Password reset FAILURE: The U.S. Cybersecurity and Infrastructure Security Agency warns GitLab users of a 100-day-old, maximum severity vulnerability.

The post GitLab ‘Perfect 10’ Bug Gets a CISA Warning: PATCH NOW appeared first on Security Boulevard.

The blockchain analysis company is using a deep learning model, new AI techniques, and a massive dataset to better detect and track money laundering on a Bitcoin blockchain.

The post Elliptic Shows How an AI Model Can Identify Bitcoin Laundering appeared first on Security Boulevard.

Drop Dropbox? The company apologized as user details were leaked from its “Dropbox Sign” product.

The post Dropbox Hacked: eSignature Service Breached appeared first on Security Boulevard.

Network detection and response (NDR) provider Corelight has raised $150 million in a Series D funding round led by Accel.

The post Network Security Firm Corelight Raises $150 Million appeared first on SecurityWeek.

Cuttlefish malware platform roaming around enterprise SOHO routers capable of covertly harvesting public cloud authentication data from internet traffic.

The post Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data  appeared first on SecurityWeek.

Venafi introduced a 90-Day TLS Readiness solution to help enterprises prepare for Google’s proposed 90-day limit for the lifecycle of a digital certificate.

The post Machine Identity Firm Venafi Readies for the 90-day Certificate Lifecycle appeared first on SecurityWeek.

Nice Cup of IoTea? The UK’s Product Security and Tele­comm­uni­cations Infra­struc­ture Act aims to improve the security of net-connected consumer gear.

The post Brits Ban Default Passwords — and More IoT Stupidity appeared first on Security Boulevard.

While China-linked Muddling Meerkat’s operations look like DNS DDoS attacks, it seems unlikely that denial of service is their goal, at least in the near term.

The post Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report appeared first on SecurityWeek.

Source: securityboulevard.com – Author: Krupa Patil SSH and SSL/TLS are two widely used cryptographic protocols for establishing secure connections and ensuring secure communication between two parties over an unsecured network. While both protocols offer the same benefits—authentication, encryption, and data integrity—they are designed for different use cases and have distinct features. Here is a deep […]

La entrada SSH vs. SSL/TLS: What’s The Difference? – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

SSH and SSL/TLS are two widely used cryptographic protocols for establishing secure connections and ensuring secure communication between two parties over an unsecured network. While both protocols offer the same benefits—authentication, encryption, and data integrity—they are designed for different use cases and have distinct features. Here is a deep dive into how they work, what […]

The post SSH vs. SSL/TLS: What’s The Difference? appeared first on Security Boulevard.

External penetration testing is a critical cybersecurity practice that helps organisations defend their internet-facing assets. By simulating the actions of a real-world attacker, external penetration tests reveal vulnerabilities in your web applications, networks, and other externally accessible systems. This post delves into the methodology, popular tools, associated costs, and step-by-step procedures of external penetration testing. …

External Penetration Testing: Cost, Tools, Steps, & Checklist Read More »

The post External Penetration Testing: Cost, Tools, Steps, & Checklist appeared first on Security Boulevard.

Smishing is hard to stamp out. Worse, bogus domains surpass the legitimate one during the holiday season, when more people expect packages.

The post USPS Phishing Scams Generate Almost as Much Traffic as the Real Site appeared first on Security Boulevard.

The capital investment firm Thoma Bravo will take Darktrace private, ending a three-year ordeal for the company on the London Stock Exchange.

The post Thoma Bravo to Buy Cybersecurity Firm Darktrace for $5.3 Billion appeared first on Security Boulevard.

MDM Hindered: Android phones are still OK; this is Samsung’s home, after all.

The post South Korean iPhone Ban: MDM DMZ PDQ appeared first on Security Boulevard.

Network penetration testing is an essential element of a business penetration testing strategy. It focused on the infrastructure assets such as networks, segmentation, network devices, and configuration. This post focuses on network penetration testing, its types, methodology, costs, tools, etc. 💡This Guide is part of our extenstive guide on penetration testing. What is network (infrastructure) …

Everything you need to know about network penetration testing [+checklist to follow] Read More »

The post Everything you need to know about network penetration testing [+checklist to follow] appeared first on Security Boulevard.

