Architecture, Information Security and Internet

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. Effective implementation improves data throughput, system reliability, and overall security for any organization. or segregated as cloud or network attached storage (NAS).

Architecture

Architecture Network Security Firewall Risk

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. In this latest campaign, our investigation also uncovered prebuilt Hiatus binaries that target new architectures such as Arm, Intel 80386, and x86-64 and previously targeted architectures such as MIPS, MIPS64, and i386.

Architecture

Architecture Internet Internet Malware

Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

Security Affairs

FEBRUARY 19, 2025

The company warns that the risk is higher if the management interface is accessible from the internet or an untrusted network, directly or via a dataplane interface with a management profile. The security vendor recommends restricting access to trusted internal IP addresses to minimize the risk of exploitation.

Firewall

Firewall Authentication Architecture Internet

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security Affairs

JUNE 15, 2020

The second architectural flaw is related subscriber credentials that are checked on S-GW (SGSN) equipment by default. phone number) of a real subscriber and impersonate him to access the Internet. “On all tested networks, it was possible to use mobile Internet at the expense of both other subscribers and the operator.”

Mobile

Mobile Internet Internet Advertising

Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

Security Affairs

FEBRUARY 15, 2025

The company warns that the risk is higher if the management interface is accessible from the internet or an untrusted network, directly or via a dataplane interface with a management profile. “Fundamentally, these sorts of architectures lead to things like header smuggling and path confusion, which can result in many impactful bugs!

Firewall

Firewall Authentication Architecture Risk

As Internet-Connected Medical Devices Multiply, So Do Challenges

Cisco Security

JUNE 15, 2022

To consumers, the Internet of Things might bring to mind a smart fridge that lets you know when to buy more eggs, or the ability to control your home’s lighting and temperature remotely through your phone. But for cybersecurity professionals, internet-connected medical devices are more likely to be top-of-mind.

Internet

Internet Internet Manufacturing IoT

Google Responds to Warrants for “About” Searches

Schneier on Security

OCTOBER 13, 2020

“We vigorously protect the privacy of our users while supporting the important work of law enforcement,” Google’s director of law enforcement and information security Richard Salgado told us. We have knowingly and willingly built the architecture of a police state, just so companies can show us ads.

Surveillance

Surveillance Wireless Accountability Architecture

What Is a DMZ Network? Definition, Architecture & Benefits

eSecurity Planet

APRIL 7, 2023

However, when your DMZ network includes a proxy server, administrators also have the option to filter all internal internet usage through the DMZ. Also read: Network Protection: How to Secure a Network How DMZ Networks Work DMZ networks work through isolation, but first, through network segmentation.

Architecture

Architecture Firewall Network Security Technology

Experts found multiple flaws in Mercedes-Benz infotainment system

Security Affairs

JANUARY 21, 2025

The experts used a diagnostic software to analyze the vehicle architecture, scan the Electronic Control Unit (ECU), identify its version, and test diagnostic functions. The research combined hardware interfaces and software to communicate with the vehicle via Diagnostic Over Internet Protocol (DoIP).

Software

Software Architecture Media Engineering

CTO of Center for Internet Security Expounds on Transforming InfoSec

SecureWorld News

NOVEMBER 9, 2022

We have so much change happening and we can drive it to happen in a more positive way to reduce the resource needs for organizations and actually scale security for businesses of all sizes.". Or is that just too much of a reach?

InfoSec

InfoSec Internet Internet Encryption

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

the firm’s Head of Security Engineering and Architecture, is quoted as saying that Apple “makes the most secure mobile devices on the market.”. Also concerning is the fact that in Apple’s Lockdown announcement, Ivan Krsti?, Is that really true?

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

The Last Watchdog

MAY 19, 2022

As every computer security professional knows, if anything is on the Internet, it’s subject to increasingly sophisticated attacks. percent of CMS users worry about the security of their CMS—while 46.4 percent actually had a CMS security issue affect their content.

