Network World

Cisco issues critical security warning for IOS XE REST API container

Network World - Tue, 10/22/2019 - 3:24pm

Cisco this week said it issued a software update to address a vulnerability in its Cisco REST API virtual service container for Cisco IOS XE software that scored a critical 10 out of 10 on the Common Vulnerability Scoring System (CVSS) system.

With the vulnerability an attacker could submit malicious HTTP requests to the targeted device and if successful, obtain the token-id of an authenticated user. This token-id could be used to bypass authentication and execute privileged actions through the interface of the REST API virtual service container on the affected Cisco IOS XE device, the company said.

To read this article in full, please click here

Categories: Network World

Your best defense against insider threats | TECH(talk)

Network World - Tue, 10/22/2019 - 12:36pm
When employees are your weakest link, companies must have programs in place to prevent them from accidentally or intentionally putting the organization at risk. Watch as TECHtalk hosts Ken Mingis and Juliet Beauchamp discuss various options with CSO’s Lucian Constantin.
Categories: Network World

Train to be a certified cyber security professional for just $39

Network World - Mon, 10/21/2019 - 10:56am

Cyber crime is responsible for a staggering amount of damage and chaos around the world. Want to be a part of the solution? Then train for a career in this demanding field with The A to Z Cyber Security and IT Certification Training Bundle.

This e-training bundle is perfect for anyone who has an interest in putting a stop to cyber crime. It includes twelve courses that’ll introduce students to ethical hacking methods, show them how to test a network for weaknesses, and identify problems so they can be fixed prior to being exploited. It’s fast, flexible, and you can even apply your training in preparation for several certification exams

To read this article in full, please click here

Categories: Network World

Microsoft’s Windows, Office 365 advice for secure elections

Network World - Wed, 10/16/2019 - 6:00am
Microsoft has issued guidance and offered resources to help election officials and candidate campaigns to better protect their Windows and Office 365 systems.
Categories: Network World

Can microsegmentation help IoT security?

Network World - Fri, 10/11/2019 - 12:00am

The Internet of Things (IoT) promises some big benefits for organizations, such as greater insights about the performance of corporate assets and finished products, improved manufacturing processes, and better customer services. The nagging security issues related to IoT, unfortunately, remain a huge concern for companies and in some cases might be keeping them from moving forward with initiatives. One possible solution to at least some of the security risks of IoT is microsegmentation, a  concept in networking that experts say could help keep IoT environments under control.

To read this article in full, please click here

(Insider Story)
Categories: Network World

VMware builds security unit around Carbon Black tech

Network World - Thu, 10/10/2019 - 2:58pm

VMware has wrapped up its $2.1 billion buy of cloud-native endpoint-security vendor Carbon Black and in the process created a new security business unit that will target cybersecurity and analytics to protect networked enterprise resources.

When VMware announced the acquisition in August, its CEO Pat Gelsinger said he expected Carbon Black technology to be integrated across VMware’s product families such as NSX networking software and vSphere, VMware's flagship virtualization platform. “Security is broken and fundamentally customers want a different answer in the security space. We think this move will be an opportunity for major disruption,” he said. 

To read this article in full, please click here

Categories: Network World

Top enterprise VPN vulnerabilities

Network World - Tue, 10/08/2019 - 6:00am
Don’t assume VPNs are always safe. These popular enterprise VPNs all have known remote code execution vulnerabilities.
Categories: Network World

How to safely erase data under Windows

Network World - Wed, 10/02/2019 - 6:00am
Bitlocker and self-encrypting hard drives can make it easier to erase data so that it cannot be recovered. This is how the “crypto-erase” method works.
Categories: Network World

IoT roundup: Security holes abound, GE Digital makes noise and more

Network World - Mon, 09/30/2019 - 12:28pm
This week, we look at IoT security holes -- both usual and unusual -- an IIoT player makes a move, and mergers and partnerships worth noting.
Categories: Network World

Cisco: 13 IOS, IOS XE security flaws you should patch now

Network World - Thu, 09/26/2019 - 11:18am

Cisco this week warned its IOS and IOS XE customers of 13 vulnerabilities in the operating system software they should patch as soon as possible.

All of the vulnerabilities – revealed in the company’s semiannual IOS and IOS XE Software Security Advisory Bundle – have a security impact rating (SIR) of "high". Successful exploitation of the vulnerabilities could allow an attacker to gain unauthorized access to, conduct a command injection attack on, or cause a denial of service (DoS) condition on an affected device, Cisco stated. 

"How to determine if Wi-Fi 6 is right for you"

Two of the vulnerabilities affect both Cisco IOS Software and Cisco IOS XE Software. Two others affect Cisco IOS Software, and eight of the vulnerabilities affect Cisco IOS XE Software. The final one affects the Cisco IOx application environment. Cisco has confirmed that none of the vulnerabilities affect Cisco IOS XR Software or Cisco NX-OS Software.  Cisco has released software updates that address these problems.

To read this article in full, please click here

Categories: Network World

How to move users to the Outlook app with Intune

Network World - Wed, 09/25/2019 - 6:00am
Microsoft is turning off basic authentication, so it’s wise to move mobile users to the Outlook app to better protect them from attackers.
Categories: Network World