Okta warned of a spike in credential stuffing attacks using anonymizing services such as Tor, DataImpulse, Luminati, and NSocks.

The post Okta Warns of Credential Stuffing Attacks Using Tor, Residential Proxies appeared first on SecurityWeek.

With cyber threats constantly evolving, protecting your network’s security is important. Network pen testing, also known as Network VAPT (Vulnerability Assessment and Penetration Testing), helps you attain this objective. It is a simulated cyber attack carried out by ethical hackers to detect and exploit flaws in your network infrastructure. What is Network Infrastructure? Network infrastructure […]

The post What is Network Pen Testing? appeared first on Kratikal Blogs.

The post What is Network Pen Testing? appeared first on Security Boulevard.

North American software developers have reasonable confidence that generative AI can be a tool to improve the security of the software they're building. In other regions? Not so much.

The post North American Developers Optimistic About Generative AI and Code Security appeared first on Security Boulevard.

Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400.

The post Palo Alto Networks Shares Remediation Advice for Hacked Firewalls appeared first on SecurityWeek.

A threat group that’s been around since last year and was first identified earlier this month is using three high-profile information stealers in a wide-ranging campaign to harvest credentials, financial information, and cryptocurrency wallets from targets around the world who were downloading the malware that masqueraded as movie files. Researchers with Cisco’s Talos threat intelligence..

The post CoralRaider Group Delivers Three Infostealers via CDN Cache appeared first on Security Boulevard.

Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks.

The post Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms appeared first on SecurityWeek.

SD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE. 

The post SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking appeared first on SecurityWeek.

The new directive prohibits data disclosure when law enforcement agencies want to investigate people, healthcare providers, or others seeking reproductive care that is lawful where the care is given.

The post HHS Strengthens Privacy of Reproductive Health Care Data appeared first on Security Boulevard.

The health insurance giant also admitted that it paid a ransom to the threat group as its CEO prepares to testify before Congress May 1.

The post UnitedHealth: Ransomware Attackers Stole Huge Amount of Data appeared first on Security Boulevard.

Source: securityboulevard.com – Author: Jeffrey Burt The takedown this week of a massive phishing-as-a-service (PhaaS) operation spanned law enforcement agencies from both sides of the Atlantic and is the latest example of an increasingly aggressive approach by authorities to disrupt the operations of high-profile cybercriminal gangs. Agencies from 19 countries participated in the operation against […]

La entrada LabHost Phishing Platform is Latest Target of International Law Agencies – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Cisco announces Hypershield, an AI-native and cloud-native enterprise security solution with a wide range of capabilities.

The post Cisco Unveils AI-Native Enterprise Security Solution Hypershield appeared first on SecurityWeek.

Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves.

The post You Against the World: The Offenders Dilemma appeared first on SecurityWeek.

Zscaler announces plans to acquire Airgap Networks, a venture-backed startup selling network segmentation and secure access technologies.

The post Zscaler to Acquire Network Segmentation Tech Startup Airgap Networks appeared first on SecurityWeek.

SecurityWeek speaks to Tom Scholl, VP and distinguished engineer at AWS, on how the organization tackles IP Spoofing and DDoS attacks.

The post Inside AWS’s Crusade Against IP Spoofing and DDoS Attacks appeared first on SecurityWeek.

In this increasingly digitized and interconnected world, the importance of network security cannot be emphasized enough. From protecting personal data to safeguarding sensitive business information, it plays a crucial role in ensuring smooth functioning and preventing cyber threats. But what exactly is network security? With so many types and methods of implementation available it can seem like a complex topic. As networks expand in size and complexity, the risk of cyber attacks escalates. For instance, IBM's Cost of a Data Breach 2023 report revealed that 82% of data breaches involved cloud-stored data, with substantial financial repercussions. The global average cost of a data breach stands at USD 4.45 million, while the figure exceeds USD 9.48 million in the United States alone. Let's discuss everything about network security.

What is Network Security With Example?

Network security, a critical aspect of cybersecurity, is dedicated to safeguarding computer networks and systems against both internal and external cyber threats and attacks. With three primary objectives, network security aims to:

• Prevent unauthorized access to network resources.
• Detect and halt cyber attacks and security breaches as they occur.
• Ensure secure access for authorized users to network resources when needed.

