(Last Updated On: January 3, 2023) Do you run a network? Do you secure an organization? Do you build applications? Do you want DDoS Attacks to be easy? Of course not! Everyone running, securing, or building something on the Internet does not want it easy to attack that service. We’re…

(Last Updated On: August 13, 2022) Your firewalls can be used as a STUN DDoS reflector to attack others on the Internet. Open UDP firewall ports for STUN (Session Traversal Utilities for NAT) are being exploited for DDoS reflection. Your network is most likely one of those networks. Shadowserver now…

(Last Updated On: May 9, 2022) Nozomi Networks find an easier path for DNS Cache Poison Attacks on ICS, CPEs, and other IoT devices. Nozomi Networks disclosed long-term and persistent vulnerability with all versions of uClibc and uClibc-ng (see Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk by Giannis Tsaraias and Andrea Palanca | May 2, 2022). …

(Last Updated On: November 25, 2021) Bad guys are scanning your network. They are finding all the vulnerabilities exposed to the Internet. The vulnerable systems, critical devices, and other ways to break into your network. When ransomware, malware, botnets, and other break-ins happen, people wonder, “how did the threat actors…

(Last Updated On: November 20, 2021) Have you ever wondered what security professionals review each day? How do they keep up with the security news? What sources do they use? If you are new to security, what sources shall you track? We are overwhelmed with a deluge of cybersecurity news…

(Last Updated On: September 5, 2021) “What do you mean the backups don’t work? I thought you said backups would save us from a Ransomware incident?” Good backups are the #1 recommendation you will see in all “Ransomware Defence” guides. We have a problem in the industry. These “ransomware guides”…

(Last Updated On: September 1, 2021) It is frustrating when “Security” is always an afterthought in the C-suite. “Why is the C-Suite always de-prioritizing security?” Even with all the cyber-criminal threats, people find that the C-suite is constantly putting the cost to mitigate that threat on the backburner. It is…

(Last Updated On: June 8, 2021) Do you know if you have open SMTP servers on your network? In May, Qualys released 21 vulnerabilities to Exim (see Qualys Security Advisory 21Nails: Multiple vulnerabilities in Exim). Exim is a popular Mail Transfer Agent (MTA) available on Unix operating systems and comes…

Using DDoS Extortionist’s Behaviors as a tool to defend your organization. Smart and prepared organizations use DDoS Extortionist’s Behaviors as a Defensive Tool. We have a long history of DDoS Extortionists. In the early 2000s, we had DDoS Extortionists who would threaten “gambling sites” with a DDoS Attack 30 minutes…