Data breaches

Data breaches Encryption Mobile Technology

NASA identified 1,785 cyber incidents in 2020

Security Affairs

MAY 27, 2021

“The cyber threat to NASA’s computer networks from internet-based intrusions is expanding in scope and frequency, and the success of these intrusions demonstrates the increasingly complex nature of cybersecurity challenges facing the Agency. . Pervasive weaknesses exist in NASA IT internal controls and risk management practices. •

Information Security

Information Security Cyber Attacks Mobile Architecture

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

The Last Watchdog

OCTOBER 19, 2020

For organizations looking to improve their security posture, this is causing confusion and vendor fatigue, especially for companies that don’t have a full time Chief Information Security Officer. The vendors are well-intentioned.

eCommerce

eCommerce Cybersecurity B2B Marketing

Czech cyber-security agency warns over Huawei, ZTE security threat

Security Affairs

DECEMBER 18, 2018

. “The main issue is a legal and political environment of the People’s Republic of China, where (the) aforementioned companies primarily operate,” reads a statement issued by the Czech National Cyber and Information Security Agency. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Manufacturing

Manufacturing Advertising Internet Internet

Large-scale extortion campaign targets publicly accessible environment variable files (.env)

Security Affairs

AUGUST 18, 2024

This extortion campaign involved several security failures, including exposing environment variables, using long-lived credentials, and the lack of a least privilege architecture. This indicates that these threat actor groups are both skilled and knowledgeable in advanced cloud architectural processes and techniques.”

Architecture

Architecture Internet Internet Media

New NKAbuse malware abuses NKN decentralized P2P network protocol

Security Affairs

DECEMBER 15, 2023

The malicious code can target various architectures, it supports both flooder and backdoor capabilities. The primary target of NKAbuse is Linux desktops, however, it can target MISP and ARM architecture. The protocol enables secure and low-cost data transfer. ” reads the report published by Kaspersky.

Malware

Malware Architecture Technology DDOS

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected systems, such as routers, IoT devices, and servers. In the current version, each node cannot send control command to its peers.

Architecture

Architecture IoT Malware Advertising

Firms with exposed IoT have a higher concentration of other security problems

SC Magazine

JANUARY 29, 2021

For example, companies with exposed IoT are more than 50% more likely to have email security issues, according to a new report and blog post from the Cyentia Institute and RiskRecon. But what does that correlation mean for chief information security officers? Let’s say you had a printer operating on the internet.

IoT

IoT Internet Internet CISO

Czech public radio says Huawei Czech Unit secretly collected data

Security Affairs

JULY 22, 2019

In December 2018, the Czech National Cyber and Information Security Agency warned against using the equipment manufactured by Chinese firms Huawei and ZTE because they pose a threat to state security. The Chinese firm was already excluded by several countries from building their 5G internet networks.

Manufacturing

Manufacturing Internet Internet Advertising

DDoS attacks leverages Plex media server

SC Magazine

FEBRUARY 4, 2021

Indeed, what should be evaluated among chief information security officers “is the security posture of the home environment ,” said Roland Dobbins, Netscout principal engineer, who authored the report. “That includes the broadband internet access router.

DDOS

DDOS Media Engineering Internet

Western Digital customers have to update their My Cloud devices to latest firmware version

Security Affairs

DECEMBER 18, 2021

Devices running no longer supported firmware will not receive security updates in the future with the result that they will be more exposed to cyber-attacks. For this reason, it is essential to disconnect these devices from the internet, disable remote access, and use a strong, unique password.

Firmware

Firmware Architecture Internet Internet

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Security Affairs

DECEMBER 17, 2018

In November 2018, the Wall Street Journal reported that the US Government is urging its allies, including Germany, to exclude Huawei from critical infrastructure and 5G architectures. Huawei was already excluded by several countries from building their 5G internet networks.

Technology

Technology Advertising Internet Internet

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet leverages a robust architecture based on a combination of third-party services, P2P, and Command & Control servers. This architecture was implemented to make the botnet resilient to takedowns by law enforcement and security firms with the support of the vendors of the infected devices.

