Tuesday, August 21, 2018
  • DDoS Attack Volume Rose 50% in Q2 2018
  • What You Should Know About Driving Down MTTD and MTTR
  • Seven Data Security Challenges You Must Meet to Comply with GDPR
  • The Chinese Spy, or a Dupe in the Senator’s Office?
  • The MITRE ATT&CK Framework: Defense Evasion

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
    • CISO Conversations
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
Events IoT & ICS Security Security Bloggers Network 

Home » Cybersecurity » Events » BSidesLV Preview: Who Watches the Watchers?: Understanding the Internet’s Background Noise

BSidesLV Preview: Who Watches the Watchers?: Understanding the Internet’s Background Noise

by Tripwire Guest Authors on August 1, 2018

The instant a device is connected to the internet, it gets scanned and interrogated for open ports, software versions, and default passwords. Who conducts these scans and why? When you connect to the internet, what kind of attacks will you immediately see? The days of mass exploitation are upon us and encouraged, in part, by the rise of the Internet of Things. When every device is connected, a new paradigm for mass exploitation emerges.

Vulnerabilities, specifically in core computing components, linger for decades. Many white hat organizations scan IPv4 constantly to assess the potential impact of a vulnerability or to understand the shifting technology landscape, while less reputable actors scan for more nefarious purposes. These scans often aren’t cheap. The economics of simple port scans at scale, and the associated costs for enthusiasts and enterprises alike requires analysis and exploration.

There are a number of insights you can gain into the systems and tools being used to conduct these scans. From Massscan to Zgrab to AutoSploit, internet-scanning tools are prevalent and can reveal patterns of threat behaviors.

There have been a lot of talks about scanning the internet, but actively tracking those who scan the internet is a new and interesting concept. Observing scanners allows us to find patterns, determine and predict behaviors, and coax out tactics, techniques, and procedures. Additionally, with the rise of IoT, the ability to use these devices as proxies to scan or exploit IPv4 at scale makes this a timely topic. The methods used by red teams and black hat hackers to enumerate and interrogate networks has changed. Tools like Shodan, Censys and Common Crawl are effectively performing network reconnaissance as a service. There are now attacks and scans today at a scale that is unprecedented thanks to the rise of IoT.

Anyone in cybersecurity (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-awareness/events/bsidelv-preview-internet-noise/

August 1, 2018August 1, 2018 Tripwire Guest Authors 0 Comments BSidesLV, Event, events, iot, ipv4, security
  • ← ITIL, the Change Management Process and Tripwire Enterprise
  • Virtualization Flaw Uptick: It’s ‘Just Getting Underway’ →
Featured Blog

5 days ago

Zombies: Top 5 Open Source Vulnerabilities That Refuse To Die

7 days ago

Are DevOps and DevSecOps Headed in Opposite Directions?

2 weeks ago

Top 5 New Open Source Security Vulnerabilities in July 2018

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Dumb Privacy Rules: How Lawyers are Ruining It for Everyone
New Foreshadow Vulnerabilities Defeat Memory Defenses on Intel CPUs
Manufacturing: A Rising Target for Cybercriminals
IKEv1 Vulnerabilities Break IPsec VPN Security in Cisco, Huawei, ZyXEL Gear
Signal Sciences Extends WAF Scope
3 Key Mobile Enterprise Threats in 2018
Think Like an Attacker: Three Network Security Points to Identify and Protect
Cryptojacking is the New Black’ in Cybercrime
The Fight Against the Next Generation of Cyber Threats
7 Most Difficult Information Security Certifications

Upcoming Webinars

Mon 27

Mastering Machine Learning for Security Professionals: A Discussion- Encore Presentation

August 27 @ 1:00 pm - 2:00 pm
Sep 13

Shifting Left…AND Right to Ensure Full Application Security Coverage

September 13 @ 1:00 pm - 2:00 pm
Sep 24

CISO/Security Vendor Relationship Roundtable

September 24 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

The Complete Guide on Open Source Security

CISO/Security Vendor Relationship Series

CISO/Security Vendor Relationship Podcast

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Microsoft OneDrive: The Good, the Bad, and the Ugly
Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) 

Microsoft OneDrive: The Good, the Bad, and the Ugly

August 10, 2018 Bob Ertl | Aug 10 0
Launching a Digital Transformation? Make Security a Priority
Industry Spotlight Security Boulevard (Original) 

Launching a Digital Transformation? Make Security a Priority

August 7, 2018 John Aisien | Aug 07 0
3 Reasons Why Companies Are Adopting AI/ML for Threat Intelligence
Cybersecurity Industry Spotlight Security Boulevard (Original) Threat Intelligence 

3 Reasons Why Companies Are Adopting AI/ML for Threat Intelligence

August 6, 2018 Sachin Sharma | Aug 06 0

Top Stories

Security Boulevard’s 5 Most Read Stories for the Week, August 13-17
Featured Governance, Risk & Compliance Identity & Access IoT & ICS Security Malware News Security Boulevard (Original) Spotlight Threats & Breaches Uncategorized 

Security Boulevard’s 5 Most Read Stories for the Week, August 13-17

August 20, 2018 Saleem Padani | Yesterday 0
IKEv1 Vulnerabilities Break IPsec VPN Security in Cisco, Huawei, ZyXEL Gear
Featured IoT & ICS Security Network Security News Security Boulevard (Original) Spotlight Vulnerabilities 

IKEv1 Vulnerabilities Break IPsec VPN Security in Cisco, Huawei, ZyXEL Gear

August 20, 2018 Lucian Constantin | Yesterday 0
Signal Sciences Extends WAF Scope
Application Security Cybersecurity Featured News Security Boulevard (Original) Spotlight 

Signal Sciences Extends WAF Scope

August 20, 2018 Michael Vizard | Yesterday 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2018 Mediaops Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.