Practical Security Guides, References, & Workbooks

Do you feel overwhelmed by the barrage of security white papers, webinars, and guides? Are you parallized trying to figure out what you need to do first to get ready for the next attack? We don’t need more security guides, we need a consolidated landing that pulls in all the advice into one place. We

How To Secure Mikrotik Devices

(Version 1.0) Mikrotik devices are wonderful networking tools. They offer flexibility and cost empowerment to solve networking problems. But, the way we deploy Mikrotiks in the industry is creating multiple security risks. People are not spending the time to secure Mikrotik devices. It cannot be ignored that Mikrotik devices are 2022’s most dangerous malware platform.

IPv4/IPv6 Anti-Spoofing – Source Address Validation (SAV) – Techniques & Tools

IPv4/IPv6 Anti-Spoofing through Source Address Validation (SAV) is one of the most promoted security best practices. We have achieved a wide range of SAV deployment, but we also run into the tedious 20% of the Internet that takes more human-intensive SAV deployment work. This guide is provided to help operators, engineers, policymakers, and executive decision-makers

Are your Customers a victim of the Zimbra Exploit?

We have an active Zimbra exploit, in the wild, with espionage and “others” trying to get into +22: vulnerable systems. Everyone using Zimbra Collaboration (ZCS) who has not recently patched is at risk. Volexity Threat Research responsibly disclosed this risk on August 10th, 2022. Zero-Day exploitation was active on the disclosure day. Shadowserver is tracking Read More

DNS Cache Poison Attacks are Still a Risk

Nozomi Networks find an easier path for DNS Cache Poison Attacks on ICS, CPEs, and other IoT devices. Nozomi Networks disclosed long-term and persistent vulnerability with all versions of uClibc and uClibc-ng (see Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk by Giannis Tsaraias and Andrea Palanca | Read More

DDoS Resiliency Workshop – 2022

Revised, Updated, and Enhance DDoS Resiliency Workshops for Today’s Internet In the late 1990s, several people started teaching ISPs how to protect their networks from attack. These early “DDoS Resiliency Workshops” evolved in a consistent theme and method that eventually curated best common practices for DDoS resiliency. Unfortunately, the threats from attacks to Communications Services

Bad Guys are Scanning Your Network!

Bad guys are scanning your network. They are finding all the vulnerabilities exposed to the Internet. The vulnerable systems, critical devices, and other ways to break into your network. When ransomware, malware, botnets, and other break-ins happen, people wonder, “how did the threat actors find that service?” People thought that “if we don’t publish it, Read More