Tsippi Dach explores some notable breaches caused by mis configuration s and how organizations can avoid becoming the next big headline.

CIFS and SMB are both Windows file-sharing protocols used in storage systems, such as network-attached systems (NAS). The key difference between CIFS and SMB is that CIFS is a dialect of SMB – a particular implementation of the SMB protocol. The CIFS protocol is now considered an outdated SMB dialect, with the newer SMB 2.0 and SMB 3.0 addressing many of the inefficiencies of CIFS.

In this modern world of fast-moving technology and handheld devices, it seems impossible to function properly without access to wireless internet. People all over the world from all walks of life rely on this wireless communication or Wi-Fi to complete their daily tasks and goals. From entertainment to business all things are done with the help of the wireless internet.

CIFS (Common Internet File System) is a network protocol that allows clients to communicate with servers and access file sharing and print services as if they were stored locally. The CIFS protocol is a particular implementation -- or dialect-- of the file-sharing protocol SMB (Server Message Block). The Server Message Block protocol was released by IBM in 1983 that has since undergone several modifications to its functionality by Microsoft.

In January 2022, Microsoft disclosed a remote code execution vulnerability for Internet Information Server (IIS) identified as CVE-2022-21907, which they have subsequently reported as wormable. Through Microsoft, Corelight Labs was able to review a proof of concept for an attack against the vulnerability. This blog presents an open source detection method that Corelight Labs is releasing to detect exploit attempts of CVE-2022-21907.

When we hear the word hacking, our minds immediately go to servers, computers and laptops being hacked, but hacking isn’t just for computers, Wi-Fi routers can get hacked as well and are no exception to cyber attacks.

The open ports in your hardware could be critical points of vulnerability if the services exposed to them are misconfigured or unpatched. Unfortunately, many organizations are currently exposing their sensitive resources through such malicious connections, heightening the risk of ransomware attacks, supply chain attacks, and data breaches.

A reverse Proxy server processes all traffic between end-users and a web server. To achieve this, this type of proxy server is situated at a network's edge as an additional endpoint where it receives all initial HTTP connection requests before they're sent to the origin server (where all website data is stored). Reverse proxies can be regarded as the security guard of your network, ensuring all connection requests are legitimate and securely established.

When a large government agency decided to refresh its infrastructure down to Layer 2 switches, Forward Networks data delivered over $6 million in savings. Like many companies around the world, this organization had challenges getting full visibility and the structure of its network, which had grown organically over time.