Architecture

Architecture DDOS Advertising DNS

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

Eagerbee backdoor targets govt entities and ISPs in the Middle East

Security Affairs

JANUARY 6, 2025

Kaspersky researchers reported that new variants of the Eagerbee backdoor being used in attacks against Internet Service Providers (ISPs) and government entities in the Middle East. dll , gathers system information, including NetBIOS name, OS details, processor architecture, and IP addresses. The backdoor, named dllloader1x64.dll

Malware

Malware Architecture Government Hacking

Cryptojacking campaign targets exposed Docker APIs

Security Affairs

JUNE 19, 2024

The attack begins with the threat actor scanning the internet to find hosts with Docker’s default port 2375 open. Researchers at Datadog uncovered a new cryptojacking campaign linked to the attackers behind Spinning YARN campaign. The threat actors target publicly exposed and unsecured Docker API endpoints for initial access.

Internet

Internet Internet Malware Architecture

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

JULY 19, 2021

The seller published multiple ads in multiple hacking forums and also offered access to a sample of the stolen info, including blueprints and PII.

Engineering

Engineering Data breaches Telecommunications Wireless

Experts warn of China-linked APT’s Raptor Train IoT Botnet

Security Affairs

SEPTEMBER 18, 2024

“The investigation has yielded insights into the botnet’s network architecture, exploitation campaigns, malware components, and operational use, illuminating the evolving tactics and techniques employed by the threat actors. “This botnet has targeted entities in the U.S. ” concludes the report.

IoT

IoT Wireless DDOS Architecture

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

In November 2018, the Wall Street Journal reported that the US Government was urging its allies to exclude Huawei from critical infrastructure and 5G architectures. Chinese equipment is broadly adopted in many allied countries, including Germany, Italy, and Japan.

Manufacturing

Manufacturing Advertising Surveillance Architecture

Cuttlefish malware targets enterprise-grade SOHO routers

Security Affairs

MAY 1, 2024

Researchers at Lumen’s Black Lotus Labs discovered a new malware family, named Cuttlefish, which targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data from internet traffic. The binary analyzed by the researchers is compiled for all major architectures used by SOHO operating systems.

Malware

Malware DNS Authentication Telecommunications

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

The campaign was uncovered by CrowdStrike by investigating a series of security incidents in multiple countries, the security firm added that the threat actors show an in-depth knowledge of telecommunications network architectures. ” reads the report published by Crowdstrike.

Telecommunications

Telecommunications Mobile Hacking Architecture

Honoring our ‘Cybersecurity Defender of the Year’

Cisco Security

NOVEMBER 4, 2021

Shawnee Heights deployed Cisco security solutions on Apple iOS to gain control and visibility into Internet traffic for its fleet of 4,300 iPads. Now, students and staff have secure access to online school content from anywhere. Enric Cuixeres Saez – Head of Information Technology, Leng-d’Or.

Cybersecurity

Cybersecurity Technology Education Marketing

Y2k + 20: risk, COVID and "the Internet issue"

Notice Bored

JANUARY 9, 2021

So, egged-on by information security pro's and IT auditors (me, for instance), management took the risk seriously and invested significant resources into solving "the Y2k issue". Go ahead, show me the associated risk profiles and documented security architectures. The sheer scale of the Internet problem is the real issue.

Internet

Internet Internet Risk InfoSec

Updated MATA attacks industrial companies in Eastern Europe

SecureList

OCTOBER 18, 2023

The actors behind the attack used spear-phishing mails to target several victims, some were infected with Windows executable malware by downloading files through an internet browser. Next, they were able to access the control panels of two security solutions simultaneously. The last one we named MATA gen.5

Malware

Malware Phishing Internet Internet

The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases

Security Affairs

AUGUST 5, 2022

It allows threat actors to target multiple architectures without requiring technical skills. “The platform currently supports Windows, Linux and Python-based payloads, allowing adversaries to target multiple architectures without requiring significant development resources.”

Architecture

Architecture DDOS Internet Internet

Amadey malware spreads via software cracks laced with SmokeLoader

Security Affairs

JULY 25, 2022

Then the malware contacts the C2 and sends system information (i.e. computer name, user name, OS version, architecture type, list of installed anti-malware products) to the operators. Once the malware is installed, it can stay in the system to steal user information and download additional payloads.” Pierluigi Paganini.

Software

Software Malware Cybercrime VPN

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. Then the script downloads the actual Enemybot binary which is compiled for the target device’s architecture. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion.

