The cyber civil defence services provided by the Shadowserver Foundation are the most overlooked and critical tool for securing your network. If you are a cybersecurity professional and NOT signed up to Shadowserver, you are missing details that will protect your network from the next attack. If you want a quick introduction to Shadowserver, check Read More
Category: DoD, DDoS, and Denial of Service
Denial of Service Attacks (DoS)
Lithuania provides insight into the broader threats from China
Lithuania warns that China has ramped up espionage & cyber campaigns in this year’s National Threat Assessments. Cybersecurity and Digital Safety specialists benefit from studying and reflecting on other countries’ national threat assessments. The problem is selecting one that best matches the resources and capabilities that are more closely aligned with most of the world. Read More
Perhaps it is time to admit that the ladder is on the wrong wall
I’m reading Paul Vixie’s Magical Thinking in Internet Security. I 100% agree with everything Paul is pointing out. We’ve had many conversations about these challenges in the past. But I’m now at a point where I’m looking in the mirror and realizing what we’re doing might be the wrong approach. I’m exasperated at the persistent Read More
Optimize Shadowserver’s Value – Checklist
Optimize Shadowserver’s value! Stop the Threat Actors! You are at risk if you get any of the +120 daily reports. Most issues are easily fixed. All these reports share details the threat actor can potentially exploit. Take 15 minutes once a quarter to update your contacts, ASNs, IPs, Domain, APIs, and other details. Quarterly Reviews Read More
Protecting BGP Sessions – Step-by-Step Guide to Prevent an Easy DDoS
Organizations are not protecting their BGP session. Take the time to ask the question …. Do we have our BGP ports protected? Are you: If not, work with your peers to deploy an Infrastructure ACL (iACL) to cover all your network devices, deploy specific data plane ACLs on your routers/switches to protect them, work with
Why are the top National Security Teams Yelling for you to Fix your Network?
The top National Security Teams are yelling at you to fix your network. The Joint Advisory is not a simple act of collaboration. The first 12 are highlighted for a reason. We do not know the insider reasons other than they are ACTIVELY EXOLIOTED with NOT ENOUGH ORGANIZATIONS MITIGATING that are PUTTING ORGANIZATIONS at RISK. Read More
CISOs, get your First Sergeant
Behind Every Effective CISO, a First Sergeant is Clearing the Path for the organization’s success. The way we’re setting up our CISO structure is NOT working as expected. The threats keep on coming. Organizations put their fingers in the dike, plugging security risks while exhaustingly bailing water from a sinking boat. This is a no-win Read More
Cyberwarfare is here; now what?
Cyberwarfare activities were always on the Internet. STUXNET, Google Aurora, and many other attacks were a fact of life. We had cyber attacks when Yugoslavia broke up. We have constant attacks in the Middle East. Cyberwar was part of a security practitioner’s threat model from the late ‘80s until the early 2000s. Then, cybercrime started Read More
Protect your BGP Sessions from DDoS Attacks
Networks that think they are “DDoS resilient” get surprised when their BGP Sessions go down from an easily crafted DDoS. BGP port (179) is left open to the Internet and is an easy target for a low-level attack that will knock down your BGP session. Shodan’s BGP Report 325,082 open port 179 instances (June 2023). Read More
New SLP DDoS amplification can overload your network
Happy Tuesday – It is the RSA conference week. That means we get vendors disclosing vulnerabilities while people are at the conference. Bitsight and Curesec uncovered a Service Location Protocol (SLP) DDoS Amplification that can be as high as 2200:1. That means an open SLP port on your network can … CISA has posted an Read More