry for very good reasons. The rigor of the scientific process demands extensive observation, experimentation and documentation of every minor facet of every minor phenomenon in nature – with the result that you get a lot of studies that cover only a single aspect of specific protein denaturing under a specific set of circumstances, or some such.

  • How network virtualization is used as a security tool

    When people think of network virtualization, the advantages that come to mind typically include faster provisioning of networks, easier management of networks and more efficient use of resources. But network virtualization can have another major benefit as well: security.

  • NIST issues Best Practices on how to best use Secure Shell software

    The Secure Shell (SSH) protocol and software suite is used by millions of system administrators to log into application and service accounts on remote servers using authentication methods that include passwords, tokens, digital certificates and public keys. But when improperly managed, SSH keys can be used by attackers to penetrate the organization's IT infrastructure.

  • Security council blames breaches on poor PCI standard support

    The growing number of data breaches resulting in massive numbers of payment cards being stolen from retail stores and other businesses is occurring because they're failing to keep up with the Payment Card Industry's data security standard, according to the PCI Security Standards Council.

  • HyTrust, Intel team to lock down VMware virtual machines

    HyTrust, in a partnership with Intel, today said its cloud security software used with VMware-based virtual machines can now ensure those VMs will only run in designated trusted locations based on what's called new "boundary controls."

  • Start-up fights ambush attacks on SDN, virtual machine networks

    Start-up GuardiCore is working on a security product that works through a 'honeypot' approach to detect and block stealthy attacks on software-defined networks (SDN) and multi-vendor virtual-machine infrastructures for enterprise customers as well as cloud-service providers.

  • New security tools from Tenable, HP, Co3 attempt the impossible

    Automated incident response is one of the fastest growing fields in computer security. Alternatively called threat monitoring, vulnerability management or threat management, it encompasses the seemingly impossible task of defending a network from active threats as they happen, in addition to detecting every possible vulnerability that could be exploited by an attacker.

[]