Note to the Readers …… Yes, there are communities who consult and curate an anti-DDoS strategy to mitigate the risk to the Internet. Starting ~2000, Operators have consulted on ways to build better resilience into the Internet’s infrastructure. These consultations evolved into informal security strategy plans. By 2012, multiple groups were involved (see http://www.senki.org/2012-a-year-of-cyber-security-optimism/). A Read More
Category: Scaling
Cyber Smokejumping
Cyber Smokejumping is a decades-old practice of intentionally investing time with peers to help them overcome cyber risk. Our global, massively interconnected Digital Society requires increased cybersecurity capabilities, capacity, habits, and practices spread worldwide. Putting up cyber walls and layers of defense will not help if other parts of the world are getting infected and
YouTube Auto Translation
YouTube’s automatic translation feature is a practical tool for translating the ‘captions’ in a video into various languages. This feature is a reliable companion for your Internet knowledge-seeking journey. In this example, we are using this Shadowserver Foundation empowerment video to capture screenshots: Cyber Civil Defense – Shadowserver Briefing, Optimization, & Updates https://youtu.be/ki0faEv7T28?si=WZLlcwzvtskI0OH5 Step 1
Leveraging Cyber Civil Defence
The cyber civil defence services provided by the Shadowserver Foundation are the most overlooked and critical tool for securing your network. If you are a cybersecurity professional and NOT signed up to Shadowserver, you are missing details that will protect your network from the next attack. If you want a quick introduction to Shadowserver, check Read More
Lithuania provides insight into the broader threats from China
Lithuania warns that China has ramped up espionage & cyber campaigns in this year’s National Threat Assessments. Cybersecurity and Digital Safety specialists benefit from studying and reflecting on other countries’ national threat assessments. The problem is selecting one that best matches the resources and capabilities that are more closely aligned with most of the world. Read More
Perhaps it is time to admit that the ladder is on the wrong wall
I’m reading Paul Vixie’s Magical Thinking in Internet Security. I 100% agree with everything Paul is pointing out. We’ve had many conversations about these challenges in the past. But I’m now at a point where I’m looking in the mirror and realizing what we’re doing might be the wrong approach. I’m exasperated at the persistent Read More
Optimize Shadowserver’s Value – Checklist
Optimize Shadowserver’s value! Stop the Threat Actors! You are at risk if you get any of the +120 daily reports. Most issues are easily fixed. All these reports share details the threat actor can potentially exploit. Take 15 minutes once a quarter to update your contacts, ASNs, IPs, Domain, APIs, and other details. Quarterly Reviews Read More
My Birthday Wish is for you to be Cyber Safe
To all those who pinged me via social media, thank you for remembering me on my birthday. I hope the year will be prosperous, connecting, and loving for all. Some people ask what is my birthday wish. This year (like last year), Digital Safety “self-care” actions. These “self-care actions” will help protect you, your family, Read More
Think first – then Act – Apache Struts CVE-2023-50164
The days when the good guys can take a security break during the December Holidays are over. Plan and expect issues that require teams to come in and mitigate/minimize risk to be the “new normal” for the holidays. This year, researcher Steven Seeley discovered a way to abuse the popular Apache Struts frameworks’ file upload Read More
Thanksgiving Holiday Fun! Five Eyes Warn of LockBit 3.0 Ransomware!
Do you know if your network is vulnerable to LockBit 3.0 Ransomware crew getting into your network via NetScaler CVE-2023-4966 vulnerability? Boeing – a company with a powerful cybersecurity team – was penetrated by the LockBit crews using CVE-2023-4966. Is this your Thanksgiving holiday fun? For those subscribed to Shadowserver free Cyber Civil Defence reporting, Read More