Is Cloudflare Argo worth it?

Cloudflare Argo reduces network latency on average by 35% and connection errors by 27%. Traditional network technologies use static routing information which can be slower and often use congested paths. Slow loading times and connection timeouts increase the likelihood of poor user experience. The Cloudflare company routes 10% of all HTTP/HTTPS Internet traffic. This provides […]

Generating Secure Passwords for your Linux Server

Very often sysadmins will have to setup new servers or harden existing server passwords during security audits. As a result, secure passwords have to be chosen for root, cPanel accounts, ftp, etc. There are many composite practices that make a server secure, but often overlooked is using secure passwords. Notice that SSH or MySQL root […]

Patch a thing: Securing Internet of Things (IoT) devices

July 16th 2019 update: List of IoT (Internet of Things) security solutions Today, I spent some time researching IoT security. At the end of this post, I’ve listed companies – all of which are new to me – which offer IoT security solutions. Feel free to share your solutions, feedback and tips for securing IoT devices. […]

3rd DDoS attack today, beginning of a new era

4th Update: 20 min video response by Dale Drew, the chief security officer of Internet backbone company Level 3. 3rd Update: More details emerging “that some of the infrastructure responsible for the distributed denial-of-service (DDoS) attacks against Dyn DNS were botnets compromised by Mirai malware.” says Flashpoint. I’ll continue to update with additional information and important links. 2nd Update: 3rd Attack […]

WordPress Plugin being exploited. Delete inactive plugins

For the past few days an increasing number of WordPress websites have been infected by attackers exploiting a vulnerability in the WordPress plugin: WP Mobile Detector. The plugin with over 10,000 active installs was at one point removed completely from the WordPress repository with no patch available. However, as of today the WP Mobile Detector plugin has been patched […]

OpenSSL Security Updates – Severity: High

Update: June 13th 2019 – Remember the OpenSSL project has a budget of less than one million USD per year and relies primarily on donations. With this in mind, it’s very important that you keep tabs on OpenSSL news and the OpenSSL newslog, and be sure to upgrade anytime there is a new release. A new set […]

The Sony Hack: An Inside Job. Here’s why…

From day one, as details leaked about stolen system administrator passwords, many of us knew that the Sony Hack had to have been an inside job. The simple reason is that system administrators setup notifications for both denied login attempts and more importantly, alerts for successful logins. These hackers reportedly stole a “System’s Administrator’s password” which […]

Patched Servers Remain Vulnerable to Heartbleed OpenSSL

If an attacker has already exploited the Heartbleed bug to steal your SSL private keys they can continue to decrypt all past and future traffic even after the vulnerability has been patched. A security vulnerability in OpenSSL called the Heartbleed bug (CVE-2014-0160) has been found. This vulnerability has been open for exploit for about 2 years but was only recently […]