0005 - Operational Security Community 2017-09-05

Questions to ask vendors to gauge their commitment to “secure products”

The Bloomberg article, “How Russian Hackers Stole the Nasdaq,” is a sobering insight into today’s risk. It should be a wake up call for all organizations in all parts of the world to understand that even the best security teams are facing an overwhelming threat. The focused expertise used by today’s cyber-criminals is often beyond the capabilities Read More

0005 - Operational Security Community 2017-09-05

Korea LTE Operators Drive an Ecosystem to Ensure Profitability

“Little things” matter in the telecommunications business. The difference between profitability and “just getting by” often depends on small focus innovations that increase margin, open new business opportunities, and add to the top line revenue. Attention to the “small things” are easily seen with the big Korean SPs. Their success has less to do with Read More

0005 - Operational Security Community 2017-09-05

“Getting the Right People on the Bus” Finding Staff with that Internet Spirit

Top Telecom Companies need people who are can ride the wave of change. Long live the Internet. The Internet Model now dominates all of telecommunications. The Internet’s End-to-End Model puts customers first. It is a model that empowers  customers to drive the change in telecommunications. Telecommunications need to convert to “IP thinking” to succeed. They Read More

Cisco Data Meter

Crowd Sourcing as a Tool for Network Tuning

Excellent mobile customer experience is now the #1 factor keeping happy & paying customers. As the network grows in capacity, coverage, and complexity (heterogeneous network = complexity), the cost of constantly tuning the network also increases. The core mobility vendors[1] are putting forward a variety of “customer experience” tools. These tools work as an integral Read More


Using DNS to Protect Your Network and Your Customers

In cased you missed it, Xerocole & Damballa released two press releases on their new partnership: Xerocole’s link: Xerocole Partners with Damballa for Botnet Detection on Carrier Networks Damballa’s link: Damballa Enhances Cyber Threat Protection for Telecommunications and Internet Service Providers The Xerocole-Damballa partnership is another evolution of a security technique where the DNS recursive Read More


RIPE NCC Responds to the Rove Digital/DNS Changer Re-allocations

RIPE has publicly responded to the surprise felt by members of the DCWG and others involved with the Rove Digital/DNS Changer clean up community. The statement on their web page is as follows: 15 Aug 2012 — ripe ncc As reported in previous announcements, the RIPE NCC will go to court in the Netherlands on Read More


Beware! DNS Changer’s IP Blocks are re-allocated and advertised!

As of Friday morning (August 10, 2012), the IP address blocks used by the Rove Digital criminal operations have been re-allocated by RIPE-NCC and advertised to the Internet: http://www.ris.ripe.net/cgi-bin/lg/index.cgi?rrc=RRC001&query=1&arg= http://www.ris.ripe.net/dashboard/ As a reminder, the Rove Digital/DNS Changer Crew used the following IP address blocks for their nefarious activities: From Read More


Huawei’s “Customers” Share Accountability

Huawei responds to the DEFCON presentation ….  “We are aware of the media reports on security vulnerabilities in some small Huawei routers and are verifying these claims. Huawei adopts rigorous security strategies and policies to protect the network security of our customers and abides by industry standards and best practices in security risk and incident Read More


Huawei Vulnerabilities – the Real Risk & what you should do now

The Facts: Two researchers from Recurity Labs – Felix Lindner (also known as “FX”) and Gregor Kopf – presented a talk at DEFCON titled:  Hacking [Redacted] Routers. (see https://www.defcon.org/html/defcon-20/dc-20-speakers.html#FX). Their work examined the Huawei AR18 and AR28 routers. Exploitable vulnerabilities were discovered. Questions to the quality of the code were raised. A general concern in Read More