Doctor Chaos

Why Threat Actors Continue to Rely on Cyber Fraud

Doctor Chaos

While 2020 has come and gone, many of last year’s cyber fraud problems will continue into at least mid-2021. Cybercriminals will focus on maximizing their profits, using a traditional cost-benefit analysis to decide on the best attack vector.

I'm a C I Double S P (CISSP Parody)

Doctor Chaos

Think you know what being a CISSP is all about? Not all CISSP's are equal, some are more equal than others! link]. Off-Topic


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybersecurity Career Opportunities in Threat Intelligence

Doctor Chaos

[link]. MEDIA

Media 130

Security Vulnerabilities Generated by COVID-19 and How to Address Them

Doctor Chaos

Thanks to COVID-19 and the need to social-distance from one another, many companies shifted rapidly to remote operations. Teams that used to work side by side had to move to a home office or remote location.

Deliver Effective Online Education and Events Your Members Will Love

This guide identifies the biggest challenges for associations moving their training online and provides practical solutions so that you can hit the ground running. Download now to keep your members engaged and growing even in times of COVID-19.

Mobile Security should be your top concern

Doctor Chaos

The world is much smaller than it was thirteen years ago. In 2007 Steve Jobs announced the Apple iPhone. It was an innovative product because it brought mobile Internet into the pockets of millions of people. Smartphones were in existence before the iPhone.

Mobile 130

The Proper Way to Watch Star Wars

Doctor Chaos

Many of us have stress in our lives. We have our jobs to worry about, we need to think about our retirement, and we have to figure out what the health care law means to us. However, a few of us know there are more immediate concerns that must be dealt with.


How Real-Time Technologies Are Helping Protect Vulnerable Energy Assets

Doctor Chaos

As the world increasingly relies on technology, the energy sector’s role becomes more critical. A disruption in the power grid that delivers electricity to businesses and homes could be devastating for any infrastructure and services in an area.

Energy 141

Clark-Wilson Security Model

Doctor Chaos

The Clark-Wilson security model is based on preserving information integrity against the malicious attempt of tampering with data.

Scammers Posing as Board of Elections to Obtain Social Security Numbers

Doctor Chaos

Everybody in the USA that used the mail-in or dropbox voting option, be on alert that there are criminals lurking about with the goal of abusing the confusion going on with the US election the next few days.

Social 130

Zombie Speed 101: They are getting faster

Doctor Chaos

They say the strong survive. How does that apply when you are dead? The Zombie Apocalypse is among us. What are your chances of making it? It really depends on what types of Zombies you are “lucky” enough to encounter.

Study 141

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

Baselines and Anomaly Detection – The Future of Security Capabilities

Doctor Chaos

In a previous lesson, I pointed out that there are three essential ways security tools detect threats. Those methods are signature-based, behavior, and anomaly detection. Most security tools use a combination of one or more of these capabilities to detect threats.

Tools 130

Why is my Network Down?

Doctor Chaos

Over the last few days, many of us in the USA have experienced network outages. I’m not sure about you, but I have become the default “IT Support Guy” at my house meaning when the network goes down, my family starts throwing tomatoes at me while they blame me for the outage.

Active DDoS Attack – What to Do

Doctor Chaos

Don't Panic! You will inevitably be affected by a Distributed Denial of Service (DDoS) attack at some point. A DDoS attack is a shock to the system and how you react is everything. When it happens, stay calm and accept it.

VOIP 130

Beware of the Surge in Covid-19 Vaccine Phishing Scams

Doctor Chaos

As the world makes steady progress towards ending the pandemic, the road ahead is still a long one. Previously unforeseen obstacles can pop up at any time and skew the trajectory of how the world handles Covid-19. One obstacle, in particular, that is on the rise currently is phishing scams.

Open Source Security Tools You Can Use Now

Doctor Chaos

One common question I’ve received is what open source tools are available that I can download now. The answer to this question is simple: LOTS! I will point out however, there are reasons why organizations don’t just run only open-source products within their security operation center.

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

LISP Multihop Extended Subnet Mode

Doctor Chaos

(This blog posting was written with the understanding that the reader already understands how standard LISP operates from a control and data plane perspective.). Overview.

7 Cybersecurity Testing Tools and Apps for Network Security in 2021

Doctor Chaos

The role of the cybersecurity professional has never been more critical. Mass digitization has made every company a tech business, and cybercriminals have taken full advantage of this movement. New threats arise every day, but there’s also an abundance of cybersecurity testing tools at your disposal.

Tools 141

Snort 3 is FINALLY out

Doctor Chaos

Snort 3 is out. This comes from the official release. This post can be found HERE. We know users have been anticipating this day for years. So, we are excited to announce that the official release of Snort 3 is here ! The version number is Snort is an open-source intrusion prevention system (IPS) capable of real-time traffic analysis and packet logging.

Introducing our newest contributor, Shannon Flynn

Doctor Chaos

Readers, I wanted to introduce our newest contributor to the Dr. Chaos site, Shannon Flynn. You will see some of Shannon's articles and contributions to the website in the coming months giving you a new perspective on cybersecurity.

Trends 130

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Closing Security Gaps in SOCs Using Automation

Doctor Chaos

The security operations center (SOC) is an increasingly crucial part of the modern business's cybersecurity approach. One or two IT workers and an anti-malware program are no longer enough to handle a company's cybersecurity.

