The Architectural Evolution of Protective DNS: From Academic Prototyping to Global Security Standard The historical trajectory of the Domain Name System (DNS) has transitioned from a rudimentary directory service into the fundamental control plane of modern internet security. This transformation was neither accidental nor purely market-driven; it was the result of a protracted conflict between Read More
Meaningful Security Conversations with Your Vendors: The 2026 Q1 Guide to Digital Safety & Resilience
Executive Summary: The Imperative for a New Dialogue In the contemporary operational environment, defined by industrialized cyber warfare and systemic supply chain compromises—exemplified by the Salt Typhoon and Volt Typhoon campaigns—the evaluation of network vendors has shifted from a procurement checklist to a strategic imperative. Organizations can no longer rely solely on perimeter defenses; they Read More
FAQ – Which Shadowserver Reports list CVEs
FAQ – Which Shadowserver Reports list CVEs? Many people frequently ask how Shadowserver includes CVEs (Common Vulnerabilities and Exposures) in its reports. Currently, there are over 140 reports published, with more on the way. The Shadowserver Alliance is active, working together to support the Shadowserver initiative and develop new report types. It’s a logical question to ask. The wonders of today make it soooo easy to find answers. You don’t need to ask gurus to kick-start your journey…. Read More
FAQ – Which Shadowserver Reports list CVEs
FAQ – Which Shadowserver Reports list CVEs? Many people frequently ask how Shadowserver includes CVEs (Common Vulnerabilities and Exposures) in its reports. Currently, there are over 140 reports published, with more on the way. The Shadowserver Alliance is active, working together to support the Shadowserver initiative and develop new report types. It’s a logical question Read More
US ISP CPE SUPPLY CHAIN
Who Makes What, and Where with the US ISP CPE Supply Chain Version 2.0 | March 24, 2026 senki.org | bgreene@senki.org This research tool was curated from detailed questions by a +40-year Internet engineer, large network architect, and cybersecurity specialist. The questions were used to build out logic flows in multiple LLMs to gather insights Read More
How do you get 29 organizations to collaborate to disrupt multiple threat actors’ operational infrastructure?
How do you get 29 organizations to collaborate to disrupt multiple threat actors’ operational infrastructure? (see the list below) What is not stated is that this group is the known TLP: RED group. There is a larger TLP: AMBER community of supporting individuals and organizations. These groups all exist and will continue to put pressure Read More
BEC’s Payroll Diversion Fraud Investigation Report: Operational Modalities, Threat Actor Investigation, and Defensive Architectures
1. Executive Summary The global financial cybercrime landscape has undergone a paradigmatic shift, evolving from indiscriminate, high-volume phishing campaigns to highly targeted, psychologically manipulative operations that exploit the structural seams of corporate finance. Among these threats, Payroll Diversion Fraud—the unauthorized redirection of employee salary disbursements to fraudulent accounts—has metastasized into a premier vector for both Read More
CVE-2025-40778: Uncovering the Real DNS Vulnerability Risks
The DNS Cache Poison vulnerability (CVE-2025-40778) opens a huge exploitation range from INSIDE the network. This is NOT a “Kaminsky” attack – it is much worse – two crafted packets from an architected attack. Read More
“Blame the Vendor” Distractions
Beware of “blame the vendor” distractions. https://bsky.app/profile/rgblights.bsky.social/post/3ltshf3lvc22e Rob Joyce posted this on his BlueSky account as a response to Alexander Martin’s article, “Spain awards Huawei contracts to manage intelligence agency wiretaps.” Both Rob and Alex are exasperating “blame the vendor” fears when the real problem is more systemic, with nothing to do with which world Read More
Threat Researchers Leveraging the Shadowserver Foundation’s Infrastructure
Most cybersecurity threat researchers are missing out on ways to leverage the Shadowserver Foundation’s Infrastructure. Patrick Garrity highlights an aspect of this in his post about the collaboration to identify additional CVEs. If you are a threat researcher, consider accelerating the process Patrick is highlighting. If you are a threat researcher, don’t sit on your discovery Read More