The modern world thrives on the internet, even if there are some bizarre unintended consequences from tying everything to an Ethernet cable or wireless signal. And as networks grow, the demand for people who know how to design, build, maintain, and protect them becomes even more important. The 2021 Cisco CCNA & CCNP Certification Training Bundle will get you the certifications you need to become a professional network engineer.

Both certifications were created by the networking company Cisco as they realized their products were becoming more complex, while educational materials weren't keeping up. For IT professionals, that's meant getting two key certifications, starting with the Cisco Certified Network Associate certification, or CCNA. Tied to the #200-301 exam, a CCNA certifies that you're able to set up, run, and maintain a network for a small or medium-sized business.

The first course in this bundle explores that in detail with 150 lectures across nearly 47 hours discussing routing protocols, WAN technology, device monitoring and management and security fundamentals. Whether you're new to IT or just want to update your skills, it's perfect for all levels.

Then the bundle turns to the Cisco Certified Network Professional certification, or CCNP. This expands on what you learned in the CCNA course to apply it to much larger networks, adding network architecture lessons, how to employ virtualization for users, and network infrastructure and assurance. Even if you're not going for your CCNP, it's information worth knowing for any IT professional or engineer who will deals with networks.

Courses are run by ITU Online Training, which has won a ton of industry awards, including honors at the Best in Biz Awards and the Cybersecurity Excellence Awards.

The demand for IT networking professionals is only growing, and a certification will help you move forward in your career, or launch a new one. The 2021 Cisco CCNA & CCNP Certification Training Bundle is normally $198, yet right now you can save 74% and get both courses for just $49.99.

Prices subject to change.

Futurism fans: To create this content, a non-editorial team worked with an affiliate partner. They may collect a small commission on items purchased through this page. This post does not necessarily reflect the views or the endorsement of the Futurism.com editorial staff.

Cisco on Wednesday unveiled a wide range of networking and storage switches, UCS equipment, and software aimed at unifying customers' entire data center infrastructures and helping prepare them for their step up into the cloud.

Cisco also outlined several changes to its channel program the company said would make it easier for its solution provider partners to tie the new infrastructure products to complete solutions.

The new hardware and software help cement Cisco's position as the premier provider of end-to-end data center infrastructure equipment, said Omar Sultan, senior manager for Cisco's data center architecture.

"We're in a different position when compared to their competitors," Sultan said. "We have a full product portfolio with a broad vision and the ability to execute against that vision."

One of the bases of that vision is Cisco's Unified Fabric, which refers to the company's ability to provide end-to-end network convergence, Sultan said.

To help Strengthen that convergence, Cisco introduced two new series of Nexus data center switches along with enhanced connectivity and management capabilities across a wide range of its data center networking product line.

The company unveiled the Nexus 5548UP 48-port and Nexus 5596UP 96-port data center switches with unified port capability. These two switches not only increase the port count over previous models, they also allow customers to configure every one of the ports for Gbit Ethernet, 10-Gbit Ethernet, Fibre Channel over Ethernet (FCOE), or 8-Gbit Fibre Channel, Sultan said.

Cisco in the second half of 2011 plans to add its FabricPath technology to its Nexus 5000 switches. FabricPath is a scalable virtual networking technology that combines networking Layer 2 flexibility and Layer 3 scalability to allow virtual machine portability across an entire network. It is Cisco's subset of the proposed TRILL (Transparent Interconnect of Lots of Links) protocol, Sultan said.

Also new are the Cisco Nexus 3000 Series switches which provide low latency of less than 1 microsecond from port-to-port in a high-density 10-Gbit Ethernet environment. The Nexus 3000 switches are designed for high-performance computing environments running high-speed financial and other applications, he said.

For its Nexus 7000 Series switches, Cisco is adding the ability to support up to 1,500 Gbit Ethernet or 1,000 10-Gbit Ethernet ports. The company is also adding new Layer 3 VPN capabilities. The enhancements are scheduled to ship next quarter, Sultan said.

Cisco introduced two new enhancements to its fabric extender technology (FEX). FEX technology is a series of 1U appliances which let a parent Nexus switch provide a scalable unified server-access platform across a range of Ethernet and blade server environments.

