FAQ – Which Shadowserver Reports list CVEs? Many people frequently ask how Shadowserver includes CVEs (Common Vulnerabilities and Exposures) in its reports. Currently, there are over 140 reports published, with more on the way. The Shadowserver Alliance is active, working together to support the Shadowserver initiative and develop new report types. It’s a logical question to ask. The wonders of today make it soooo easy to find answers. You don’t need to ask gurus to kick-start your journey…. Read More
FAQ – Which Shadowserver Reports list CVEs
FAQ – Which Shadowserver Reports list CVEs? Many people frequently ask how Shadowserver includes CVEs (Common Vulnerabilities and Exposures) in its reports. Currently, there are over 140 reports published, with more on the way. The Shadowserver Alliance is active, working together to support the Shadowserver initiative and develop new report types. It’s a logical question Read More
US ISP CPE SUPPLY CHAIN
Who Makes What, and Where with the US ISP CPE Supply Chain Version 2.0 | March 24, 2026 senki.org | bgreene@senki.org This research tool was curated from detailed questions by a +40-year Internet engineer, large network architect, and cybersecurity specialist. The questions were used to build out logic flows in multiple LLMs to gather insights Read More
How do you get 29 organizations to collaborate to disrupt multiple threat actors’ operational infrastructure?
How do you get 29 organizations to collaborate to disrupt multiple threat actors’ operational infrastructure? (see the list below) What is not stated is that this group is the known TLP: RED group. There is a larger TLP: AMBER community of supporting individuals and organizations. These groups all exist and will continue to put pressure Read More
BEC’s Payroll Diversion Fraud Investigation Report: Operational Modalities, Threat Actor Investigation, and Defensive Architectures
1. Executive Summary The global financial cybercrime landscape has undergone a paradigmatic shift, evolving from indiscriminate, high-volume phishing campaigns to highly targeted, psychologically manipulative operations that exploit the structural seams of corporate finance. Among these threats, Payroll Diversion Fraud—the unauthorized redirection of employee salary disbursements to fraudulent accounts—has metastasized into a premier vector for both Read More
CVE-2025-40778: Uncovering the Real DNS Vulnerability Risks
The DNS Cache Poison vulnerability (CVE-2025-40778) opens a huge exploitation range from INSIDE the network. This is NOT a “Kaminsky” attack – it is much worse – two crafted packets from an architected attack. Read More
“Blame the Vendor” Distractions
Beware of “blame the vendor” distractions. https://bsky.app/profile/rgblights.bsky.social/post/3ltshf3lvc22e Rob Joyce posted this on his BlueSky account as a response to Alexander Martin’s article, “Spain awards Huawei contracts to manage intelligence agency wiretaps.” Both Rob and Alex are exasperating “blame the vendor” fears when the real problem is more systemic, with nothing to do with which world Read More
Threat Researchers Leveraging the Shadowserver Foundation’s Infrastructure
Most cybersecurity threat researchers are missing out on ways to leverage the Shadowserver Foundation’s Infrastructure. Patrick Garrity highlights an aspect of this in his post about the collaboration to identify additional CVEs. If you are a threat researcher, consider accelerating the process Patrick is highlighting. If you are a threat researcher, don’t sit on your discovery Read More
Yes, Publish Your Threat Model!
“Publish your threat model. Yes, really.” Adam Shostack proposed an idea that will make most cybersecurity professionals and organizations very uncomfortable. It is worth reading through the comments of Adam’s post. What do I think? I’m in total agreement and will change my practice to publish my threat models, help my customers publish theirs, and Read More
You missed it! Threat Actors simple paths into your network.
On December 3rd, 2024, six cybersecurity organizations published Enhanced Visibility and Hardening Guidance for Communications Infrastructure, detailing simple paths threat actors use to penetrate networks. Most people I talk to say, “This is nothing new.” “We’ve heard it all before.” “These are all Best Common Practices (BCPs); everyone should have deployed them already!” Do not Read More