Three questions every CxO should ask their ISP

Here is a question for all the CxOs. Why, as an accountable CxO, are you not asking your ISPs for the security basics? This week, the industry has yet another reflection amplification Denial of Service Attack vulnerability. memcached on port 11211 UDP & TCP being exploited walks through the details of this week’s attack vector. As seen in Akamai Read More

memcached on port 11211 UDP & TCP being exploited

  TLP:WHITE UPDATE: As of 2018-03-17 ( Morning Update), more attack using the memcached reflection vector have been unleashed on the Internet. As shared by  Akamai Technologies “memcached-fueled 1.3 Tbps Attacks,” the application factors are “Internet Impacting.” Mitigation and Remediation Efforts are reducing the number of potential memcached reflectors. Please keep up the good work. Operators are asked Read More

Using the DNS Resolver to Protect Networks

Smart organizations use the DNS Resolver to Protect Networks.  Here is why …   A typical story ….. Imagine walking in to work the first thing in the morning. Your staff comes into the office. They get their coffee, fire up their computer, and check out the morning industry news. Your staff is alert, applies Read More

CLDAP Reflection Attacks are Increasing! Why? Preventable!!!

Yes, CLDAP Reflection Attacks are increasingly used in DOS attacks! Everyone was warned! We have lots of data which illustrated how CLDAP is being used for reflection DOS attacks. Now we have the news from Netlab 360 that CLDAP is now the #3 protocol used for DOS reflection attacks – CLDAP is Now the No.3 Read More

Is it time to build an “SP Anti-DOS Alliance?”

Is it time to build an “SP Anti-DOS Alliance” is the first of several blogs. It will be a brain dump of what collaborative actions have and has not been working within the industry. Last week, I posted a Linkedin update on the Operator’s Security Toolkit. A long term colleague, Eddie Chan,  pointed out the Read More

Building and Investing in a Community of “Contacts”

Building and Investing in a Community of “Contacts.” We’re a world of people. People in communities. Communities that only work if people within that community invest in building, Foster, interconnect, and serve the individuals in that community. The community only grows with healthy investment and welcoming culture. All these factors are essential to taking a Read More

Filtering Exploitable Ports and Minimizing Risk to and from Your Customers

What are you doing to prepare for the next “scanning malware” and “Internet Worm?” Barry Greene @ bgreene@senki.org Version 1.0 TLP:WHITE Recommendation: Operators (CSPs, ISPs, Cloud Companies, and Hosting Companies) are strongly encouraged to deploy Port Filtering on the known Exploitable ports and Source Address Validation (SAV) on their customer edge of the network as Read More

Effective Linkedin Connections – Building Your Network

Effective Linkedin Connections Building Your Social Media Network How to Effectively Communicate (Version 0.4) This Empowerment Doc is for all those who are using Linkedin, Facebook, Google+, Twitter, and other social media tools build a professional network, seek out opportunities (i.e. jobs),  reach out with “cold calls,” and connect with other humans. Effective Linkedin Connection Connections Read More

Are you part of the DDOS Problem?

Yes, your network, your service provider, and your government can be actively contributing to the global Denial of Service (DoS) epidemic! DoS attacks come in two “families.” The first DoS family are from tools which are launched from infected, violated, and penetrated devices on the Internet. There “remote controlled” by the attackers to hit a Read More

Preparing for the next DDOS Wave

This week I was helping with a top 10 list to prepare for DDOS attacks. I did it without reviewing the industry to see the marketing overload of “prepare for DDOS steps.” These all seem to lead the one conclusion … “buy my product.” Steve Zurier (Dark Reading) and I pulled together these ten steps to Read More