Source Address Validation (SAV) – Techniques & Tools

Source Address Validation (SAV) is one of the most promoted security best practices. We have achieved a wide range of SAV deployment, but we also run into the tedious 20% of the Internet that takes more human-intensive SAV deployment work. This guide is provided to help operators, engineers, policymakers, and executive decision-makers have a “reference

Are your Customers a victim of the Zimbra Exploit?

We have an active Zimbra exploit, in the wild, with espionage and “others” trying to get into +22: vulnerable systems. Everyone using Zimbra Collaboration (ZCS) who has not recently patched is at risk. Volexity Threat Research responsibly disclosed this risk on August 10th, 2022. Zero-Day exploitation was active on the disclosure day. Shadowserver is tracking Read More

Don’t let your Firewalls be STUN DDoS Reflector

Your firewalls can be used as a STUN DDoS reflector to attack others on the Internet. Open UDP firewall ports for STUN (Session Traversal Utilities for NAT) are being exploited for DDoS reflection. Your network is most likely one of those networks. Shadowserver now detects 101k IPv4 and 2.9K IPv6 accessible UDP STUN services. These Read More

Why are you leaving your SNMP ports open to the world?

Too many organizations are ignoring the risk of SNMP abuse and leaving their SNMP ports open to the world. Simple Network Manage Protocol (SNMP) is one of our core networking building blocks. We – the community who build and run networks – use all types of networks. It is a powerful tool for monitoring, managing, Read More

DNS Cache Poison Attacks are Still a Risk

Nozomi Networks find an easier path for DNS Cache Poison Attacks on ICS, CPEs, and other IoT devices. Nozomi Networks disclosed long-term and persistent vulnerability with all versions of uClibc and uClibc-ng (see Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk by Giannis Tsaraias and Andrea Palanca | Read More

DDoS Resiliency Workshop – 2022

Revised, Updated, and Enhance DDoS Resiliency Workshops for Today’s Internet In the late 1990s, several people started teaching ISPs how to protect their networks from attack. These early “DDoS Resiliency Workshops” evolved in a consistent theme and method that eventually curated best common practices for DDoS resiliency. Unfortunately, the threats from attacks to Communications Services

You are now part of the Russian-Ukrainian Cyberwar’s “Battlespace”

It is 2022 and you are now part of the Russian-Ukrainian Cyberwar’s “Battlespace.” There is no escaping the “packets” flying through, at, and over your network. If you live on planet Earth, you are now part of the Russian-Ukrainian cyber-battle space. What is a cyber warfare “battlespace?” A “battlespace” is the location of the warfighting. Read More

Bad Guys are Scanning Your Network!

Bad guys are scanning your network. They are finding all the vulnerabilities exposed to the Internet. The vulnerable systems, critical devices, and other ways to break into your network. When ransomware, malware, botnets, and other break-ins happen, people wonder, “how did the threat actors find that service?” People thought that “if we don’t publish it, Read More

How do Security Experts surf the tidal wave of security news?

Have you ever wondered what security professionals review each day? How do they keep up with the security news? What sources do they use? If you are new to security, what sources shall you track? We are overwhelmed with a deluge of cybersecurity news. In essence, we’re surfing cybersecurity news trying to keep up and Read More

History of Denial of Services (DoS) Attacks

Version 0.1 Denial of Service (DoS) Attacks, Incidents, and Events have been with the Internet community since the early days of the ARPANET. They happened on all the early, public networks (FidoNet, BBS networks, BITNET, etc) and were part of the “mainframe” timeshare culture (where people locked each other out of terminals to get more