Do you want a repeat of Wanacry? Do you want an Internet Impacting Worm in the middle of the COVID-19 Crisis? All organizations can take two steps to minimize the risk of a potential Internet worm. First, they can deploy an access-lists on the edge of their network that block TCP/UDP port 445. This can Read More
Tag: malware
Get Started in the Security Industry
Get started in the Security Industry, What are my first steps? If you are reading this, you are doing the right type of security digging. You are looking for ways to get started in the security industry. You have a desire to dive deep in the security world. Welcome to the world of chaos, Read More
Removing Malware from MACs
Steps by Step Guide to Removing Malware from MACs Removing Malware from MACs is a guide for anyone who has a MAC laptop or desktop. What steps can you take to remove Viruses, Bots, Malware, Unwanted Programs, Plug-ins and Other “unwanted” Software from your MAC OS. These steps also include the precautions for Ransomware. (version
Security Collaboration – How do you start?
We see weekly posts, pontifications announcements, and proclamations about the need for greater security collaboration. Many times, the organizations and groups who are posting these “aspirations” fail to take the collaboration to the next step. They are not sure how to break into productive security collaboration. In the security community, “productive security collaboration” is built Read More
Is it time to build an “SP Anti-DOS Alliance?”
Is it time to build an “SP Anti-DOS Alliance” is the first of several blogs. It will be a brain dump of what collaborative actions have and has not been working within the industry. Last week, I posted a Linkedin update on the Operator’s Security Toolkit. A long term colleague, Eddie Chan, pointed out the Read More
Operator’s Security Toolkit
It is time for a refresh of the SP Security materials used by many over the years. Back in 2002, several people in the emerging “Service Provider Security” field pulled together a list of top practices every Operator should deploy. These “NSP-SEC Top 10” techniques became the foundation of our toolkit that is used daily
The Practical Security Checklist – Part 2.1
This is part “2.1” of a multipart post to help organizations take security action. Stay tuned for next week’s practical security checklist item. Board members, CxOs, and professionals are saturated with security advice. This security advice is often confusing, contradictory, and always biased toward “buying something.” “Good security advice saturation” results in paralysis of action. Read More
RIPE NCC Responds to the Rove Digital/DNS Changer Re-allocations
RIPE has publicly responded to the surprise felt by members of the DCWG and others involved with the Rove Digital/DNS Changer clean up community. The statement on their web page is as follows: 15 Aug 2012 — ripe ncc As reported in previous announcements, the RIPE NCC will go to court in the Netherlands on Read More
Beware! DNS Changer IP Blocks are re-allocated and advertised!
DNS Changer Update As of Friday morning (August 10, 2012), the IP address blocks used by the DNS Changer – Rove Digital criminal operations have been re-allocated by RIPE-NCC and advertised to the Internet: http://www.ris.ripe.net/cgi-bin/lg/index.cgi?rrc=RRC001&query=1&arg=85.255.112.0%2F20 http://www.ris.ripe.net/dashboard/85.255.112.0/20 As a reminder, the Rove Digital/DNS Changer Crew used the following IP address blocks for their nefarious activities: 85.255.112.0/20 Read More
An interesting 0-Day Comparing Anti-Virus Solutions
Comparing Anti-Virus Solutions is something many organizations will (should) do to ensure their security choices sill work. While researching DrWeb’s work on the Flashback.K malware, I stumbled on this chart (see below). It uses data from Shadowserver.org (http://www.shadowserver.org/wiki/pmwiki.php/Stats/VirusDailyStats) to compare malware packages. Interesting POV that is worth watching over time to see if it is Read More