Yes, you can minimize the risk to BGP Hijacks. All enterprises around the world need to have a conversation around BGP Hijacks. We see security news around malware, phishing ransomware, DOS attacks, breaches, and range of other attacks. What we do not see is conversations around BGP Hijacks. A BGP Hijack can happen on one Read More
Seven Critical Security Conversations
Everyone needs to have Seven Critical Security Conversations with their vendors, supply chain partners, and other organizations who help with your security & resiliency posture. The wave of supply chain security conversations that was sparked by the Bloomberg articles has people talking (see The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Read More
Master Class in Internet Networking …. Free
Nick Feamster Provides Operators, Engineers, and Students with the Tools to Understand How the Internet is Glued Together Who is Nick Feamster? Dr. Nick Feamster is known in the Internet Operations community as one of our primary source of great talent, research that pushes the Industry forward, a deep-dive investigation into security issues on the Read More
Hardware & Software Vulnerabilities are Guaranteed
The long years of experience have taught me through experience, hardware & software vulnerabilities are guaranteed. It is not a matter of “if” but when. The sad reality is that most hardware and software vendors are not ready for vulnerabilities when they happen. Their response ranges from “I’m going to take legal suit” against the Read More
Are your customers infected with VPNFilter?
Everyone is talking about VPNFilter, but there is little information to know if my customers, my staff, or my own home is at risk? How do can I get plugged in? Understanding if you are at risk would be helpful to know if you need to drop everything and fix it now, fix it this Read More
7 Habits of Highly Effective Cyber-Criminals
Yes, there are habits of highly effective cyber-criminals use to be successful! We can leverage the knowledge of these habits to better prepare, defend, and attribute attacks. To understand where these habits were first observed, we must go back to the point where the Internet explosion was creating the opportunity for new criminal enterprises. Read More
Three questions every CxO should ask their ISP
Here is a question for all the CxOs. Why, as an accountable CxO, are you not asking your ISPs for the security basics? This week, the industry has yet another reflection amplification Denial of Service Attack vulnerability. memcached on port 11211 UDP & TCP being exploited walks through the details of this week’s attack vector. As seen in Akamai Read More
memcached on port 11211 UDP & TCP being exploited
TLP:WHITE UPDATE: As of 2018-03-17 ( Morning Update), more attack using the memcached reflection vector have been unleashed on the Internet. As shared by Akamai Technologies “memcached-fueled 1.3 Tbps Attacks,” the application factors are “Internet Impacting.” Mitigation and Remediation Efforts are reducing the number of potential memcached reflectors. Please keep up the good work. Operators are asked Read More
Using the DNS Resolver to Protect Networks
Smart organizations use the DNS Resolver to Protect Networks. Here is why … A typical story ….. Imagine walking in to work the first thing in the morning. Your staff comes into the office. They get their coffee, fire up their computer, and check out the morning industry news. Your staff is alert, applies Read More
CLDAP Reflection Attacks are Increasing! Why? Preventable!!!
Yes, CLDAP Reflection Attacks are increasingly used in DOS attacks! Everyone was warned! We have lots of data which illustrated how CLDAP is being used for reflection DOS attacks. Now we have the news from Netlab 360 that CLDAP is now the #3 protocol used for DOS reflection attacks – CLDAP is Now the No.3 Read More