Defending the Internet: How Cloudflare blocked a monumental 7.3 Tbps DDoS attack
In mid-May 2025, blocked the largest DDoS attack ever recorded: a staggering 7.3 terabits per second (Tbps).
If you'd like to know why IPv6 continues to be a dud compared to IPv4, years after we exhausted all IPv4 addresses, check out this great article by my favorite networking guru, Geoff Huston, in the free and mighty Internet Protocol Journal, issue 28 no 1.
https://ipj.dreamhosters.com/internet-protocol-journal/issues/back-issues/
Incidentally, I set up my IPv6-only lab, which required tunnel tech, again this past week, 19 YEARS after doing it the first time.
https://taosecurity.blogspot.com/2006/09/ipv6-only-freebsd-scenario.html
Once ‘dead’ thrusters on the farthest spacecraft from Earth are in action again
NASA engineers have revived old thrusters on Voyager 1 to prevent a clog from endangering the mission during a planned communications blackout.
Here’s another reason why you need a balanced approach to detection and response, including
#networksecuritymonitoring, and cannot simply rely on the integrity of the endpoint.
https://www.techspot.com/news/107883-ransomware-can-now-run-directly-cpu-researcher-warns.html
Ransomware can now run directly on the CPU, researcher warns
A security researcher designed a way to weaponize microcode updates to install ransomware directly onto the CPU. Rapid7 analyst Christiaan Beek drew inspiration from a critical flaw...
For years I’ve said the Apple iPhone ecosystem overall is far more secure for the average user than Android. Here’s a quantifiable example of how bad the Google Play store has been. It’s good to see Google taking these steps, but the Android ecosystem will remain inferior compared to the vertical integration of the Apple iPhone.
https://www.techspot.com/news/107745-google-play-shrinks-47-percent-following-policy-overhaul.htmlThe 2025 Mandiant M-Trends report is here. First the first time in the history of the report, global dwell time has increased, albeit only one day, from 10 to 11 days. This is still worrying, as ransom actor extortion demands have pressured the dwell time downward, but for an obviously bad reason. Global detection by source has also moved in the wrong direction, with slightly more external vs internal detection. I fear we have entered the realm of decreasing “returns on security investment,” especially for the security 1-10%.
I just created another Windows 10/11 application using AI. This is a follow-up to the SquareCap program I posted about a few weeks ago. Details here:
https://taosecurity.blogspot.com/2025/04/creating-large-text-file-viewer-by-vibe.html
Creating a Large Text File Viewer by Vibe Coding with Visual Studio Code, Cline, OpenRouter, and Claude 3.7
Richard Bejtlich's blog on digital security, strategic thought, and military history.
I just created a Windows 10/11 application that takes square screen captures. I did zero coding myself but used Visual Studio Code, Cline, OpenRouter, and Claude. Details:
https://taosecurity.blogspot.com/2025/03/creating-windows-application-using.html
Creating a Windows Application Using Visual Studio Code, Cline, OpenRouter, and Claude
Richard Bejtlich's blog on digital security, strategic thought, and military history.
Any of my fellow military historians might want to take advantage of this flash sale by Osprey Publishing. Every time they offer a sale I buy the latest Osprey Campaign and Osprey Air Campaign titles.
https://www.ospreypublishing.com/us/discover/sale/osprey-february-flash-sale-2025/
Osprey February Flash Sale 2025
I had a scare due to Google AI hallucinations. I was watching BBC presenter Stephen Sackur just now. Ehud Olmert joked about their age difference so I Googled Stephen. Google told me Stephen had advanced cancer and was lobbying for sensitive legislation! I checked the references and it turns out he INTERVIEWED someone with terminal cancer. Stephen was treated for skin cancer successfully in 2019 however.
