Do you know if your network is vulnerable to LockBit 3.0 Ransomware crew getting into your network via NetScaler CVE-2023-4966 vulnerability? Boeing – a company with a powerful cybersecurity team – was penetrated by the LockBit crews using CVE-2023-4966. Is this your Thanksgiving holiday fun? For those subscribed to Shadowserver free Cyber Civil Defence reporting, Read More
Category: Internet
Protecting BGP Sessions – Step-by-Step Guide to Prevent an Easy DDoS
Organizations are not protecting their BGP session. Take the time to ask the question …. Do we have our BGP ports protected? Are you: If not, work with your peers to deploy an Infrastructure ACL (iACL) to cover all your network devices, deploy specific data plane ACLs on your routers/switches to protect them, work with
Why are the top National Security Teams Yelling for you to Fix your Network?
The top National Security Teams are yelling at you to fix your network. The Joint Advisory is not a simple act of collaboration. The first 12 are highlighted for a reason. We do not know the insider reasons other than they are ACTIVELY EXOLIOTED with NOT ENOUGH ORGANIZATIONS MITIGATING that are PUTTING ORGANIZATIONS at RISK. Read More
Cyberwarfare is here; now what?
Cyberwarfare activities were always on the Internet. STUXNET, Google Aurora, and many other attacks were a fact of life. We had cyber attacks when Yugoslavia broke up. We have constant attacks in the Middle East. Cyberwar was part of a security practitioner’s threat model from the late ‘80s until the early 2000s. Then, cybercrime started Read More
Protect your BGP Sessions from DDoS Attacks
Networks that think they are “DDoS resilient” get surprised when their BGP Sessions go down from an easily crafted DDoS. BGP port (179) is left open to the Internet and is an easy target for a low-level attack that will knock down your BGP session. Shodan’s BGP Report 325,082 open port 179 instances (June 2023). Read More
Why Are Cybercriminals Targeting Healthcare?
Why are cybercriminals targeting healthcare when the medical community puts patients first? Why are cybercriminals taking actions that threaten people’s lives at risk? The focused cybercriminal targeting of healthcare is now an increasing cause of death. Is this data suppressed? Why? The liability insurance covering all the healthcare community’s medical care would skyrocket. The closure
Shadowserver Dashboard in Indonesian, Malay, Filipino, Thai & Arabic
Have you seen the Shadowserver Dashboard? Did you know it provides critical information on what people outside your network can see into your network? Did you know that the Dashboard and free reports can save your network …. all you need to do is track down the exposure and fix it (before the criminals use Read More
Beyond “Security Architecture” – It is all about Business Resiliency
“Security Architecture” is the theme Mathew J. Schwartz (ISMG) pulled out of his interview with John Chambers, founder, and CEO of JC2 Ventures. It is ironic that on a “life-impacting day,” in pop an interview from one of my mentors, John Chambers. If you are reading this, stop and listen to the interview. Once you’ve Read More
New SLP DDoS amplification can overload your network
Happy Tuesday – It is the RSA conference week. That means we get vendors disclosing vulnerabilities while people are at the conference. Bitsight and Curesec uncovered a Service Location Protocol (SLP) DDoS Amplification that can be as high as 2200:1. That means an open SLP port on your network can … CISA has posted an Read More
Welcome to CyberWar & LongTerm Ramification Unleashed by Russia’s War
Cyberwar is today’s reality. We’ve moved from a world of cyber-criminal threats to an interconnected arena where any malicious activity is feasible. Cyber-Kinetic attacks that destroy, kill, and massively disrupt civil society are part of our new security threat landscape reality. Geography will not help. The massively interconnected Internet means that you are a cyberwarrior’s