Tag: vulnerabilities

Open SMTP (Email) Servers on Your Network

Open SMTP (Email) Servers on Your Network

Posted on

Do you know if you have open SMTP servers on your network? In May, Qualys released 21 vulnerabilities to Exim (see Qualys Security Advisory 21Nails: Multiple vulnerabilities in Exim). Exim is a popular Mail Transfer Agent (MTA) available on Unix operating systems and comes pre-installed on Linux distributions. The easy access and wide SMTP/Exim MTAs use Read More

Seven Critical Security Conversations

Seven Critical Security Conversations

Posted on

Everyone needs to have Seven Critical Security Conversations with their vendors, supply chain partners, and other organizations who help with your security & resiliency posture. The wave of supply chain security conversations that was sparked by the Bloomberg articles has people talking (see The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Read More

Filtering Exploitable Ports and Minimizing Risk from the Internet and from Your Customers

Filtering Exploitable Ports and Minimizing Risk from the Internet and from Your Customers

Barry Greene @ bgreene@senki.or Version 1.3 TLP: CLEAR  What are you doing to prepare for the next “scanning malware” and “Internet Worm?” Recommendation: Operators (CSPs, ISPs, Cloud Companies, and Hosting Companies) are strongly encouraged to deploy Port Filtering on the known Exploitable ports and Source Address Validation (SAV) on their customer edge of the network

Weekend Read - Lessons from Heartbleed

Weekend Read – Lessons from Heartbleed

Posted on

Every vulnerability is a security lesson that will either be repeated or used to improve the organization. Lessons from Heartbleed is no different.  IMHO “The Matter of Heartbleed” is a mandatory paper for all security professionals! It points out the dynamics of a critical Internet vulnerability and how organizations respond. As a minimum, read the Read More