Network security measures are essential for protecting the integrity of network infrastructure, resources, and traffic, thereby mitigating the financial and operational impact of cyber attacks. Example: An example of network security in action is a company implementing a firewall to protect its internal network from unauthorized access. The firewall acts as a barrier between the company's internal network and the internet, monitoring incoming and outgoing traffic and blocking any suspicious or potentially harmful data packets. Additionally, the company may use intrusion detection and prevention systems (IDPS) to monitor network traffic for signs of malicious activity and automatically respond to threats in real-time. By implementing these network security measures, the company can help safeguard its sensitive data, applications, and systems from cyber threats.

How Does Network Security Work

Network security works by implementing various measures and technologies to protect computer networks from unauthorized access, cyberattacks, and other security threats. Here's how it works:

1) Access Control:

Network security employs access control mechanisms to regulate who can access the network and its resources. This includes user authentication through passwords, biometric scans, or multi-factor authentication, as well as authorization protocols to determine the level of access granted to each user.

2) Firewalls:

Firewalls are a fundamental component of network security. They act as a barrier between an organization's internal network and external networks, such as the Internet. Firewalls monitor and control incoming and outgoing network traffic based on predefined security rules, blocking unauthorized access and potentially malicious traffic.

3) Intrusion Detection and Prevention Systems (IDPS):

IDPS continuously monitors network traffic for signs of suspicious activity or known attack patterns. They analyze network packets in real time and raise alerts or take automated actions to block malicious traffic and prevent security breaches.

4) Encryption:

Encryption is used to secure sensitive data as it travels across the network. By encrypting data, even if intercepted by unauthorized parties, it remains unintelligible without the decryption key. Secure communication protocols like SSL/TLS are commonly used to encrypt data transmitted over networks.

5) Virtual Private Networks (VPNs):

VPNs establish secure, encrypted connections over public networks, such as the internet, enabling users to securely access a private network from remote locations. VPNs encrypt data transmitted between the user's device and the network, protecting it from interception by attackers.

6) Security Audits and Monitoring:

Regular security audits and continuous monitoring of network activity are essential for identifying vulnerabilities, detecting security incidents, and ensuring compliance with security policies. Monitoring tools provide visibility into network traffic, user activities, and system events, allowing security teams to detect and respond to threats promptly. Overall, network security involves implementing a combination of preventive, detective, and responsive measures to safeguard networks and the sensitive data they contain from cyber threats.

Types of Network Security

Network security systems operate at two levels: perimeter and internal. Perimeter security controls aim to prevent cyber threats from infiltrating the network. However, in cases where attackers breach these defenses, additional controls are implemented around internal network resources, such as laptops and data, to restrict unauthorized access. This multi-layered approach, known as "defense in depth," enhances security by adding multiple barriers between hackers and potential vulnerabilities. In constructing network security systems, security teams utilize various tools, including:

1) Firewalls

Firewalls, whether software or hardware-based, act as barriers that scrutinize incoming and outgoing traffic. They allow legitimate traffic to pass while blocking suspicious activity. Firewalls can be deployed at network edges or internally to segment larger networks into smaller subnetworks. This segmentation ensures that if one area is compromised, attackers are contained and prevented from accessing other network segments. Firewalls come in different types, each offering distinct features. Basic firewalls use packet filtering to inspect traffic, while advanced next-generation firewalls incorporate features like intrusion prevention, AI-driven threat detection, application control, and integration with threat intelligence feeds for enhanced protection.

2) Network access control

Network access control (NAC) solutions function as gatekeepers, verifying and permitting user access to the network while regulating their activities within it. Authentication is the process of confirming a user's identity and granting them appropriate permissions to access network resources. NAC solutions are commonly utilized to enforce role-based access control (RBAC) policies, which align user privileges with their job responsibilities. For instance, junior developers may have access to view and edit code but not deploy it, whereas senior developers may have broader permissions. RBAC enhances security by restricting unauthorized access to sensitive assets. Furthermore, some NAC solutions conduct risk assessments on users' devices to prevent unsecured or compromised endpoints from accessing the network. If a device lacks updated anti-malware software or has incorrect configurations, access is denied. Advanced NAC tools can even automatically remediate non-compliant endpoints.