The first enhancement, Adapter FEX, allows a single physical network interface card (NIC) to be split into multiple NICs, making it easier to utilize existing NICs to manage applications in virtualized environments.

The second enhancement, VM-FEX, extends the switching fabric to connect directly to server hypervisors in virtualized environments in order to consolidate virtual and physical access layers into a single point of management, Sultan said.

Cisco is also enhancing end-to-end network convergence from servers to storage with the addition of multi-hop FCoE capabilities to its Nexus 7000 and Nexus 5000 data center switches and its MDS 9500 storage switches.

Multi-hop FCoE allows up to seven "hops" or connections between the storage host and target, compared to typical FCoE technology which provides only a single hop, Sultan said. "This allows you to move your convergence point closer to the SAN," he said.

Next: Helping Prepare Data Centers For The Cloud

To help prepare customers' data center infrastructures for cloud services, Cisco is preparing to implement the Locator/Identifier Separation Protocol (LISP).

LISP breaks the connection between the identity of a user of a workload and that user's location, making it possible to move workloads regardless of where the user is located, Sultan said. For instance, in follow-the-Sun applications which move from data center to data center over the course of a day, LISP will allow a workload to move while maintaining the same IP address so that users can find it wherever it is, he said. LISP also enables workloads to move to and from the cloud without breaking the IP address, he said.

For its Catalyst 6500 storage switches, Cisco is introducing several new modules including new ACE-30 for dynamic workload balancing, the ASA Service Module firewall appliance, and the ES-50 module with the DCI (Data Center Interconnect) interconnect to allow 40-Gbit bandwidth between two 6500s, Sultan said.

On the server side, Cisco is upgrading its Cisco UCS (Unified Computing System), which combines networking, blade servers, storage, core switching, routing, security, and voice over IP (VoIP) into a single architecture.

The company introduced a new blade server, the UCS C260 M2, which features two sockets for the Intel Westmere-EX processors, up to 1 TB of memory, and up to 16 SSDs or hard drives totaling up to 9.6 TBs of storage capacity. The UCS C260 M2 is targeted at OLTP (online transaction processing) and data warehousing applications, Sultan said.

Cisco is also updating its UCS C460 M2, UCS B440 M2, and UCS B230 M2 servers with the Westmere-EX processors.

For solution providers, Cisco is offering new promotions and enhancing its channel program to go with the new unified data center offerings, said Dave Gronner, senior manager of worldwide channels for data center technologies at Cisco.

In the second half of 2011, Cisco plans to offer a new data center and cloud accelerator promotion which provides solution providers additional backend rebates on incremental deals, Gronner said. The company will also increase the backend rebate for incremental data center solutions sold into registered deals. Gronner declined to specify the amount of the additional rebates.

Cisco also introduced a new remote data center and virtualization lab that allows channel partners to log in with customers to play with and demonstrate the new solutions, Gronner said.

"Not every partner can restructure its own labs for a new demo," he said. "Partners can run their own labs. But we're giving them the benefit of a large environment which they don't need to run on their own."

Cisco is also providing its partners with new tools to do data center assessments for customers. These tools, which go beyond those which Cisco has offered for years for network assessments, let solution providers to do an inventory analysis of data center equipment and identify potential issues related to latency, gaps, or CPUs, Gronner said.

"These assessments are one of the most powerful ways for partners to identify issues and help customers solve them," he said.

Finally, Cisco is introducing complete data center marketing campaigns that partners can use, Gronner said. These "campaigns-in-a-box" include all the collateral solution providers need to develop their campaigns, and within the next two months will encompass all the new products released unveiled on Wednesday, he said.

The Cisco Talos Year in Review report released Tuesday highlights new trends in the cybersecurity threat landscape. We’ll focus on three syllabus covered: the ransomware cybercriminal ecosystem, network infrastructure attacks and commodity loader malware.

More ransomware actors switched to extortion rather than encryption, while commodity loaders evolved to be stealthier and highly effective, although new major security improvements have seen the day in 2023, such as Microsoft Office disabling macros by default. Network devices are increasingly impacted by cybercriminals and state-sponsored threat actors.

