Towards SSH3: How HTTP/3 improves secure shells
Guest Post: What would the SSH protocol look like if it was made today with recent network technologies?
Tag: security
Credential stuffing and SIM swaps
As stolen credentials increase, what are the best current practices?
Digging into the Orange España Hack
Guest Post: Investigating the unique manipulation of RPKI used in Orange España’s recent outage.
[Podcast] Global Cyber Alliance measurements
Leslie Daigle discusses Global Cyber Alliance’s honeynet project, DNS, and MANRS.
OpenBSD PF-based firewalls suffer differently from DoS attacks
Guest Post: What to do if the PF state table limit is exhausted by UDP traffic.
The LLM misinformation problem I was not expecting
Guest Post: Vetting AI LLM content in education and infosec requires a new best practice.
HTTP/2 Rapid Reset: Deconstructing the record-breaking attack
Guest post: Detecting and mitigating a novel attack vector at unprecedented scale.
Three of the best: Security
Here are APNIC Blog’s top three posts related to Security for 2023.
The use of UTRS in combating DDoS attacks
Guest Post: New study shows that UTRS can be a useful tool in mitigating DDoS attacks, but it is not widely used.
JA4+ network fingerprinting
Guest Post: Powerful human and machine-readable network fingerprints for multiple protocols that improve threat-hunting and analysis.