134 Results Found
Gaining access is the most important phase of an attack in terms of potential damage, although attackers don’t always have to gain access to the system to cause damage. For instance, denial-of-service attacks can either exhaust resources or stop services from running on the target system. Stopping a service can be carried out by killing processes, using a logic/time bomb, or even reconfiguring and crashing the system. Resources can be exhausted locally by filling up outgoing communication links.
Cybersecurity has matured into a complex and diverse set of functions. Each of these functional specializations represent different roles requiring different knowledge, skills, and abilities.
The Target breach exposed the credit card information of 40 million customers and made huge international headlines. But, the entry point should have been the real story. No matter how solid a company’s cyber defense, they have to be concerned with their entire cybersecurity exposure, including supply, partner and support chains. In the Target case, there were errors throughout. It was a breach waiting to happen.
It should come as no surprise that in this modern era of digital data we need encryption. But what exactly is it? How do you know what kind of encryption you need? If you were to ask someone what kind of encryption they use, they may respond with a specific encryption-based product, like full-disk encryption. Or they may mention an encryption-based protocol, like HTTPS (HyperText Transport Protocol over SSL). But encryption is much more complicated than that.
There are several advantages to implementing a route-based VPN (a.k.a. tunnel interface VPN) instead of a site-to-site one. Learn more.
The subject of this week’s post was actually prompted by a question from a former colleague. Soon after the PIX Firewall added support for IPSec Virtual Private Networks, a command was added to the command-line, sysopt connection permit-ipsec. This command was subse...
The Global Knowledge IT Skills and Salary Report is a window into the inner workings of IT departments, revealing insights and opinions held by professionals around the world. For 10 years, we have surveyed over 120,000 men and women in IT about the state of the industry. With a decade of data at our fingertips, we analyzed 10 years’ worth of reports and noticed four major trending areas: certifications, salaries, cloud computing and cybersecurity.
I recently was presented with the challenge of logging ALL of the pertinent connection, disconnection, and termination messages associated with the Cisco SSL AnyConnect client without overwhelming the syslog capture display with extraneous messages. This blog will br...
Constant change in the technology landscape has been mirrored by the steady evolution of information security. The current information system environment is increasingly complex, comprising storage, servers, LANs/WANs, workstations, Unified Communications, Intranet, and Internet connections.
As any network administrator will tell you, the ASA Security appliance (as well as its forerunner, the PIX) are capable of generating massive amounts of log messages, especially when the firewall/security appliance is set to log messages at debug level to the syslog...