Network security strategy

Cops seize criminal VPN used by ransomware gangs

A coordinated sting has ended the operations of the DoubleVPN service, the owners of which are accused of harbouring cyber criminal activity Continue Reading

12 official practice questions for the CCNA 200-301 exam

These practice questions for CCNA 200-301 lay out what readers need to know about network security and IP routing in the LAN, from 'CCNA 200-301 Official Cert Guide, Volumes 1 and 2.' Continue Reading

WD-40 eases network friction with SD-WAN, SASE

Manufacturer of so-called ‘miracle spray’ overhauls inflexible, decades-old MPLS infrastructure with managed networking and security Continue Reading

Cloudflare announces new integrations with Microsoft, others

New security integrations with Microsoft Azure Sentinel, Splunk, Datadog and Sumo Logic will supposedly make it easier for users to analyse network security data Continue Reading

Nokia, DISH, AWS to launch first 5G SA core network on public cloud

US network operator runs 5G standalone core on global cloud platform to optimise network operations and launch new software and services rapidly and efficiently Continue Reading

DISH, Dell announce Open RAN 5G edge infrastructure first for US

Leading US operator taps IT giant for cloud-native, open 5G radio access network and edge compute technology and announces collaboration on go-to-market strategies for joint edge solutions Continue Reading

Confusion abounds around true definition of SASE, but doesn’t stop take-up

Global digital transformation survey finds nine out of ten companies reviewed remote connectivity strategy during lockdown and secure access service edge gains huge interest Continue Reading

FBI planned a sting against An0m cryptophone users over drinks with Australian investigators

Australian Federal Police and the FBI came up with the idea over drinks: build a cryptophone network with a built-in backdoor and sell it to crime gangs around the world Continue Reading

Verizon Business looks for edge with advanced SASE

Telco launches SASE solution merging SD-WAN capabilities with network security services, creating a unified, cloud-delivered service model that supports digital enterprises Continue Reading

Aryaka activates EU-friendly point of presence

Cloud-first managed SD-WAN and SASE provider aims to bridge recently emerged EU/UK connectivity gap with enhanced networking support and application experience Continue Reading

Orange Business Services taps Ericsson for enterprise IoT security

As billions of internet-of-things devices become connected and intelligent, security becomes more important, as comms tech provider delivers new security offering for CSPs Continue Reading

Secrecy around EncroChat cryptophone hack breaches French constitution, court hears

French lawyers claim that investigators are unlawfully withholding details of a cryptophone hacking operation in a case that could impact UK prosecutions Continue Reading

Reports raise alarm over Huawei access to Dutch networks

Espionage accusations raise security questions for Netherlands organisations using Chinese supplier’s equipment and services Continue Reading

What the Telecommunications (Security) Bill means for UK industry

The Telecommunications (Security) Bill is intended to reinforce the security of the UK telecommunications infrastructure, but what are the implications for industry? Continue Reading

Buying a VPN? Here’s what you need to know

VPNs are an effective cyber security tool for businesses and remote workers, but there are many things to consider before purchasing and implementing one. We explore some of these Continue Reading

Nokia, Microsoft team to offer public cloud AI use-case library for telcos

Nokia’s AVA AI use-case library now delivered as a service on Azure public cloud, claiming to combine telco-grade security and instant web scale architecture scalability Continue Reading

Legacy vulnerabilities may be biggest enterprise cyber risk

While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats Continue Reading

RSA Conference 2021: 3 hot cybersecurity trends explained

In a lightning round session at RSA Conference, ESG analysts discussed three of the hottest topics in cybersecurity in 2021: zero trust, XDR and SASE. Continue Reading

Cisco acquires Kenna Security amid security expansion

Cisco announces a new acquisition alongside service enhancements around XDR and SASE in support of its security customers Continue Reading

Irish High Court dismisses legal bid by Facebook over EU-US data transfers

Latest twist in long-running legal battle sees Facebook lose legal bid to prevent the Irish Data Protection Commissioner suspending its transfer of data about European citizens to the US Continue Reading

Dutch police used deep learning model to predict threats to life

Dutch police developed a deep learning model in their EncroChat investigation to predict which messages contain serious threats to life Continue Reading

The Security Interviews: Why helpful bots could hurt vaccine roll-outs

Earlier this year, spikes in traffic to websites containing information about Covid-19 vaccines were attributed by Imperva to automated bots scraping data. Why is that a problem? Continue Reading

SolarWinds CEO calls for collective action against state attacks

SolarWinds CEO tells NCSC’s CyberUK conference he is exploring the possibility of collaborating with other companies on collective cyber action against attacks backed by nation states Continue Reading

Swedish court finds ambiguities in hacked EncroChat cryptophone evidence

Defence lawyer claims evidence obtained by hacking the EncroChat encrypted phone network has ‘no legal’ value following Swedish appeal court ruling Continue Reading