Jump to:

The ransomware cybercriminal ecosystem changed

Most targeted vertical

In terms of ransomware, the most targeted vertical, as observed by Cisco Talos in 2023, was the healthcare and public health sector, which is not surprising since the organizations in that sector often suffer from underfunded budgets for cybersecurity and low downtime tolerance (Figure A). In addition, those organizations are interesting targets because they possess protected health information.

Figure A

Some ransomware groups have been changing

The most active ransomware group for the second year in a row was LockBit (25.3% of the total number of posts made to data leak sites), followed by ALPHV (10.7%) and Clop (8.2%).

Yet some ransomware groups kept changing in 2023; those structures often merged or rebranded in an attempt to confuse law enforcement and researchers tracking them. The cybercriminals active in the field often work for several ransomware-as-a-service services at the same time.

Multiple leaks of ransomware source code and builders also affected the ransomware threat landscape because these allowed more people (even those with little technical knowledge) to start their own operations.

Zero-days exploited at an unprecedented pace

Highly technical actors have been exploiting zero-day vulnerabilities at an unprecedented pace. The Clop ransomware group in particular has been able to exploit multiple zero-day vulnerabilities, including vulnerabilities in the GoAnywhere MFT platform, MOVEit and PaperCut.

Cisco Talos states that “Clop’s repeated efforts to exploit zero-day vulnerabilities is highly unusual for a ransomware group given the resources required to develop such capabilities,” yet it is still unsure that they do develop exploits on their own. When questioned about it in an email interview, a Cisco spokesperson told TechRepublic, “Because of the murkiness in the relationships that constitute the ransomware ecosystem, it can be difficult to accurately parse out which personnel/organizations are responsible for which actions. Because of this, they do not have direct insight into how Cl0p obtained the 0days and have not observed any indications that they purchased them. Regardless of whether they developed them themselves or purchased them, the usage suggests Cl0p is well-resourced, either in engineering talent or in finances and connections that would allow them to obtain from a third party.”

More affiliates are using a data theft extortion model

Another remarkable shift in the ransomware threat landscape is that more affiliates are now switching to a data theft extortion model rather than the usual encryption model. In these attacks, cybercriminals do not deploy ransomware; instead, they steal organizations’ sensitive information before asking for a ransom.

The improvements in ransomware detection capabilities from Endpoint Detection and Response and Extended Detection and Response software might be one reason for switching tactics and stopping deploying ransomware on the targeted systems. Cisco Talos also suspects the aggressive pursuits from U.S. and international law enforcement against ransomware actors might be another reason for that change.

Network infrastructure attacks increased

Cisco Talos observed an increase in attacks on networking devices in 2023, particularly attacks operated by China- and Russia-based groups looking to advance espionage objectives and facilitate stealthy operations against secondary targets. The researchers observed such activity from other cybercriminals, including initial access brokers and ransomware threat actors.

Weak security on network devices

Networking devices, although being key components to any organization’s IT infrastructure, are not often examined from a security point of view and are often poorly patched, making them an interesting target for cybercriminals. Yet those devices often run on non-standard operating systems, rendering their exploitation harder by cybercriminals but also unmonitored by standard security solutions.

The typical compromise of those devices starts with threat actors exploiting unpatched vulnerabilities, weak or default credentials, or insecure device configuration.

A Cisco spokesman told TechRepublic that “the continued prevalence of default credentials may be partly explained by the sheer number of vendors and products combined with the lack of uniform standards/best practices. The move away from default credentials should certainly help Strengthen the situation. It is important to note that weak credentials can also be exploited if the actor is able to brute-force or password-spray, and that access brokers still achieve success in obtaining credentials and selling them on the dark web. This means that even if organizations are not using default credentials, it’s essential they create unique and complex passwords, employ MFA where possible, and emphasize additional security measures such as segmentation and IR planning as well.”

Targeted devices had a high severity score

Vulnerabilities affecting network devices in 2023 all had a high severity score, meaning those devices were easily exploitable and had the potential to cause significant operational impact, according to Cisco Talos.

