Insights from the FBI on Fighting Cyber Crime

If your company experienced an IT security breach, would you contact law enforcement? According to an unofficial poll by the FBI and Trend Micro, about 60% of people said yes. I’d venture to guess that a portion of that 60% would only Continue Reading →

Bookmark and Share

SSDP Amplified Attacks, a Sitting Duck against Sophisticated DDoS Analytics

The craftiness of cyber attackers never ceases to amaze me and now a new kid on the block has emerged – the SSDP Reflective/Amplified DDoS attack.   Many people may wonder what SSDP is.  SSDP otherwise known as the Simple Service Discovery Protocol Continue Reading →

Looking for a job? Cyber Aces is hosting another National Cybersecurity Career Fair in November

Last spring I wrote about Cyber Aces hosting its first National Cybersecurity Career Fair (NCCF). (See National Cybersecurity Career Fair in June Will Connect Employers to Entry Level Cybersecurity Workers.)  

Bookmark and Share

Using sFlow for Security Analytics

sFlow (sampled flow) is a scalable protocol for statistical monitoring of a network.  When used for security monitoring, it can provide valuable insight for establishing baseline behavior and identifying deviations from the baseline.  Security administrators can be alerted when an anomaly is Continue Reading →

Software developers get SWAMP’ed, and that’s good for software security assurance

October is National Cyber Security Awareness Month. The theme of this week’s awareness messaging is how to build secure software products, and we’ve got a great tip on how you can do that. If you look at the evolution of software, it Continue Reading →

Shellshock – Picking up the Pieces

4.1 million. That’s the number of news items, blogs, webpages, reports, and opinion articles related to the recently discovered ‘Shellshock’ (Bash) vulnerability that were matched via a quick Google search for ‘Shellshock bash bug’ this morning. There’s no denying that this vulnerability is Continue Reading →