Despite confusion, zero-trust journey underway for many

Zero trust is a catchy phrase with seemingly lofty goals. Uncover the reality behind one of infosec's hottest buzzphrases, and learn why it's within reach for many companies today. Continue Reading

NCSC publishes smart city security guidelines

Guidance for local authorities, IT and cyber professionals aims to ensure the security of connected, smart city projects Continue Reading

Juniper Networks offers path to ease SASE transition

New cloud-based portal is designed to help customers transition seamlessly and securely to a secure access service edge architecture by safeguarding users, applications and infrastructure amid network transformation Continue Reading

Dysfunctional cyber, network teams disrupt digital transformation

Despite shared goals, combative and dysfunctional relationships within specialist tech teams are putting digital transformation projects at risk, according to a report Continue Reading

Aryaka acquires cloud-based SASE platform Secucloud

SD-WAN provider makes its first-ever acquisition with purchase of German security company Continue Reading

EncroChat: Top lawyer warned CPS of risk that phone hacking warrants could be unlawful

Lord David Anderson QC warned prosecutors that there were formidable arguments against the lawfulness of a police operation to infiltrate the encrypted phone network, EncroChat Continue Reading

Vodafone, Qualcomm draft blueprint for Open RAN supplier diversification

Operator and comms tech giant collaborate on Massive MIMO RU and DU platform development to boost Open RAN ecosystem and increase pace of 5G innovation Continue Reading

BT, Fortinet team to expand managed network services with SD-WAN

UK telco boosts software-defined wide area network portfolio with new solution combining global connectivity and cyber expertise with Fortinet Secure SD-WAN Continue Reading

French legal challenge over EncroChat cryptophone hack could hit UK prosecutions

Lawyers are challenging the legality of a French police operation to harvest tens of thousands of messages from the EncroChat encrypted phone network in a move that could overturn criminal prosecutions in the UK Continue Reading

8 remote access security risks and how to prevent them

Enterprises face myriad remote access security concerns, but training and clear communication can help them bolster their security programs for the long term. Continue Reading

Researchers shed more light on APT29 activity during SolarWinds attack

RiskIQ’s Atlas threat intel team uncovers new patterns and threat infrastructure used in the SolarWind’s attacks Continue Reading

Automation, zero-trust, API-based security priorities for EMEA CISOs

Report by FireMon sheds light on buyer behaviour across the EMEA region Continue Reading

Chinese APT exploits critical CVE in Pulse Secure VPN

A newly disclosed vulnerability in Pulse Secure’s VPN is being exploited by a Chinese advanced persistent threat group – assume compromise and mitigate today Continue Reading

Nokia, Edzcom raise Konecranes R&D with 5G SA private wireless

Network technology provider to fuel lifting equipment firm’s 5G research and digitised solution development for factories and ports, building on existing LTE private wireless investment Continue Reading

Government puts Facebook under pressure to stop end-to-end encryption over child abuse risks

Facebook faces growing government pressure to abandon its plans to offer users end-to-end encryption to secure the privacy of their messages as the NSPCC raises concerns about child protection Continue Reading

Argenta takes Teneo SD-WAN to improve global network

Plagued by WAN issues, global animal health research and manufacturing company improves system performance and interconnectivity across its international locations with a co-managed software-defined wide area network Continue Reading

Dutch accuse UK of ‘damaging confidence’ by disclosing details of EncroChat police collaboration

The Dutch Public Prosecution Service claims Britain has damaged confidence by disclosing details of an international investigation into the EncroChat encrypted phone network to the courts Continue Reading

KDDI teams with Cato Networks to take SASE services worldwide

Japanese telco joins forces with software-defined networking firm to demonstrate how CSPs can use secure access service edge systems to address digital enterprise requirements for pervasive secure access Continue Reading

Millions of devices at risk from NAME:WRECK DNS bugs

Newly disclosed set of nine DNS vulnerabilities puts over 100 million consumer, enterprise and industrial IoT devices at risk Continue Reading

Common network vulnerabilities and how to prevent them

It's not possible to eliminate all network vulnerabilities, but network teams can implement best practices to limit potential attacks and protect their networks. Continue Reading

Fujitsu, Trend Micro team to secure private 5G

Security and IT leaders Fujitsu and Trend Micro announce streamlined security product for IoT devices and networks to help accelerate manufacturing digital transformation Continue Reading

Cring ransomware hits ICS through two-year-old bug

A long-disclosed vulnerability in Fortinet’s Fortigate VPN servers is being exploited to distribute Cring ransomware Continue Reading

Plume introduces WorkPass for small businesses

Smart home tech provider offers secure hyper connectivity and personalised smart home solutions as the home becomes the office Continue Reading

