Network Security | Breaking Cybersecurity News | The Hacker News

With thousands of endpoints, cloud instances, remote users, and third-party integrations, securing the enterprise has become a massive target. Each change in the IT environment - whether driven by digital transformation, M&A activity, or routine system updates - creates new opportunities for adversaries to leverage. Yet, the network is the backbone of business operations. It must always be available to support production, collaboration, and growth.  In this article, we'll explore the specific challenges large enterprises face when validating their security posture and how leading security teams are evolving their testing strategies to match the scale, speed, and sophistication of large, multi-faceted IT networks.  The Challenges of Validating Enterprise Network Security Enormous attack surface - In large enterprises, the attack surface spans countless assets across on-prem, cloud, and hybrid environments, making comprehensive security validation incredibly complex. Ac...

Gone are the days of mass phishing campaigns. Today's attackers are leveraging generative AI (GenAI) to deliver hyper-targeted scams, transforming every email, text, or call into a calculated act of manipulation. With flawless lures and tactics designed to outsmart AI defenses, cybercriminals are zeroing in on HR, payroll, and finance teams—exploiting human vulnerabilities with precision. The Zscaler ThreatLabz 2025 Phishing Report dives deep into the rapidly evolving phishing landscape and uncovers the latest trends, including top phishing targets, real-world examples of AI-driven phishing attacks, and actionable best practices to defend against the next wave of AI-powered phishing threats. Key findings on phishing attacks The ThreatLabz research team analyzed over 2 billion blocked phishing transactions captured across the Zscaler Zero Trust Exchange™ cloud security platform from January 2024 to December 2024 and uncovered several key findings: Phishing is down but is more tar...

In today's digital landscape, where cyber threats are becoming increasingly sophisticated and pervasive, organizations must take a hard look at their traditional security models. For over three decades, firewalls and VPNs have been the backbone of network security. However, as the threat landscape evolves, it's clear that these legacy systems are no longer sufficient. Enter the Zero Trust model, exemplified by innovative solutions like Zscaler, which could revolutionize the way your organization approaches cybersecurity. Understanding the Risks Public IP Addresses as Attack Surfaces One of the critical vulnerabilities inherent in traditional security models is the reliance on public IP addresses. These addresses serve as direct attack surfaces for malicious actors. Just as having your phone number in a public directory makes you susceptible to unwanted calls, exposing public IPs makes organizations vulnerable to cyberattacks. Attackers can easily discover these IPs, allowing th...

Many moons ago, when the World Wide Web was young and the nerd in me was strong, I remember building a PC and setting it up as a web server. In those exciting, pioneering days, it was quite something to be able to have my very own IP address on the internet and serve my own web pages directly from my Apache server to the world. Great fun. I also remember looking at the server logs in horror as I scrolled through pages upon pages of failed login, and presumably hacking, attempts. I'd buttoned things up pretty nicely from a security standpoint, but even so, it would only have taken a vulnerability in an unpatched piece of software for a breach to occur, and from there, all bets would have been off. Even today, many internet service providers will let you provision your own server, should you feel brave enough. Of course, the stakes were not high for me at home, but knowing what we know now about the growth of ransomware attacks and how AI is facilitating them, no organization would da...

The surge in DDoS attack traffic this year has been driven in part by the rapid expansion of IoT devices - from smart watches and home appliances to cars, hundreds of millions of new devices are joining the global internet. Many of these new devices feature poor security and are easily added to attacker's pool of botnets.  It is true that the DDoS threat grows alongside internet expansion. But the relationship isn't linear. The true catalyst behind this surge lies in the mass availability of botnet-for-hire platforms and low-barrier attack tools. Meanwhile, the number of high-value targets – such as financial institutions, governments, and critical infrastructure – remains relatively fixed. The result is a growing imbalance, in which more attackers are armed with more tools - targeting the same essential services with increasing frequency and complexity. How AI Makes DDoS More Dangerous  AI and machine learning are impacting the evolution of DDoS strategies and tactics. T...

