#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News

Network Security | Breaking Cybersecurity News | The Hacker News

Category — Network Security
Zero Trust Security, Why It's Essential In Today's Threat Landscape

Zero Trust Security, Why It's Essential In Today's Threat Landscape

Jan 16, 2025
Coined in 2010 by Forrester Research , the term "zero trust" has long been hijacked by security vendors eager to take advantage of the hype that surrounds the concept. Today, it's so overused and misused that many see it as a meaningless buzzword—but that's far from the truth. In fact, its widespread misappropriation demonstrates the power of zero trust security. Why else would countless vendors try to capitalize on it? As they say, imitation is the sincerest form of flattery. Zero trust is not a mere label. Rather, zero trust is an architecture—though you'll also hear of a zero trust methodology, framework, paradigm, and infrastructure—and it's based on the idea of zero implicit trust, meaning no one should be trusted by default. The key zero trust principle of least-privileged access says a user should be given access only to a specific IT resource the user is authorized to access, at the moment that user needs it, and nothing more. Hence the zero trust maxim,...
Defensible Security Architecture and Engineering: Designing and Building Defenses for the Future

Defensible Security Architecture and Engineering: Designing and Building Defenses for the Future

Nov 25, 2024
As I usually say: 'attackers are lazy'. In other words, they always follow the path of least resistance. As defenders catch up with their tactics, techniques, and procedures, the asymmetric gap between offensive and defensive capability shrinks, pushing attackers to shift their battlefield strategy, perpetuating a game that repeats over and over again. Take, for example, endpoint protection. For the last few years, endpoint protection, detection, and response have been the centerpiece of security strategies. As modern endpoint security products get better at anticipating threats based on AI-based engines, providing richer visibility and more contextual detection capabilities, attackers are pivoting away from them, looking for 'blind spots' in your architecture, leveraging vulnerabilities and misconfigurations in network devices, supply chains, and even firmware embedded deep within devices, areas where security visibility is limited. This trend is particularly significant due to the ...
Beyond Castle Walls: Operational Technology and Zero Trust

Beyond Castle Walls: Operational Technology and Zero Trust

Nov 12, 2024
Throughout history, societies have protected their most valuable assets by building walls, fortresses, and moats. Whether it was a medieval castle or an ancient city-state, security meant keeping threats on the outside and creating barriers around the things that mattered most.  We took these principles with us as we moved into the digital age, designing network security with firewalls, access controls, and gated perimeters to protect digital assets. Firewalls and network devices became our virtual walls, defining trusted and untrusted zones, and keeping the "bad actors" at the gate. For years, this perimeter-based approach was the primary line of defense in the world of cybersecurity, establishing a digital fortress around systems and data. But just as history has shown us that walls and borders can be breached, so too has modern cybersecurity taught us that no perimeter is foolproof. As organizations increasingly connect their IT systems to the wider internet and integrate the...
Best Practices for Integrating ZTNA with Existing Security Infrastructure

Best Practices for Integrating ZTNA with Existing Security Infrastructure

Aug 15, 2024
Many organizations might not find it easy to integrate existing security infrastructure with zero-trust network access (ZTNA) solutions. At first glance, ZTNA bolsters the safety and flexibility of having a distributed staff. However, implementing such systems can be challenging as they may clash with older systems and existing security protocols. To begin with, security teams need to take into account the current architecture, potential friction points, and how user experience should be seamless when integrating ZTNA. Thankfully, there are rising tools and methodologies that make this process less complicated in order for companies to gain all the advantages of ZTNA without compromising their present state of security. To help you through this process smoothly without compromising your cybersecurity strategy, here are some best practices on how you can successfully implement ZTNA using your existing security infrastructure. Why should businesses implement ZTNA? Organizations cont...
7 Resources to Inform Your Next Hunt for Malicious Infrastructure

7 Resources to Inform Your Next Hunt for Malicious Infrastructure

Jul 16, 2024
So you're going on a threat hunt…and you want to catch a big (malicious) one. Identifying malicious infrastructure can be a particularly daunting threat-hunting objective. Attackers who are intent enough on setting up things like C2 networks, phishing sites, and impersonated domains, are also, not surprisingly, often very good at hiding their tracks with tactics ranging from the use of proprietary VPNs to compromised intermediary services. So even when malicious infrastructure is visible, source attribution can remain a thorny problem. That said, there are tools like Censys Search that can make the challenge of tracking and understanding malicious infrastructure more achievable. Consider the following user stories, how-to articles, and videos for insights you can use to inform, inspire, and even supercharge your next investigation into malicious infrastructure. 7 Resources Worth a Read (or Watch) 1. How to Identify Malicious Infrastructure: Demo Let's start with a quick video ...
Cybersecurity Resources