1 Yottabyte DDoS Attack – The Biggest DDoS Attack in History!

No, a yottabyte DDoS attack has not happened. Someday we will have a yottabyte DDoS, just not today. Tomorrow we will have another press release on “the largest DDoS attack ever.” Will that be important? No, bragging about the size of DDoS Attacks is a distraction to the realities of the Internet and the real Read More

“Backups” will not save you from a Ransomware Incident

“What do you mean the backups don’t work? I thought you said backups would save us from a Ransomware incident?” Good backups are the #1 recommendation you will see in all “Ransomware Defence” guides. We have a problem in the industry. These “ransomware guides” are written by people who have never lived through a major Read More

US Warns Ransomware Threats during Holidays – Whoops! Too Late

If you are reading about potential ransomware threats during the holidays, just know it is too late. By the time you get a call waking you up on a labor day holiday break, it would be too late to stop the ransomware threat. People forget that ransomware is the monetization network break-in. The THREAT is Read More

“Security” is always an afterthought in the C-suite

Get around “security is an afterthought” by rethinking security as part of the business resiliency architecture. Read More

Open SMTP (Email) Servers on Your Network

Do you know if you have open SMTP servers on your network? In May, Qualys released 21 vulnerabilities to Exim (see Qualys Security Advisory 21Nails: Multiple vulnerabilities in Exim). Exim is a popular Mail Transfer Agent (MTA) available on Unix operating systems and comes pre-installed on Linux distributions. The easy access and wide SMTP/Exim MTAs use Read More

Protect Your Network from an Internet Worm during COVID-19

Do you want a repeat of Wanacry? Do you want an Internet Impacting Worm in the middle of the COVID-19 Crisis? All organizations can take two steps to minimize the risk of a potential Internet worm. First, they can deploy an access-lists on the edge of their network that block TCP/UDP port 445. This can Read More

Get Started in the Security Industry

  Get started in the Security Industry, What are my first steps? If you are reading this, you are doing the right type of security digging. You are looking for ways to get started in the security industry. You have a desire to dive deep in the security world. Welcome to the world of chaos, Read More

Flagging Mail Messages in the new iPadOS

Flagging Mail Messages in the new iPadOS turned into one of those “WTF” moments in my first iPadOS experience. Yes, sometimes the process of improvement can create unexpected frustrations. Here, Apple could have done a better job letting people know of a change that required “habits” to shift in order to gain new functionality.   Read More

Breakthrough IOT Security to Secure Smart Cities

The Global Cyber Alliance (GCA) announced their latest IOT Security tool. Automated IoT Defence Ecosystem (AIDE) is a platform built for IOT vendors and researchers. IOT is powerful capability that will be developed by innovators all over the world. The 25 billion by 2021 is a drastic underestimate. The IOT security threat is also underestimated. Read More

What Stops a Nation-State BGP Hijack?

Can Nation-State BGP Hijack Parts of the Internet? Yes, a Nation-State BGP Hijack is a threat on the Internet. Nation-States can orchestrate the manipulation of the Border Gateway Protocol (BGP) via “hacked routers all over the world. These routers would then be used to inject bad, misconfigured, or non-authorized routes all over the world. The result Read More