3) Intrusion detection and prevention systems

Intrusion detection and prevention systems (IDPSs) complement network security by monitoring incoming traffic for potential threats.  Evolving from intrusion detection systems, IDPSs not only identify suspicious activity but also respond to threats automatically, such as by blocking malicious traffic or resetting connections. They excel at detecting and mitigating brute force attacks, denial of service (DoS), and distributed denial of service (DDoS) attacks.

4) Virtual private networks

Virtual private networks (VPNs) are cybersecurity tools that safeguard user privacy by encrypting data and concealing IP addresses and locations.  Rather than connecting directly to the Internet, VPN users connect to a secure server that accesses the Internet on their behalf. VPNs are particularly beneficial for remote workers, enabling secure access to corporate networks even when using unsecured public wifi networks. By encrypting user traffic, VPNs prevent hackers from intercepting communications and compromising sensitive information. Alternatively, some organizations employ zero trust network access (ZTNA) instead of VPNs. ZTNA utilizes zero-trust access control policies to securely connect remote users without relying on proxy servers. With ZTNA, remote users are granted access only to specifically authorized assets and must undergo re-verification for each new resource they access.

5) Application Security

Application security focuses on protecting applications and application programming interfaces (APIs) from cyberattacks. Given the prevalence of apps in business operations and data processing, they are prime targets for cybercriminals. Application security measures include:

• Web application firewalls.
• Runtime application self-protection.
• Static and dynamic application security testing to fortify apps against malicious threats.

6) Email Security

Email security is paramount in today's digital landscape, with phishing emerging as a prevalent initial cyberattack vector, according to the IBM Security® X-Force® Threat Intelligence Index. To combat phishing attacks and safeguard users' email accounts, email security tools play a crucial role. Most email services come equipped with built-in security features such as spam filters and message encryption to mitigate risks. Advanced email security tools may include sandboxes, which offer isolated environments for security teams to scrutinize email attachments for malware, ensuring thorough inspection without compromising network integrity.

Network Security Trends

Network security is an ever-evolving field, with emerging trends shaping the landscape of cybersecurity. Here are some noteworthy network security trends to watch:

1) Zero Trust Architecture (ZTA):

Zero Trust Architecture is gaining traction as organizations adopt a more proactive approach to network security. ZTA assumes that threats can originate from both inside and outside the network, requiring strict identity verification and continuous monitoring of all network traffic.

2) Cloud Security Posture Management (CSPM):

With the increasing adoption of cloud services, organizations are focusing on ensuring the security of their cloud environments. CSPM solutions provide visibility into cloud infrastructure, assess compliance with security policies, and detect misconfigurations and vulnerabilities.

3) Secure Access Service Edge (SASE):

Secure Access Service Edge is a comprehensive framework that integrates network security capabilities, such as secure web gateways, cloud access security brokers, and Zero Trust Network Access, into a unified architecture. SASE enables organizations to secure network access for remote users and branch offices while leveraging cloud-based security services.

4) Artificial Intelligence (AI) and Machine Learning (ML):

AI and ML technologies are increasingly being used to enhance network security capabilities. These technologies enable predictive threat detection, anomaly detection, and automated response to security incidents, helping organizations stay ahead of evolving threats.

5) Identity and Access Management (IAM):

Identity and Access Management solutions play a critical role in network security by managing user identities, enforcing access controls, and ensuring compliance with security policies. IAM solutions are evolving to support Zero Trust principles and provide seamless authentication and authorization across hybrid environments.

6) Endpoint Detection and Response (EDR):

Endpoint Detection and Response solutions are essential for detecting and responding to threats targeting endpoints, such as laptops, desktops, and mobile devices. EDR solutions leverage advanced detection techniques and behavioral analytics to identify suspicious activities and contain threats before they spread.

7) Network Segmentation and Micro-Segmentation:

Network segmentation and micro-segmentation are essential strategies for limiting the impact of security breaches and containing lateral movement within networks. By dividing networks into smaller, isolated segments, organizations can enforce stricter access controls and reduce the attack surface.

8) Threat Intelligence Sharing and Collaboration:

Threat intelligence sharing and collaboration initiatives enable organizations to share information about emerging threats, attack techniques, and indicators of compromise. By participating in threat intelligence communities and sharing threat data, organizations can enhance their ability to detect and respond to cyber threats effectively. Network security trends such as Zero Trust Architecture, Cloud Security Posture Management, AI and ML, IAM, EDR, network segmentation, and threat intelligence sharing are shaping the future of cybersecurity, helping organizations stay resilient against evolving threats in an increasingly digital world.