Once compromised, those devices allow attackers to capture sensitive network information, facilitating further access to the target’s networks. Attackers also might plant malware on the devices to establish an initial foothold in the target’s infrastructure without the need for any authentication, or to redirect network traffic to actor-controlled servers. Finally, the devices are also often used by attackers as anonymization proxies for conducting attacks on other targets.

Commodity loader malware evolved

Commodity loader malware such as Qakbot, Ursnif, Emotet, Trickbot and IcedID have been around for years. They were initially banking trojans, looking for credit card information theft on infected computers.

In late 2023, new variants of IcedID and Ursnif appeared with a striking difference as compared to their older versions: Their banking trojan capabilities had been removed, and their dropper functionalities had been improved. The IcedID new samples have been used by initial access brokers known for commonly selling network accesses to ransomware groups. The latest Ursnif variants were used by the Royal ransomware group.

Qakbot also evolved, deploying new features ideally suited to help ransomware groups.

This evolution from banking trojan to loader is attractive for cybercriminals who want to be stealthier; the banking trojan function removal renders those malware less detectable.

The infecting vector for Qakbot, IcedID and Ursnif evolved, as Microsoft’s new security measures on Office products affected the malware threat landscape, forcing cybercriminals to find new ways to use macros undetected or avoid using them completely (Figure B).

Figure B

Threat actors used different methods compared to previous years for spreading their malware and infecting devices, such as using JavaScript, PowerShell, OneNote documents, or HTA files, to name a few. They also used the Google Ads platform to deploy malware such as Ursnif, IcedID or Trickbot, fully avoiding macros.

Some other threat actors deploying Emotet, IcedID and Ursnif have been observed using older methods with macros, probably because the success rate on unpatched enterprise legacy systems is still high.

How to protect your business from these cybersecurity threats

The threat landscape evolves to suit cybercriminals’ needs, and your security team needs to ensure its mitigation strategies are keeping up with the trends. Here are some tips for securing your business from these cyberthreats. In addition, all operating systems and software must be up to date and patched to avoid being compromised by common vulnerabilities.

Ransomware

Access control mechanisms should be carefully reviewed in all corporate environments, and data segmentation should be applied for storing sensitive data because ransomware threat actors are increasingly trying to steal sensitive data rather than encrypt it.

Network devices

Network devices must be up to date and patched. Default passwords, if any, must be changed to strong passwords. All of the devices’ configuration files should be carefully analyzed and tuned to avoid any malicious exploitation. When possible, multifactor authentication must be deployed on those devices. Also, inbound and outbound communications from the devices should be monitored to detect malicious communication.

Commodity loaders

The main families of commodity loaders have dropped their banking trojan capabilities to be lighter and stealthier, even without using macros — often to facilitate ransomware operations. Organizations should educate their employees to handle more file types with caution, such as PDF files or ZIP archives that might contain malicious files.

Disclosure: I work for Trend Micro, but the views expressed in this article are mine.

Udemy’s Complete Cryptocurrency Investment Course covers all of the fundamentals of cryptocurrency investing in an affordable, self-paced, mobile-friendly format, making it the best overall cryptocurrency trading course on their list.

Founded in 2009, Udemy has since grown to become one of the largest online learning platforms offering over 210,000 courses taught by more than 75,000 instructors in 75 languages. Its Complete Cryptocurrency Investment Course introduces students to the basics of cryptocurrencies and advances them quickly into investing techniques featuring live examples. As a result, it’s their clear choice as the best course overall.  

The Complete Cryptocurrency Investment Course is led by Mohsen Hassan, a programmer, trader, and financial risk manager who has taught investing to more than 300,000 Udemy students. The course consists of over 12.5 hours of on-demand video, one article, and two downloadable resources and can be accessed on the Udemy mobile app.

The Complete Cryptocurrency Investment Course walks beginners through the fundamentals of cryptocurrency and quickly moves to live examples of buying, transferring, and using wallets as well as portfolio management techniques for both passive and active investing. Through this course, Hassan buys, transfers, secures, and builds a portfolio with real money so students can see exactly how it’s done.

The Complete Cryptocurrency Investment Course costs just $99.99 and includes full lifetime access, a certificate of completion at the end of the course, and a 30-day money-back guarantee. Udemy runs specials all the time, so you may be able to purchase the course for a much lower price.