Why should you worry about DNS attacks? https://ift.tt/3imhFPU Domain Name System (DNS) is a very basic protocol and service that enables Internet users and network devices to discover websites using human-readable hostnames instead of numeric IP addresses. This article provides a detailed explanation of how DNS works. If the DNS service is attacked or doesn’t […]
Defending Exchange servers under attack https://ift.tt/3fNTc3M Securing Exchange servers is one of the most important things defenders can do to limit organizational exposure to attacks. Any threat or vulnerability impacting Exchange servers should be treated with the highest priority because these servers contain critical business data, as well as highly privileged accounts that attackers attempt […]
CISA warns Microsoft SMB v3 vulnerability is under attack https://ift.tt/30nYE9g Error: Server Error The server encountered an error and could not complete your request. Please try again in 30 seconds. Security via SearchSecurity https://ift.tt/2q47dlM June 8, 2020 at 10:28PM
12 Microsoft 365 security best practices to secure the suite https://ift.tt/36PmRGB Part one of this two-part series on Microsoft 365 (formerly Office 365) security weaknesses examined some of main misconfigurations that cause problems when trying to securely operate or migrate to the cloud-based Microsoft 365 suite of services. While knowing the challenges is half the […]
5 principles of the network change management process https://ift.tt/3c53pGE Network change management is a process that is intended to reduce the risk of a failed change. This process entails several steps that ensure successful changes, but how does each step work? Aircraft pilots use well-defined processes to ensure safe flying. Similarly, networking teams can use […]
Docker Desktop danger discovered, patch now https://ift.tt/3d6f4GF Docker has fixed a vulnerability that could have allowed an attacker to gain control of a Windows system using its service. The bug, discovered by Ceri Coburn, a researcher at security consultancy Pen Test Partners, exposed Docker for Windows to privilege elevation. Docker is a container system that […]
Identifying Let’s Encrypt Revoked Certificates https://ift.tt/2VPS8Wj Let’s Encrypt is a free, automated, open certificate authority (CA) run for the public’s benefit as a service from the Internet Security Research Group (ISRG). It provides free digital certificates to enable HTTPS (SSL/TLS) for websites via user-friendly means. Earlier this week, Let’s Encrypt announced that a bug in its validation code forced it to revoke more […]
Razões para considerar uma carreira em cibersegurança https://ift.tt/3cw4PeP Quer esteja a acabar a escola, a sair da faculdade ou até a pensar em trocar de emprego, é provável que já tenha tido em conta a crescente indústria da tecnologia. Com novas ciberameaças a aparecer todos os dias não é de estranhar que os profissionais de […]
(IN)SECURE Magazine issue 65 released https://ift.tt/2HgdR1c (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 65 has been released today. It’s a free download, no registration required. Table of contents A case for establishing a common weakness enumeration for hardware security Things to keep in mind […]
Cisco Patches Critical CDP Flaws Affecting Millions of Devices https://ift.tt/31vmcHS Five critical vulnerabilities found in various implementations of the Cisco Discovery Protocol (CDP) could allow attackers on the local network to take over tens of millions of enterprise devices as discovered by IoT security company Armis. CDP is a proprietary Layer 2 (Data Link Layer) […]
Stack IT News 