Common Types of Networking Attacks

Networking attacks come in various forms, each aiming to exploit vulnerabilities in network infrastructure or protocols. Here are some common types: 1) Denial-of-Service (DoS) Attack: In a DoS attack, the attacker floods the target network or system with traffic, rendering it unavailable to legitimate users. 2) Distributed Denial-of-Service (DDoS) Attack: Similar to DoS, DDoS involves multiple systems coordinated to flood the target with traffic, amplifying the impact and making mitigation more challenging. 3) Man-in-the-Middle (MitM) Attack: In a MitM attack, the attacker intercepts and possibly alters communication between two parties without their knowledge. This allows them to eavesdrop on sensitive information. 4) Phishing Attacks: Phishing attacks use deceptive emails or messages to trick users into revealing confidential information, such as login credentials or financial details. 5) SQL Injection: SQL injection involves injecting malicious SQL queries into input fields of web applications to manipulate databases or gain unauthorized access. 6) Cross-Site Scripting (XSS): XSS attacks inject malicious scripts into web pages viewed by other users, allowing attackers to steal information or hijack sessions. 7) DNS Spoofing: DNS spoofing involves manipulating DNS resolution to redirect users to malicious websites, leading to data theft or malware installation. 8) ARP Spoofing: ARP spoofing attacks exploit the Address Resolution Protocol (ARP) to associate a legitimate IP address with the attacker's MAC address, enabling packet interception or network disruption. 9) Port Scanning: Port scanning involves scanning a network for open ports and services to identify potential entry points for unauthorized access or exploitation. 10) Eavesdropping: Eavesdropping attacks involve passive monitoring of network communications to intercept sensitive information, such as login credentials or financial data. Understanding these common types of networking attacks is essential for implementing effective security measures to protect against them.

Why Do Businesses Need Network Security?

Businesses need network security to safeguard their sensitive data, preserve operational continuity, and protect their reputation. Here's why:

1) Data Protection:

Businesses store a vast amount of sensitive information, including customer data, financial records, and intellectual property, on their networks. Network security measures help prevent unauthorized access, data breaches, and theft of valuable information.

2) Operational Continuity:

Network security measures, such as firewalls, intrusion detection systems, and backups, help ensure the uninterrupted operation of business networks. By mitigating the risk of cyberattacks and system failures, network security safeguards critical business functions and maintains productivity.

3) Regulatory Compliance:

Many industries are subject to stringent regulatory requirements regarding data protection and privacy. Implementing robust network security measures helps businesses comply with relevant regulations, avoiding legal consequences, fines, and reputational damage.

4) Protection Against Cyber Threats:

Cyber threats, such as malware, ransomware, phishing attacks, and DDoS attacks, pose significant risks to businesses. Network security solutions help detect, prevent, and mitigate these threats, reducing the likelihood of successful cyberattacks and their associated costs.

5) Preservation of Reputation:

A data breach or security incident can severely damage a business's reputation and erode customer trust. By investing in network security, businesses demonstrate their commitment to protecting customer data and maintaining trust, safeguarding their reputation and long-term success.

6) Competitive Advantage:

Businesses with robust network security measures in place can differentiate themselves from competitors by offering customers greater peace of mind and assurance of data protection. This competitive advantage can enhance customer loyalty and attract new business opportunities. In summary, network security is essential for businesses to protect their valuable data, maintain operational continuity, comply with regulations, defend against cyber threats, preserve their reputation, and gain a competitive edge in the marketplace.

Wrapping Up!

Network security is a vital aspect of protecting your personal and professional information in today's digital world. Not only does it help safeguard sensitive data from external threats, but it also ensures the smooth operation of your network and devices. We have explored the different benefits of network security, such as preventing cyber attacks, maintaining privacy, and ensuring compliance with regulations. Additionally, we have delved into the various types of network security measures available, including firewalls, antivirus software, and encryption. It's essential to understand that no single solution can guarantee complete protection against cyber threats. Therefore, it's crucial to implement multiple layers of security to create a robust defense system for your network. By incorporating proper network security protocols and regularly updating them, individuals and businesses alike can stay ahead of potential hackers who are constantly evolving their tactics to bypass security measures.