Belgium’s Federal Justice Service advances digitally with fast networks

Security and networking firms team to claim 20 times faster connectivity for Belgium’s justice system so it can hold court hearings and prison visitations remotely and exchange information between services and applications securely Continue Reading

UK courts face evidence ‘black hole’ over police EncroChat mass hacking

French investigators have refused to disclose how they downloaded millions of messages from a supposedly secure cryptophone network used by organised criminals – leaving UK courts to grapple with a forensic ‘black hole’ of evidence Continue Reading

Remote working burn-out a factor in security risk

After a year of working from the kitchen table, stress and burn-out are increasing, giving rise to more security risks – and Millennials seem to be particularly affected Continue Reading

Anti-money laundering technology must operate in a collaborative ecosystem

With new technologies making it easier for banks to spot money laundering activity, we look at why the problem persists at scale, finding that ecosystems and collaborative processes need to be built Continue Reading

Endpoint security vs. network security: Why both matter

As the security perimeter blurs, companies often debate the merits of endpoint security vs. network security. However, it shouldn't be an either-or decision. Continue Reading

Microsoft Exchange ProxyLogon attacks spike 10 times in four days

Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days Continue Reading

Judges refuse EncroChat defendants’ appeal to Supreme Court

Experts suggest Parliament and Investigatory Powers Tribunal need to consider the implications of a court decision on police use of data from the EncroChat phone network Continue Reading

Arrest warrants issued for Canadians behind Sky ECC cryptophone network used by organised crime

The US has issued arrest warrants for the CEO of Sky Global and a former distributor for racketeering, aiding and abetting the distribution of illegal drugs by supplying encrypted phones to criminals Continue Reading

NCSC issues emergency alert on Microsoft Exchange patch

UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately Continue Reading

DearCry ransomware targets vulnerable Exchange servers

As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority Continue Reading

Nokia, LG Uplus trial 5G business-to-business platform in Korea

Test of 5G solution designed to go beyond traditional network connectivity and deliver enhanced service quality and creation of new B2B services Continue Reading

Attack on surveillance cameras a warning over security, ethics

The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology Continue Reading

Norwegian government falls victim to Microsoft attacks

Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers Continue Reading

CW Europe: Nordic tech startups create blueprint for post-Covid working environment

Business can learn lessons from Nordic tech startups to prepare employees to return to the office after Covid restrictions end. Also read why Netherlands police need a training ‘roadmap’ to get them up to speed to tackle cyber crime. Continue Reading

Police crack world’s largest cryptophone network as criminals swap EncroChat for Sky ECC

Belgian and Dutch police have breached the encryption of users of Sky ECC, the world’s largest cryptophone network. There are significant parallels with the international police operation against the EncroChat cryptophone network which led to hundreds of arrests Continue Reading

Belgian police raid 200 premises in drug operation linked to breach of encrypted phone network

More than 1,600 police and law enforcement officials conduct drug raids after the compromise of an encrypted mobile phone network that has parallels with EncroChat Continue Reading

Goldman Sachs CEO comments highlight need for home working balance

The remote working revolution has been prominent in the banking sector and organisations have a balancing act to perform once the pandemic passes Continue Reading

Only 12% of worldwide enterprises fully embrace SASE

Global survey reveals that although many public and private sector organisations have elements of secure access service edge in their IT stack, few have a comprehensive architecture and a significant number do not embrace the philosophy at all Continue Reading

Juniper adds WAN, Virtual Network Assistant technology to networks portfolio

Artificial intelligence-driven networks provider builds on wired/wireless access leadership and record year for campus/branch switching with new AI-driven EX switch Continue Reading

Is Clubhouse safe, and should CISOs stop its use?

With more concerns being raised over the privacy and security of social media app Clubhouse, we consider whether security teams should consider restricting or stopping employees from using it Continue Reading

GSMA: 5G drives recovery from Covid

Research from global trade body for the mobile industry finds that, driven by China, adoption of next-generation networks will enable global economies to get back on track over the short to mid-term Continue Reading

Rogue drones beware: We’re here to ground you

Eugene Kaspersky exclusively lifts the lid on a mysterious, shiny device that’s been sitting in his office Continue Reading

The WFH ‘New Normal’ is nothing of the sort

At least, not yet. The world is still in the very abnormal grip of a pandemic, and even with widespread vaccination we will be defending ourselves against the fear of further outbreaks for months, ... Continue Reading

European cities hit key smart technology milestone with €250m investment

London, Lisbon, Milan, Bordeaux, Burgas and Warsaw trigger investment in smart technologies as part of Sharing Cities programme Continue Reading

How to secure remote access for WFH employees in 4 steps

The global pandemic caused mayhem on network security environments. Enterprises need to bring rigor back to their systems and tighten security for remote workers. Continue Reading

Security firm Stormshield loses source code in cyber attack

Source code from two products developed by French cyber security firm was compromised in a December 2020 incident Continue Reading

