In 2011, the Office of Management and Budget (OMB) released the Federal Cloud Computing Strategy, also known as “Cloud First.” The purpose of Cloud First was to mandate the Federal Government’s transition to the cloud, which would facilitate the modernization…
APIs and IaC – Two New AppSec Imperatives for Development and Security Teams
Application vulnerabilities are among the largest, most exploited vulnerabilities that hackers use to compromise and breach organizations. With applications becoming more prevalent and relied upon, the need to focus on application security becomes absolutely essential. But what many people don’t…
When breaking records goes bad – Threat Intelligence Report shows unprecedented uptick in DDoS attacks
With the 2020 Summer Olympic Games in Tokyo postponed because of the ongoing COVID-19 pandemic, people around the globe lost out on the opportunity to see records broken in amazing, athletic displays of human potential, drive, and spirit. But while…
The Plex DDoS Attack – Isolated Incident or Part of a Larger DDoS Trend?
In our last article on the GovCyberHub, we featured the first part of our two-part Q&A series with Roland Dobbins, a Principal Engineer on NETSCOUT’s ASERT Team who is Netscout’s foremost DDoS subject-matter expert and is one of the top…
Anatomy of a DDoS Attack – the Plex Media Server Reflection/Amplification Attacks
Earlier this year, NETSCOUT announced that it had identified a new attack vector that was being leveraged to launch DDoS attacks across the public Internet. The vector was a protocol incorporated into the Plex Media Server (Plex) application that –…
Security Considerations Drive Air Force to Get Agile
Software and applications have taken on an outsized role in today’s government – helping agencies and military organizations more effectively and efficiently accomplish their missions and service constituents. But to keep pace with innovation, stay ahead of adversaries and keep…
Not an isolated incident – attacks against critical infrastructure are not going away
Earlier this year, a downright chilling cyberattack against our nation’s critical infrastructure was exposed and reported in Oldsmar, Florida, a town of fewer than 14,000 people just outside of Tampa. The attack was targeted against a local water treatment facility…
Security as Code — a faster, safer approach to AppSec
Right in the middle of the holiday season, as much of the world was preparing to take some deserved time off to celebrate with their families and bid 2020 a less-than-fond farewell, some terrible news broke involving a number of…
Lazarus Bear Armada Extorts Government Organizations with Sophisticated DDoS Threat
In a recent episode of the GovCyberHub Podcast, we sat down with a small panel of cybersecurity experts to discuss the current cyber extortion threat facing government organizations, state and local agencies, and private enterprises. What we learned is that…
Cyber Extortion Symposium – Keeping eCriminals at Bay
According to the cybersecurity firm, CrowdStrike, there were more than 40,000 cyber intrusions in just the first half of 2020 alone. What were the hackers looking to accomplish with the cyber intrusions? Since 63 percent of incidents CrowdStrike investigated in…