Category Archives: Network Security

What’s Needed Now: Supply Chain Integrity Testing

Listen up, all you security experts who want to be an entrepreneur! John Pescatore, the SANS Institute Director of Emerging Security Trends, sees an opportunity for the Next Big Thing in tech security. In Pescatore’s view, there’s a growing need for supply chain integrity testing. In the wake of all the digital spying revelations let loose by the Edward Snowden … Read more

Posted in Governance, Risk and Compliance, Network Security, Security Management, Security Threats, Uncategorized | Tagged , , | Leave a comment

Attack of the Month Video Blog Series: Network Layer Attacks In ICS

In the world of Industrial Control Systems (ICS)  system outage or infiltration can result in system downtime, loss of productivity and loss of revenue, as well as loss of confidentiality, integrity and availability. Additionally, system outage or infiltration could possibly result in loss of life often due to the critical nature of these devices. Together, lack of access to critical … Read more

Posted in Data Protection, DDoS, Governance, Risk and Compliance, Network Security, Security Management, Uncategorized | Tagged , , , , , | Leave a comment

New DDoS Warning Issued – Banking Industry Beware

The Federal Financial Institutions Examination Council (FFIEC), today released advisory statements warning Financial Institutions of risks associated with cyber-attacks on ATM’s, credit card authorization systems and the continued DDoS attacks against public-facing websites. It is encouraging to see continued awareness and general guidance coming from a credited authority on cyber threat protection.  This advisory statement brings reinforcement to guidelines outlined … Read more

Posted in Data Protection, DDoS, Governance, Risk and Compliance, Network Security, Uncategorized | Tagged , , , , , | Leave a comment

Cybersecurity Professionals Are in Big Demand as Staffing Shortages Hit Critical Levels

In a previous blog post I talked about the upcoming National Cybersecurity Career Fair (NCCF) this June 18 and 19, 2014. NCCF is an innovative virtual meeting place for the top cybersecurity employers and entry to mid level cybersecurity jobseekers in the United States. It turns out that this job fair is desperately needed by employers in practically every industry, … Read more

Posted in Governance, Risk and Compliance, Network Security, Security Management, Security Threats, Uncategorized | Tagged , , | Leave a comment

DDoS Attacks – A Mainstream Occurrence and Disruption to Your Business

Corero recently partnered with John Pescatore, Director of Emerging Security Trends with the SANS Institute in developing a survey program designed to shed more light on organizations’ experiences with DDoS attacks. What we uncovered does not come as a surprise to those well entrenched in the DDoS defense space. The results continue reinforce the need for businesses to build and execute … Read more

Posted in Application Security, DDoS, Network Security, Security Threats | Tagged , , | Leave a comment

National Cybersecurity Career Fair in June Will Connect Employers to Entry Level Cybersecurity Workers

Do you know anyone who is an aspiring cyber security professional? Here is some important information to pass along to help them get their career started. This is also big news if your organization is looking to recruit entry-level people for IT security positions. Coming up this June 18 and 19, 2014, Cyber Aces is presenting the first National Cybersecurity … Read more

Posted in Application Security, Cloud Security, Data Protection, Governance, Risk and Compliance, Mobile Security, Network Security, Security Management, Security Threats, Uncategorized | Tagged , , | Leave a comment

NTP Amplification DDoS Attacks Are Skyrocketing. Do You Have Your Defense System in Place?

In his recent “Attack of the Month Video Blog Series,” Stephen Gates talks about NTP reflective traffic as the latest technique being used to launch DDoS attacks against hapless victims. This is certainly something to pay attention to. Since the beginning of 2014, the number of attacks using this method has skyrocketed, largely because there is a new NTP reflection/amplification … Read more

Posted in Network Security, Security Management, Security Threats, Uncategorized | Tagged , , , , | Leave a comment

Vulnerable WordPress Servers, A Real Cause for Concern

Attacks against, and attacks used to manipulate WordPress servers have been seeing more of their fair share of publicity over the last several months.  As we dig a little deeper into the two attack scenarios, a few key points come to light. In the spring of 2013 many WordPress servers located in both Hosting Centers and DMZs throughout the world … Read more

Posted in DDoS, Network Security, Security Management, Security Threats, Uncategorized | Tagged , , , | Leave a comment

Attack of the Month Video Blog Series: NTP Reflective Attacks

NTP or Network Time Protocol attacks have been taking center stage as of late. What’s interesting here is that the move to exploit UDP based protocol suggests that we (the good guys) are raising the security bar and thus making it more difficult to successfully exploit DNS amplification attacks. NTP is another critical Internet service and one that doesn’t usually … Read more

Posted in Network Security, Security Management, Security Threats | Tagged , , , , | Leave a comment

Business Lessons from the DDoS Attacks on Social Networking Site Meetup

In early March, the social networking site Meetup was hit by a series of DDoS attacks. The attacks did some damage, not the least of which was knocking the site offline for hours at a time over a period of several days. However, I have to say that it appears that the Meetup management and technical team did a few … Read more

Posted in DDoS, Network Security, Security Management, Security Threats, Uncategorized | Tagged , , , , | Leave a comment