“Security Architecture” is the theme Mathew J. Schwartz (ISMG) pulled out of his interview with John Chambers, founder, and CEO of JC2 Ventures. It is ironic that on a “life-impacting day,” in pop an interview from one of my mentors, John Chambers. If you are reading this, stop and listen to the interview. Once you’ve Read More
New SLP DDoS amplification can overload your network
Happy Tuesday – It is the RSA conference week. That means we get vendors disclosing vulnerabilities while people are at the conference. Bitsight and Curesec uncovered a Service Location Protocol (SLP) DDoS Amplification that can be as high as 2200:1. That means an open SLP port on your network can … CISA has posted an Read More
Birthday Wish – Three Cybersecurity Precautions
Thank you for remembering me on my birthday. I hope the year will be prosperous and loving for all. Some people ask what is my birthday wish. This year I’m going to try something different. I’m going to ask all my friends and family to take a minute and invest to protect themselves to cybersecurity Read More
Loading Spoofer to Fight DDoS
Do you run a network? Do you secure an organization? Do you build applications? Do you want DDoS Attacks to be easy? Of course not! Everyone running, securing, or building something on the Internet does not want it easy to attack that service. We’re asking people to load the Spoofer application to Fight DDoS. Loading Read More
Hybrid Warfare Lessons from Ukraine – Though Provoking
Hybrid warfare is a global reality. The global supply chain means that any war will have cyber-attacks happening everywhere along the supply chain. In this holiday “Security Catchup,” list John Deni facilitates, Vishwa Padigepati, Dr. Sarah J. Lohmann, & Vytautas Butrimas in their report – What Ukraine Taught NATO about Hybrid Warfare. Get a cup Read More
Are your Customers a victim of the Zimbra Exploit?
We have an active Zimbra exploit, in the wild, with espionage and “others” trying to get into +22: vulnerable systems. Everyone using Zimbra Collaboration (ZCS) who has not recently patched is at risk. Volexity Threat Research responsibly disclosed this risk on August 10th, 2022. Zero-Day exploitation was active on the disclosure day. Shadowserver is tracking Read More
Don’t let your Firewalls be STUN DDoS Reflector
Your firewalls can be used as a STUN DDoS reflector to attack others on the Internet. Open UDP firewall ports for STUN (Session Traversal Utilities for NAT) are being exploited for DDoS reflection. Your network is most likely one of those networks. Shadowserver now detects 101k IPv4 and 2.9K IPv6 accessible UDP STUN services. These Read More
Why are you leaving your SNMP ports open to the world?
Too many organizations are ignoring the risk of SNMP abuse and leaving their SNMP ports open to the world. Simple Network Manage Protocol (SNMP) is one of our core networking building blocks. We – the community who build and run networks – use all types of networks. It is a powerful tool for monitoring, managing, Read More
DNS Cache Poison Attacks are Still a Risk
Nozomi Networks find an easier path for DNS Cache Poison Attacks on ICS, CPEs, and other IoT devices. Nozomi Networks disclosed long-term and persistent vulnerability with all versions of uClibc and uClibc-ng (see Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk by Giannis Tsaraias and Andrea Palanca | Read More
You are now part of the Russian-Ukrainian Cyberwar’s “Battlespace”
It is 2022 and you are now part of the Russian-Ukrainian Cyberwar’s “Battlespace.” There is no escaping the “packets” flying through, at, and over your network. If you live on planet Earth, you are now part of the Russian-Ukrainian cyber-battle space. What is a cyber warfare “battlespace?” A “battlespace” is the location of the warfighting. Read More