DDOS

DDOS Architecture Malware Cybercrime

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

SEPTEMBER 13, 2019

” Recently, experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. The installation script also retrieves the contents of a Pastebin URL containing a Monero wallet ID and mining information, then it downloads the miner.

Architecture

Architecture Cryptocurrency Malware Advertising

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. The IT giant is tracking this cluster of threat activity as DEV-1061. The bot is saved using the filename “zero.”.

IoT

IoT DDOS Malware Firmware

Cisco Talos — Our not-so-secret threat intel advantage

Cisco Security

AUGUST 24, 2022

Talos is comprised of highly skilled researchers, analysts, and engineers who provide industry-leading visibility, actionable intelligence, and vulnerability research to protect both our customers and the internet at large. We refer to this as security resilience , and Talos plays a critical role in helping our customers achieve it.

Engineering

Engineering Education Information Security Architecture

What do cybersecurity experts predict in 2022?

CyberSecurity Insiders

DECEMBER 24, 2021

As long-time information security professionals and (ISC)² Community Champions, we have experienced the way cybersecurity employees engage and work with one another continue to adapt in response to changes in the workplace and world at large. We suggest that all cybersecurity professionals be informed on these topics as they evolve.

Cybersecurity

Cybersecurity Ransomware VPN Architecture

New Go-based botnet Zerobot exploits dozens of flaws

Security Affairs

DECEMBER 7, 2022

Researchers discovered a new Go-based botnet called Zerobot that exploits two dozen security vulnerabilities IoT devices. Fortinet FortiGuard Labs researchers have discovered a new Go-based botnet called Zerobot that spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications.

IoT

IoT Architecture Internet Internet

AT&T Cybersecurity’s managed SASE service wins CyberSecurity Breakthrough award

CyberSecurity Insiders

NOVEMBER 8, 2021

As organizations strive for excellence in digital transformation and face the realities of an accelerated push to remote work, they’ve been called to rethink their networking and cybersecurity architecture. SASE helps future-proof cybersecurity architecture by decoupling security control from the data center.

Cybersecurity

Cybersecurity Digital transformation Architecture Technology

Network Security Architecture: Best Practices & Tools

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Trending Sources

Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

As Internet-Connected Medical Devices Multiply, So Do Challenges

Google Responds to Warrants for “About” Searches

What Is a DMZ Network? Definition, Architecture & Benefits

Experts found multiple flaws in Mercedes-Benz infotainment system

CTO of Center for Internet Security Expounds on Transforming InfoSec

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

NASA identified 1,785 cyber incidents in 2020

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

Czech cyber-security agency warns over Huawei, ZTE security threat

Large-scale extortion campaign targets publicly accessible environment variable files (.env)

New NKAbuse malware abuses NKN decentralized P2P network protocol

New HEH botnet wipes devices potentially bricking them

Firms with exposed IoT have a higher concentration of other security problems

Czech public radio says Huawei Czech Unit secretly collected data

DDoS attacks leverages Plex media server

Western Digital customers have to update their My Cloud devices to latest firmware version

Germany’ BSI chief says ‘No Evidence’ of Huawei spying

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Updated Kmsdx botnet targets IoT devices

Eagerbee backdoor targets govt entities and ISPs in the Middle East

Cryptojacking campaign targets exposed Docker APIs

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Experts warn of China-linked APT’s Raptor Train IoT Botnet

US officials claim Huawei Equipment has secret backdoor for spying

Cuttlefish malware targets enterprise-grade SOHO routers

China-linked LightBasin group accessed calling records from telcos worldwide

Honoring our ‘Cybersecurity Defender of the Year’

Y2k + 20: risk, COVID and "the Internet issue"

Updated MATA attacks industrial companies in Eastern Europe

The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases

Amadey malware spreads via software cracks laced with SmokeLoader

Enemybot, a new DDoS botnet appears in the threat landscape

WatchBog cryptomining botnet now uses Pastebin for C2

A new Zerobot variant spreads by exploiting Apache flaws

Cisco Talos — Our not-so-secret threat intel advantage

What do cybersecurity experts predict in 2022?

New Go-based botnet Zerobot exploits dozens of flaws

AT&T Cybersecurity’s managed SASE service wins CyberSecurity Breakthrough award

Stay Connected