Problem solve

IPv6 security and network protocols security

• LDAP injection: How was it exploited in a Joomla attack?

  After eight years, Joomla discovered an LDAP vulnerability that could be exploited by threat actors. Learn how the attack works from expert Matt Pascucci. Continue Reading

• How to detect and defend against a TCP port 445 exploit

  The WannaCry TCP port 445 exploit returned the spotlight to Microsoft's long-abused networking port. Network security expert Kevin Beaver explains how to detect and defend such attacks. Continue Reading

• How to use an interface identifier to check for IPv6 network updates

  To find out if your IPv6 network has been updated to RFC 7217, you can perform a test using the interface identifier. Expert Fernando Gont explains how to do this. Continue Reading

• How does IP hijacking work and how can it be prevented?

  IP hijacking incidents are on the rise because IP addresses can be easily targeted. Expert Judith Myerson explains how these attacks work and how they can be prevented. Continue Reading

• Using IPv6 atomic fragments for a denial-of-service attack

  IPv6 atomic fragments can be dangerous for enterprises. Expert Fernando Gont explains their relation to a new denial-of-service attack vector and how to mitigate the threat. Continue Reading

• DNS reverse address mapping: Exploiting the scanning technique

  Scanning IPv6 addresses can be made easy with DNS reverse mapping. In part two of this series, expert Fernando Gont explains how this technique can be exploited and mitigated.Continue Reading

• How does DNSChanger take advantage of WebRTC protocols?

  WebRTC protocols are being targeted by a new version of the DNSChanger exploit kit. Judith Myerson explains how these attacks work and what enterprises should know.Continue Reading

• How can enterprises fix the NTP daemon vulnerability to DoS attacks?

  A recently patched NTP daemon vulnerability has put enterprises at risk. Expert Matthew Pascucci explains the vulnerability and how organizations can defend against it.Continue Reading

• Risk & Repeat: Corero on DDoS defense in the IoT era

  In this episode of SearchSecurity's Risk & Repeat podcast, Dave Larson of Corero Network Security discusses how DDoS defense has shifted to deal with IoT threats.Continue Reading

• Risk & Repeat: Rapid7 tackles IoT threats, vulnerabilities

  In this episode of SearchSecurity's Risk & Repeat podcast, Tod Beardsley and Rebekah Brown of Rapid7 talk about the IoT threat landscape and improving IoT device security.Continue Reading

• How to handle out-of-band management for network infrastructure

  Out-of-band management can be used for handling network infrastructure. Expert Judith Myerson explains the benefits of out-of-band management and how it can be implemented.Continue Reading

• The security risks of network sensors in the enterprise

  The proliferation of network sensors for embedded systems and IoT devices can create problems for enterprises. Expert Kevin Beaver explains the risks these sensors pose.Continue Reading

• Will TLS 1.3 solve the problems of certificate authorities?

  Transport Layer Security (TLS) and Secure Sockets Layer (SSL) cryptographic protocols have long been the cornerstone of Web application security, and the whole process finds its root (quite literally) in a system of signed certificates. The trouble ...Continue Reading

• Can eavesdropping over the SS7 protocol be prevented?

  Recently revealed insecurities in SS7 have left many unsure about the well-used protocol needed for phone connections. However, the answer to achieving security is not easily obtained.Continue Reading

• The Third Network: What are the security risks for Ethernet as a service?

  Ethernet as a service, or the Third Network, aims to deliver faster services to users across carriers and providers, but what are the risks? Network security expert Kevin Beaver explains.Continue Reading