SolarWinds chases multiple leads in breach investigation

Investigators at SolarWinds are exploring multiple theories as to how the company’s systems were compromised Continue Reading

SolarWinds patches two critical CVEs in Orion platform

New vulnerabilities disclosed as SolarWinds reels from December 2020 Solorigate/Sunburst attack – but do not appear to have been exploited yet Continue Reading

Revealed: Brits who fuelled ‘vicious’ conspiracy theory by Trump supporters

Trump supporters have apologised and paid millions in damages to the family of murdered Democratic Party staffer Seth Rich for promoting false allegations that Rich – not Russian agents – stole emails from the Democratic National Committee Continue Reading

Dell, SK Telecom, VMware bring 5G edge to enterprises

IT giants team with telco to collaborate on an integrated multi-access edge computing system with the aim of providing more secure and reliable access to data at edge locations Continue Reading

Manufacturing particularly at risk of Solorigate-linked breaches

Every fifth victim of the SolarWinds Solorigate/Sunburst attack was a manufacturing organisation, say researchers Continue Reading

Collaboration to the fore as ‘staggering’ change predicted for IT in 2021

With 2020 exposing the leaders versus the laggards in enterprise digital transformation, research shows companies intend to invest in SD-WAN and MPLS, UCaaS and CCaaS to stay competitive in 2021 Continue Reading

Global VPN downloads surge in 2020

Repressive regimes’ regulatory demands and remote working see virtual private network usage rocket over the past 12 months Continue Reading

Security Think Tank: Are security teams the unsung heroes of 2020?

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hotcakes? Continue Reading

Security Think Tank: Time to rethink stopgap solutions

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading

How can healthcare organisations fight increased cyber crime in 2021?

As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care Continue Reading

Should I be worried about MFA-bypassing pass-the-cookie attacks?

Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations? Continue Reading

Security Think Tank: In 2021, enable, empower and entrust your users

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading

New SolarWinds CEO sets out rescue plan

Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community Continue Reading

Kaspersky claims link between Solorigate and Kazuar backdoors

Researchers say they have found specific code similarities between the Solorigate/Sunburst malware and the Kazuar backdoor, suggesting some relationship Continue Reading

Government use of 'general warrants' to authorise computer and phone hacking is unlawful

A court has ruled that the security and intelligence services can no longer rely on ‘general warrants’ to authorise the hacking of large numbers of computers and phones belonging to UK citizens Continue Reading

Top network attacks of 2020 that will influence the decade

You've heard of phishing, ransomware and viruses. Now, keep them in mind because one cybersecurity expert says these threats and more may cause IT headaches for the next decade. Continue Reading

Advice for an effective network security strategy

Security audits, evaluations of tools and looking realistically at trending technologies are some ways an organization can ensure its network security is the best it can be. Continue Reading

Test your network threats and attacks expertise in this quiz

Network security is an ever-changing subject, but many of its common threats have plagued IT pros for years -- and will likely continue to do so. See what you know in this quiz. Continue Reading

SolarWinds cyber attack is ‘grave risk’ to global security

More victims of the SolarWinds Orion Sunburst cyber attack are being identified as the massive scale of the Russia-linked cyber espionage campaign becomes more clear Continue Reading

FireEye and partners release SolarWinds kill-switch

A so-called kill-switch for the dangerous SolarWinds Sunburst attack should allay some user fears, but is not a full fix for the issue Continue Reading

Singapore employees want more support for remote working

Singapore workers faced challenges in accessing internal company resources, spotty connections and had to use their personal devices for business while working remotely Continue Reading

Aryaka offers hybrid workplaces “risk-free on-ramp” to SASE

New managed secure private access solution claimed to be able to make remote employees “first-class citizens” for corporate applications Continue Reading

After critical year, Vodafone trains security sights on CNI market

Vodafone’s security head Steve Knibbs explains how he plans to bring the lessons of a transformative few years in cyber security to bear on new markets Continue Reading

Amnesia:33 IoT flaws dangerous and patches unlikely, say experts

The disclosure of multiple flaws by Forescout has raised big questions for the developers of connected products, and for their users Continue Reading

Multiple D-Link routers found vulnerable to attack

Digital Defense discloses a remotely exploitable root command injection flaw in a number of D-Link wireless router devices Continue Reading

Nokia deploys 5G private networking across five German research centres

Finnish comms tech giant continues roll-out of standalone private 5G network for large-scale implementation across renowned German research institutes Continue Reading

UK government sets out 5G tech diversification strategy

Second reading of the Telecoms Security Bill outlines specific measures to restrict the use of Huawei’s goods, services and facilities in 5G networks and details of the new 5G Supply Chain Diversification Strategy designed to build a resilient, open and sustainable comms tech supply chain Continue Reading