All networks need to be worried about threats from state sponsored threat actors. But first, make sure your architecture is digitally safe, your processes assume "zero vendor trust," you expect threat actors to get inside, and you have the operational tools to battle active threats. "Blame the Vendor" is a distraction. Find vendors who work with you, not against you. There are vendors in the US are work hard to not collaborate to safeguard their equipment.

"Blame the Vendor" Distractions

Beware of “blame the vendor” distractions.  https://bsky.app/profile/rgblights.bsky.social/post/3ltshf3lvc22e Rob Joyce posted this on his BlueSky account as a response to Alexander Martin’s article, “Spain awards Huawei contracts to manage intelligence agency wiretaps.” Both Rob and Alex are exasperating “blame the vendor” fears when the real problem is more systemic, with nothing to do with…

Threat Researchers find critical vulnerabilities that the worlds needs to know, mitigate, and resolve. Collaborate and leverage the Shadowserver Foundation's infrastructure and community to get the word out to thousands ... all through a trusted non-profit cybersecurity organization focused on a safer Internet.

Yes, Publish Your Threat Model!

“Publish your threat model. Yes, really.” Adam Shostack proposed an idea that will make most cybersecurity professionals and organizations very uncomfortable. It is worth reading through the comments of Adam’s post.What do I think? I’m in total agreement and will change my practice to publish my threat models, help my customers publish theirs, and understand the reason why this will become…

You missed it! Threat Actors simple paths into your network.

On December 3rd, 2024, six cybersecurity organizations published Enhanced Visibility and Hardening Guidance for Communications Infrastructure, detailing simple paths threat actors use to penetrate networks. Most people I talk to say, “This is nothing new.” “We’ve heard it all before.” “These are all Best Common Practices (BCPs); everyone should have deployed them already!” Do not ignore these…

View On WordPress

Using your Printer Ports to Attack?

Do you have a customer whose printer ports are open and vulnerable and can now be used for DDoS? Is your network’s “Internet Print Protocol” (IPP) port open and ready for exploitation? Last week, the Shadowserver Foundation alerted a “large increase in queries on 631/UDP seen in our sensors due to recent CUPS RCEs disclosure. These include callback attempts.” This was part of a community effort…

Is ASEAN Ready for Serious Cybersecurity?

No, most ASEAN countries are not ready for “serious cybersecurity.” Cybersecurity requires a persistent and consistent rhythm of action that fixes known security risks. Public benefit—non-profit cyber civil defense organizations like the Shadowserver Foundation, CyberGreen, and other organizations deliver actionable cyber-risk reporting as a public benefit. Yes, these reports are free to…

Add the rising cost of cyber insurance to...

The rising cost of #healthcare cyber insurance is based on the severity, frequency, and cost of attacks. Learn what your organization can do about it. #cybersecurity

Add the rising cost of cyber insurance to...

The rising cost of healthcare cyber insurance is based on the severity, frequency, and cost of attacks. Learn what your organization can do about it.

Akamai Dynamic Signal

Add the rising cost of cyber insurance to...

The rising cost of #healthcare cyber insurance is based on the severity, frequency, and cost of attacks. Learn what your organization can do about it. #cybersecurity

Add the rising cost of cyber insurance to...

The rising cost of healthcare cyber insurance is based on the severity, frequency, and cost of attacks. Learn what your organization can do about it.

Akamai Dynamic Signal

At RSA, Akamai put focus on fake sites, API...

Get the inside scoop on our latest SOTI, Brand Protector, and our Neosec acquisition! Rupesh Chokshi sat down with Tech Republic at RSA to give the lowdown. #cybersecurity #RSAC

At RSA, Akamai put focus on fake sites, API...

Get the inside scoop on our latest SOTI, Brand Protector, and our Neosec acquisition! Akamai's Rupesh Chokshi sat down with Tech Republic at RSA to give the lowdown.

Akamai Dynamic Signal

Delivering frictionless and secure online...

Explore how Tokopedia delivers optimal online experiences to 90+ million monthly active users with strong web performance, and app and API security. #cybersecurity

Delivering frictionless and secure online...

Explore how Tokopedia delivers optimal online experiences to 90+ million monthly active users with strong web performance, and app and API security.

Akamai Dynamic Signal

Akamai Takes Flight at #RSAC 2023: Thanks for...

We came, we saw, we conquered #RSAC! Akamai shared the future of security from our CSO, discussed the latest in web app and API attacks, and soared to new heights. Check #RSAC 2023 here. #cybersecurity

Akamai Takes Flight at #RSAC 2023: Thanks for...

We came, we saw, we conquered #RSAC! Akamai shared the future of security from our CSO, discussed the latest in web app and API attacks, and soared to new heights. Check #RSAC 2023 here:

Akamai Dynamic Signal

Video: Secure Cloud Migration with Zero Trust

See how implementing a #ZeroTrust security model can improve the security of your #cloud migration initiatives.

Video: Secure Cloud Migration with Zero Trust

See how implementing a Zero Trust security model can improve the security of your cloud migration initiatives.

Akamai Dynamic Signal

Pro-Kremlin hacktivism in Russia mostly fake

More than 90% of cyberattacks targeting Ukraine are either conducted by special services or by state-sponsored groups. More than 90% of cyberattacks targeting Ukraine are either conducted by special services or by state-sponsored groups. The threat is real and more dangerous. Learn more. #cybersecurity

Pro-Kremlin hacktivism in Russia mostly fake

More than 90% of cyberattacks targeting Ukraine are either conducted by special services or by state-sponsored groups. Learn more:

Akamai Dynamic Signal

Protect Against Ransomware Attacks with Zero...

Learn about the security advantages that implementing a Zero Trust cybersecurity model can present in defending against ransomware.

Protect Against Ransomware Attacks with Zero...

Learn about the security advantages that implementing a Zero Trust cybersecurity model can present in defending against ransomware.

Akamai Dynamic Signal

Safeguarding Your Domain Reputation: Prevent...

Domain shadowing is a malicious technique cyber criminals use to mimic legitimate domains and trick victims into believing they are interacting with a trusted website. Security Teams need to know about this common threat vector. Anurag Anuj explains:

Safeguarding Your Domain Reputation: Prevent...

Discover the world of passive DNS and how it helps in detecting attacks like domain shadowing from Akamai's Anurag Anuj:

Akamai Dynamic Signal

Hear from Roger Barranco, VP, Global Security...

Ever wonder what it is like in a SOCC experiencing multiple simultaneous attacks, hitting multiple customers, 7x24? Roger Barranco will share Akamai's SOCC experiences at Tech Day: Amsterdam. Save your seat. @Akamai #cybersecurity #TechDay

Hear from Roger Barranco, VP, Global Security...

On the principles of security operations cyber-attack management at our Tech Day: Amsterdam. Save your seat. #TechDay

Akamai Dynamic Signal