Happy 9th Birthday, KrebsOnSecurity!

Hard to believe we’ve gone another revolution around the Sun: Today marks the 9th anniversary of KrebsOnSecurity.com! This past year featured some 150 blog posts, but as usual the biggest contribution to this site came from the amazing community of readers here who have generously contributed their knowledge, wit and…

RSync the old is still new…

This is a special blogpost for us. We usually work on our research by ourselves and present it in the same way, but this time, this research was partially done in collaboration with the amazing team at Rapid7. You should also check out their counterpart report here: https://blog.rapid7.com/2018/12/21/rsunk-your-battleship-an-ocean-of-data-exposed-through-rsync/ What is…

Encrypting DNS end-to-end

Over the past few months, we have been running a pilot with Facebook to test the feasibility of securing the connection between 1.1.1.1 and Facebook’s authoritative name servers. Traditionally, the connection between a resolver and an authoritative name server is unencrypted i.e. over UDP. In this pilot we tested how…

Firewall Rules – Priority and Ordering

Firewall Rules are one of the best security features we released this year and have been an overwhelming success. Customers have been using Firewall Rules to solve interesting security related use cases; for example, advanced hotlink protection, restricting access to embargoed content (e.g. productId=1234), locking down sensitive API endpoints, and…
1 2 3 4