Next-Gen Cooling Is Advancing Data Centers

Doctor Chaos

Written by: Kayla Matthews journalist & writer. link]. Keeping data centers within the ideal temperature range is crucial due to the expensive and necessary equipment inside.

Reassessing Security Vulnerabilities and Gaps After COVID

Doctor Chaos

Written by: Kayla Matthews journalist & writer link]. The ongoing COVID-19 pandemic has highlighted a few areas of improvement in the business world. As the world's systems try to adapt to changing needs, their shortcomings become increasingly evident.

VOIP 141

Podcast: Patriot Games Part II

Doctor Chaos

This week we conclude our exciting interview with Jim. This former US Intelligence cyber specialist discusses attribution challenges to State actors, US Election security, and a new superhero: Metrics Man!

What is Contextual Analytics? The Next Evolution of Embedded Analytics

Download this white paper to learn what contextual analytics is, how BI platforms like Yellowfin revolutionize the way users discover insights from their data with native contextual analytics, and how it adds value to your software solution by elevating the user experience.

Podcast: Patriot Games Part 1

Doctor Chaos

Attacks, Cyberwar, and Attack Attribution from the perspective of a cyber professional who spent years working for US Intelligence organizations helping to protect the United States from Cyber Attacks.

4 Tips for Using Big Data To Improve Consumer Experience

Doctor Chaos

Written by: Kayla Matthews journalist & writer. link]. Companies have access to more information about their customers than ever.

Podcast: Every conversation is a negotiation

Doctor Chaos

Tony G and Jonas Walker provide an inside look at how ransomware negations occur between a victim and an attacker. Learn how a travel management company negotiated a $10 million ransom to a $4.5 million payout and got tips from the attackers to help them understand how they were attacked.

Travel 130

Podcast: Passion For All Things Security

Doctor Chaos

Chris Louie ( ,[link] ) blogger and security professional from zScaler speaks to us on today's podcast about all things security. Join Tony G and Dr. Chaos on our latest episode as we discuss ransomware, the US Presidential Elections, and all things security.

Building Evolvable Architectures

Speaker: Dr. Rebecca Parsons, CTO of ThoughtWorks

The software development ecosystem exists in a state of dynamic equilibrium, where any new tool, framework, or technique leads to disruption and the establishment of a new equilibrium. Predictability is impossible when the foundation architects plan against is constantly changing in unexpected ways. It’s no surprise many CIOs and CTOs are struggling to adapt, in part because their architecture isn’t equipped to evolve. This webinar will discuss what’s at stake if companies continue to use long term architecture plans.

Swans Reflecting Elephants

Doctor Chaos

Original article appears at [link]. The famous painting “ Swans Reflecting Elephants ” creates a double image and is an ideal metaphor of what we know about the Internet and the hidden layer beneath (the Darknet).

Into the Rabbit Hole – Offensive DNS Tunneling Rootkits

Doctor Chaos

originally posted at [link]. We see numerous evasion techniques that attackers use to bypass egress filtering solutions and establish command and control (C&C) within organizations.

Podcast: It's All About the Benjamins

Doctor Chaos

The financial sector takes cybersecurity seriously, and almost no one takes it more seriously than Chris Konrad , World Wide Technology Director of Global Financial Security.

Podcast: 800-pound gorilla

Doctor Chaos

Industrial cybersecurity specialist James Cabe from CyberX, discusses ICS attacks, OT vs IT, and working for a startup that just got acquired by Microsoft. From missile defense to IoT, we discuss how CyberX works on networks, modern ICS threats, and how ICS attacks are depicted in Hollywood movies.

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

The new DevSecOps team is up and running, and you feel ready to take on rising security threats while delivering quality software updates. But that leaves just one question: how do you monitor your new program as effectively and efficiently as possible? Join Shannon Lietz, Director of DevsecOps at Intuit, and award-winning innovator, to learn the answers to these questions so you can lead your DevSecOps team to the top!

Podcast: EKANS, Green Eggs, and Ham

Doctor Chaos

Researchers Aamir Lakhani and Anthony Giandomenico discuss the EKANS ransomware and why it was an effective and targetted attack. Listen on your favorite podcast app or on Soundcloud: [link]. Podcast

Podcast: Verizon's 2020 DBIR

Doctor Chaos

Aamir Lakhani and Tony G discuss the latest findings of the 2020 Verizon Data Breach report. From ransomware to passwords dumpers. What does it mean how you should shape your cybersecurity policy? Join us on the latest episode of Dr. Chaos Podcast to find out.

5 Best Cybersecurity Management Practices During a Crisis

Doctor Chaos

No company wants to think about what it'll do in a crisis, but sometimes they're unavoidable. Whether it's an advanced cyberattack of a situation like COVID-19 that led to an unexpected rise in cybercrime, cybersecurity emergencies happen. If you do find yourself in such a crisis, how do you respond?

Derek Manky and Aamir Lakhani Discuss OT Security

Doctor Chaos

Dive into this conversation on OT security as Derek Manky and Aamir Lakhani discuss highlights from our recent FortiGuardLabs threat intelligence briefs and the origins of OT-targeted attacks, starting from the beginning with the Stuxnet virus. MEDIA

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.