Do you have a customer whose printer ports are open and vulnerable and can now be used for DDoS? Is your network’s “Internet Print Protocol” (IPP) port open and ready for exploitation? Last week, the Shadowserver Foundation alerted a “large increase in queries on 631/UDP seen in our sensors due to recent CUPS RCEs disclosure. Read More
Category: ICS (Industrial Control Systems)
Is ASEAN Ready for Serious Cybersecurity?
No, most ASEAN countries are not ready for “serious cybersecurity.” Cybersecurity requires a persistent and consistent rhythm of action that fixes known security risks. Public benefit—non-profit cyber civil defense organizations like the Shadowserver Foundation, CyberGreen, and other organizations deliver actionable cyber-risk reporting as a public benefit. Yes, these reports are free to organizations seeking to Read More
PlugX Infections – Is that You?
The French Government sees the massive number of PlugX infections as a national threat. PlugX is malware used by Nation State threat actors to get inside networks. Sekoia was part of a sinkholing action that uncovered thousands of locations where PlugX is deployed. Should you be concerned? How do you discover if you have a Read More
Industry Anti-DDOS Strategy 2018
Note to the Readers …… Yes, there are communities who consult and curate an anti-DDoS strategy to mitigate the risk to the Internet. Starting ~2000, Operators have consulted on ways to build better resilience into the Internet’s infrastructure. These consultations evolved into informal security strategy plans. By 2012, multiple groups were involved (see http://www.senki.org/2012-a-year-of-cyber-security-optimism/). A Read More
Cyber Smokejumping
Cyber Smokejumping is a decades-old practice of intentionally investing time with peers to help them overcome cyber risk. Our global, massively interconnected Digital Society requires increased cybersecurity capabilities, capacity, habits, and practices spread worldwide. Putting up cyber walls and layers of defense will not help if other parts of the world are getting infected and
Perhaps it is time to admit that the ladder is on the wrong wall
I’m reading Paul Vixie’s Magical Thinking in Internet Security. I 100% agree with everything Paul is pointing out. We’ve had many conversations about these challenges in the past. But I’m now at a point where I’m looking in the mirror and realizing what we’re doing might be the wrong approach. I’m exasperated at the persistent Read More
Optimize Shadowserver’s Value – Checklist
Optimize Shadowserver’s value! Stop the Threat Actors! You are at risk if you get any of the +120 daily reports. Most issues are easily fixed. All these reports share details the threat actor can potentially exploit. Take 15 minutes once a quarter to update your contacts, ASNs, IPs, Domain, APIs, and other details. Quarterly Reviews Read More
Thanksgiving Holiday Fun! Five Eyes Warn of LockBit 3.0 Ransomware!
Do you know if your network is vulnerable to LockBit 3.0 Ransomware crew getting into your network via NetScaler CVE-2023-4966 vulnerability? Boeing – a company with a powerful cybersecurity team – was penetrated by the LockBit crews using CVE-2023-4966. Is this your Thanksgiving holiday fun? For those subscribed to Shadowserver free Cyber Civil Defence reporting, Read More
Why are the top National Security Teams Yelling for you to Fix your Network?
The top National Security Teams are yelling at you to fix your network. The Joint Advisory is not a simple act of collaboration. The first 12 are highlighted for a reason. We do not know the insider reasons other than they are ACTIVELY EXOLIOTED with NOT ENOUGH ORGANIZATIONS MITIGATING that are PUTTING ORGANIZATIONS at RISK. Read More
Cyberwarfare is here; now what?
Cyberwarfare activities were always on the Internet. STUXNET, Google Aurora, and many other attacks were a fact of life. We had cyber attacks when Yugoslavia broke up. We have constant attacks in the Middle East. Cyberwar was part of a security practitioner’s threat model from the late ‘80s until the early 2000s. Then, cybercrime started Read More