FAQ – Which Shadowserver Reports list CVEs? Many people frequently ask how Shadowserver includes CVEs (Common Vulnerabilities and Exposures) in its reports. Currently, there are over 140 reports published, with more on the way. The Shadowserver Alliance is active, working together to support the Shadowserver initiative and develop new report types. It’s a logical question Read More
Tag: cybersecurity
Thank you for knocking on my LinkedIn door …
Thank you for the warm invitation to connect via LinkedIn! You are now following my profile. This will benefit anyone interested in the growth of the Internet, the resiliency of our infrastructure, and our digital safety. You’re welcome to follow me on my other social channels. That will allow you access to all my security,
Is ASEAN Ready for Serious Cybersecurity?
No, most ASEAN countries are not ready for “serious cybersecurity.” Cybersecurity requires a persistent and consistent rhythm of action that fixes known security risks. Public benefit—non-profit cyber civil defense organizations like the Shadowserver Foundation, CyberGreen, and other organizations deliver actionable cyber-risk reporting as a public benefit. Yes, these reports are free to organizations seeking to Read More
Perhaps it is time to admit that the ladder is on the wrong wall
I’m reading Paul Vixie’s Magical Thinking in Internet Security. I 100% agree with everything Paul is pointing out. We’ve had many conversations about these challenges in the past. But I’m now at a point where I’m looking in the mirror and realizing what we’re doing might be the wrong approach. I’m exasperated at the persistent Read More
Cyberwarfare is here; now what?
Cyberwarfare activities were always on the Internet. STUXNET, Google Aurora, and many other attacks were a fact of life. We had cyber attacks when Yugoslavia broke up. We have constant attacks in the Middle East. Cyberwar was part of a security practitioner’s threat model from the late ‘80s until the early 2000s. Then, cybercrime started Read More
Hybrid Warfare Lessons from Ukraine – Though Provoking
Hybrid warfare is a global reality. The global supply chain means that any war will have cyber-attacks happening everywhere along the supply chain. In this holiday “Security Catchup,” list John Deni facilitates, Vishwa Padigepati, Dr. Sarah J. Lohmann, & Vytautas Butrimas in their report – What Ukraine Taught NATO about Hybrid Warfare. Get a cup Read More
Why is an “APRICOT” critical to Asia/Pacific Internet Operations?
There is one conference where Asia & Pacific Critical people resources meet to maintain the operational relationships critical to the success of the Internet. Are you going to Asia Pacific Regional Internet Conference on Operational Technologies (APRICOT)? People glue together the Internet and Telecom. People who meet, collaborate, and work with each other to keep Read More
Get Started in the Security Industry
Get started in the Security Industry, What are my first steps? If you are reading this, you are doing the right type of security digging. You are looking for ways to get started in the security industry. You have a desire to dive deep in the security world. Welcome to the world of chaos, Read More
Seven Critical Security Conversations
Everyone needs to have Seven Critical Security Conversations with their vendors, supply chain partners, and other organizations who help with your security & resiliency posture. The wave of supply chain security conversations that was sparked by the Bloomberg articles has people talking (see The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Read More
The “Cyberwar” Dialog can be easily polluted …..
Watching discussions about cyberwar is a humorous diversion in the day. Take this New York Times article, “Halted ’03 Iraq Plan Illustrates U.S. Fear of Cyberwar Risk.” It starts interesting, talking about a battle plan that was considered as a lead into the 2003 attack on Iraq. Good News! War planning is good. Evaluating collateral Read More