Businesses are firmly in attackers' crosshairs. Financially motivated cybercriminals conduct ransomware attacks with record-breaking ransoms being paid by companies seeking to avoid business interruption. Others, including nation-state hackers, infiltrate companies to steal intellectual property and trade secrets to gain commercial advantage over competitors. Further, we regularly see critical infrastructure being targeted by nation-state cyberattacks designed to act as sleeper cells that can be activated in times of heightened tension. Companies are on the back foot. Leaders must be confident in their cyber posture: Are defenses up to the job of keeping attacks at bay? Does the leadership team have a complete understanding of the threats and risks the company faces? How can CEOs seize the initiative to get ahead of threats? Adoption of zero trust architectures to improve cyber defense Businesses that don't embrace true zero trust will find themselves increasingly vulnerable to br...

It's been reported that a new, generative AI worm dubbed "Morris II" has emerged. And for many, this new, generative AI worm is an understandable reason to panic.  Pushing back against hysteria, however, we discover that Morris II only targets AI apps and AI-enabled email assistants. No attack is a good one, but at least this one's very specific. More importantly, the recognition that just as AI is helping to accelerate and automate attacks, it will also drastically improve security efficacy.  While AI threatens to overwhelm reactive security teams with the pace and sophistication of its onslaught, it can likewise enable proactive prevention through predictive processes and controls. This is critical to giving security teams the chance to withstand the barrage that awaits them. Scaling alongside AI-enabled attacks There are two proactive efforts that scale well when accelerated attacks become the norm. Neither of these efforts need to be AI-powered to be effective against...

Despite the widespread adoption of DDoS protection solutions, disruptive DDoS attacks continue to make headlines. Why? Even "basic" attacks are bypassing established defenses, as evidenced by the recent DDoS attack on X.  Our analysis, based on over 100,000 hours of annual attack simulations, reveals that all deployed DDoS protections are highly vulnerable — gaps that often go unnoticed until an attack successfully disrupts services. With no effective way to address these weaknesses preemptively, organizations remain exposed. This article examines why DDoS attacks persist and continue to inflict significant damage. How Even Simple Attacks Bring Down the Best DDoS Protections In 2024, Cloudflare reported more than 25 million DDoS attacks - representing a 53% YoY increase. This growing number of DDoS attacks and their escalating cost from damage begs the question: What are we missing? And how can the risk of these attacks (and the damage they cause) be reduced?  Unlike oth...

Hackers are constantly scanning your network, often spotting vulnerabilities before you do. They're looking for misconfigurations, exposed assets, and weak points that could lead to a breach—are you seeing what they see? Every activity or interaction that your organization does online – website, social media accounts, cloud services, third-party integrations, and more – contributes to its digital footprint. This digital footprint is information attackers use to find your weaknesses and attempt to exploit them.  What if you could anticipate how hackers plan to exploit your vulnerabilities before they strike? Imagine identifying the weaknesses most enticing to an attacker—before they become exploited. Attack Surface Management (ASM) solutions help organizations continuously identify, monitor and manage aspects of public-facing IT assets, including those that may be forgotten. ASM is the tool in the battle of visibility – either you see your weaknesses first, or attackers will show ...

Most IT security professionals would agree that the key ingredient for safeguarding networks is "reducing the attack surface." Fewer avenues for breaches mean reduced risk and fewer incidents for an enterprise: Hackers can't attack what they can't see. Reducing attack surface is the key to securing your network, applications, and—most importantly—your data. Calling all servers . . . The "attack surface" comprises the sum of all exposed points through various vectors that an attacker could target to compromise a computing device or network. You can group the attack vectors into three main categories: the channel (a listening TCP/UDP port), assets (which include applications, services, webpages, files, executables, etc.), and access (user credentials). Below is a breakdown of the various attack vector options available to attackers. The channel —typically an exposed-to-the-internet communications protocol like TCP or UDP—allows all entities on the internet to communicate with each ot...

Coined in 2010 by Forrester Research , the term "zero trust" has long been hijacked by security vendors eager to take advantage of the hype that surrounds the concept. Today, it's so overused and misused that many see it as a meaningless buzzword—but that's far from the truth. In fact, its widespread misappropriation demonstrates the power of zero trust security. Why else would countless vendors try to capitalize on it? As they say, imitation is the sincerest form of flattery. Zero trust is not a mere label. Rather, zero trust is an architecture—though you'll also hear of a zero trust methodology, framework, paradigm, and infrastructure—and it's based on the idea of zero implicit trust, meaning no one should be trusted by default. The key zero trust principle of least-privileged access says a user should be given access only to a specific IT resource the user is authorized to access, at the moment that user needs it, and nothing more. Hence the zero trust maxim,...