Hybrid warfare is a global reality. The global supply chain means that any war will have cyber-attacks happening everywhere along the supply chain. In this holiday “Security Catchup,” list John Deni facilitates, Vishwa Padigepati, Dr. Sarah J. Lohmann, & Vytautas Butrimas in their report – What Ukraine Taught NATO about Hybrid Warfare. Get a cup Read More
Category: Cyberwar
Are your Customers a victim of the Zimbra Exploit?
We have an active Zimbra exploit, in the wild, with espionage and “others” trying to get into +22: vulnerable systems. Everyone using Zimbra Collaboration (ZCS) who has not recently patched is at risk. Volexity Threat Research responsibly disclosed this risk on August 10th, 2022. Zero-Day exploitation was active on the disclosure day. Shadowserver is tracking Read More
Why are you leaving your SNMP ports open to the world?
Too many organizations are ignoring the risk of SNMP abuse and leaving their SNMP ports open to the world. Simple Network Manage Protocol (SNMP) is one of our core networking building blocks. We – the community who build and run networks – use all types of networks. It is a powerful tool for monitoring, managing, Read More
DDoS Resiliency Workshop – 2022
Revised, Updated, and Enhance DDoS Resiliency Workshops for Today’s Internet In the late 1990s, several people started teaching ISPs how to protect their networks from attack. These early “DDoS Resiliency Workshops” evolved in a consistent theme and method that eventually curated best common practices for DDoS resiliency. Unfortunately, the threats from attacks to Communications Services
You are now part of the Russian-Ukrainian Cyberwar’s “Battlespace”
It is 2022 and you are now part of the Russian-Ukrainian Cyberwar’s “Battlespace.” There is no escaping the “packets” flying through, at, and over your network. If you live on planet Earth, you are now part of the Russian-Ukrainian cyber-battle space. What is a cyber warfare “battlespace?” A “battlespace” is the location of the warfighting. Read More
1 Yottabyte DDoS Attack – The Biggest DDoS Attack in History!
No, a yottabyte DDoS attack has not happened. Someday we will have a yottabyte DDoS, just not today. Tomorrow we will have another press release on “the largest DDoS attack ever.” Will that be important? No, bragging about the size of DDoS Attacks is a distraction to the realities of the Internet and the real Read More
The History of DDoS and DoS
Version 0.2 History repeats itself. The History History of DDoS and DoS illustrates how an attack vector from 1997 would reappear as “new” in 2007 and “never seen before” in 2017. History of DDoS and DoS is a living document is a tool to document (look for updates). Does not focus on the “biggest” or
US Warns Ransomware Threats during Holidays – Whoops! Too Late
If you are reading about potential ransomware threats during the holidays, just know it is too late. By the time you get a call waking you up on a labor day holiday break, it would be too late to stop the ransomware threat. People forget that ransomware is the monetization network break-in. The THREAT is Read More
BGP Security Workshop – Safeguarding the Internet’s Glue
BGP and DNS are the two critical protocols that glue the entire global network (the Internet). Without them, the Internet falls apart. The security, resiliency, and integrity Border Gateway Protocol (BGP) holds up the routing of packets end-to-end across the Internet. Threats to BGP systems are life-threatening, disrupting critical infrastructure people depend on for their
Executive Security Leadership – It is Not Hard!
Security Leadership is not hard. CxOs stress over the security threats to their business. A lot of that stress is generated by the press. Common sense Executive practices and leadership principles have guided organizations through extreme security-related business pressures. What guides the organization is obvious, clear the path for the team, trust the team, pull