Collaborate Disseminate
Last year I wrote about the Digital Security Exchange. The project is live: The DSX works to strengthen the digital resilience of U.S. civil society groups by improving their understanding and mitigation of online threats. We do this by pairing civil society and social sector organizations with credible and trustworthy digital security experts and trainers who can help them keep… Continue reading The Digital Security Exchange Is Live
We all know what a great year distributed denial-of-service (DDoS) attacks had in 2016. In the last four months, the web registered two significant DDoS campaigns. The first targeted Brian Krebs at a peak size of 620 Gbps. The second struck Dyn and, in… Continue reading 5 Notable DDoS Attacks of 2017
With the release of the new 2017 Edition of the OWASP Top 10, we wanted to give a quick rundown of how BIG-IP ASM can mitigate these vulnerabilities. First, here’s how the 2013 edition compares to 2017. And how BIG-IP ASM mitigates the vulnerabil… Continue reading The OWASP Top 10 – 2017 vs. BIG-IP ASM
Today, let’s look at a couple ways to mitigate an application DDoS attack with BIG-IP ASM. We’ve logged into a BIG-IP ASM and navigated to Security>DDoS Protection>DDoS Profiles. In the General Settings of Application Security,… Continue reading Mitigate L7 DDoS with BIG-IP ASM
There is an unpatchable vulnerability that affects most modern cars. It’s buried in the Controller Area Network (CAN): Researchers say this flaw is not a vulnerability in the classic meaning of the word. This is because the flaw is more of a CAN standard design choice that makes it unpatchable. Patching the issue means changing how the CAN standard works… Continue reading Unfixable Automobile Computer Security Vulnerability
Vancouver, Halifax, and Tuktoyaktuk are on the front lines. Continue reading Sea Level Rise Will Completely Reshape Canada by 2100
Researchers discover a clever attack that bypasses the address space layout randomization (ALSR) on Intel’s CPUs. Here’s the paper. It discusses several possible mitigation techniques…. Continue reading Bypassing Intel’s ASLR
SWIFT’s chief information security officer said Wednesday that the cooperative is still seeing cases in which its customers’ environments have been compromised. Continue reading SWIFT Confirms Banks Still Being Targeted, Announces Mitigation Tool
Google determined that Safe Browsing warnings correlate with quicker remediation times, though not as quick as direct contact with webmasters who have registered with Google Search Console. Continue reading Google Alerts, Direct Webmaster Communication Get Bugs Fixed Quickly