Key Highlights

• Network security encompasses various measures and strategies aimed at protecting computer networks and data from unauthorized access, misuse, and cyber threats.
• One of the primary goals of network security is to prevent unauthorized access to network resources, ensuring that only authorized users and devices can access sensitive information and perform specific actions within the network.
• Network security measures ensure the integrity and confidentiality of data transmitted and stored within the network.
• With the evolution of technology, network security continues to evolve, incorporating emerging technologies such as artificial intelligence (AI), machine learning (ML), blockchain, and quantum cryptography to enhance threat detection, prevention, and response capabilities.

FAQ's

1) What is network security? Network security refers to the measures and practices implemented to protect a computer network from unauthorized access, misuse, modification, or denial of service. 2) Why is network security important? Network security is vital to safeguard sensitive data, maintain the integrity of systems and networks, protect against cyber threats, ensure regulatory compliance, and uphold user privacy. 3) What are the benefits of network security? Network security helps prevent unauthorized access to sensitive information, minimizes the risk of data breaches, enhances system reliability and uptime, maintains business continuity, and protects against financial losses and reputational damage. 4) What are the types of network security? Common types of network security include firewalls, intrusion detection/prevention systems (IDPS), virtual private networks (VPNs), network access control (NAC), application security, email security, and endpoint security. 5) How does network security work? Network security works by implementing various security measures such as access controls, encryption, authentication, and monitoring to detect and mitigate potential threats and vulnerabilities within a computer network.

Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution.

The post Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability appeared first on SecurityWeek.

Cisco says it will not release patches for a cross-site scripting vulnerability impacting end-of-life small business routers.

The post Cisco Warns of Vulnerability in Discontinued Small Business Routers appeared first on SecurityWeek.

This week on the Lock and Code podcast…

Few words apply as broadly to the public—yet mean as little—as “home network security.”

For many, a “home network” is an amorphous thing. It exists somewhere between a router, a modem, an outlet, and whatever cable it is that plugs into the wall. But the idea of a “home network” doesn’t need to intimidate, and securing that home network could be simpler than many folks realize.

For starters, a home network can be simply understood as a router—which is the device that provides access to the internet in a home—and the other devices that connect to that router. That includes obvious devices like phones, laptops, and tablets, and it includes “Internet of Things” devices, like a Ring doorbell, a Nest thermostat, and any Amazon Echo device that come pre-packaged with the company’s voice assistant, Alexa. There are also myriad “smart” devices to consider: smartwatches, smart speakers, smart light bulbs, don’t forget the smart fridges.

If it sounds like we’re describing a home network as nothing more than a “list,” that’s because a home network is pretty much just a list. But where securing that list becomes complicated is in all the updates, hardware issues, settings changes, and even scandals that relate to every single device on that list.

Routers, for instance, provide their own security, but over many years, they can lose the support of their manufacturers. IoT devices, depending on the brand, can be made from cheap parts with little concern for user security or privacy. And some devices have scandals plaguing their past—smart doorbells have been hacked and fitness trackers have revealed running routes to the public online.

This shouldn’t be cause for fear. Instead, it should help prove why home network security is so important.

Today, on the Lock and Code podcast with host David Ruiz, we’re speaking with cybersecurity and privacy advocate Carey Parker about securing your home network.

Author of the book Firewalls Don’t Stop Dragons and host to the podcast of the same name, Parker chronicled the typical home network security journey last year and distilled the long process into four simple categories: Scan, simplify, assess, remediate.

In joining the Lock and Code podcast yet again, Parker explains how everyone can begin their home network security path—where to start, what to prioritize, and the risks of putting this work off, while also emphasizing the importance of every home’s router:

Your router is kind of the threshold that protects all the devices inside your house. But, like a vampire, once you invite the vampire across the threshold, all the things inside the house are now up for grabs.

Carey Parker

Tune in today to listen to the full conversation.

Show notes and credits:

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
http://creativecommons.org/licenses/by/4.0/
Outro Music: “Good God” by Wowa (unminus.com)

---

Listen up—Malwarebytes doesn’t just talk cybersecurity, we provide it.

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium for Lock and Code listeners.