Blog Posts
UEFI – Terra Firma for Attackers
This blog post focuses on how the vulnerabilities in firmware popularized by the Uniform Extensible Firmware Interface create a lucrative target for high-profile attackers.
• By Vijay Sarvepalli
In CERT/CC Vulnerabilities
Security Automation Begins at the Source Code
Hi, this is Vijay Sarvepalli, Information Security Architect in the CERT Division. On what seemed like a normal day at our vulnerability coordination center, one of my colleagues asked me....
• By Vijay Sarvepalli
In CERT/CC Vulnerabilities
VPN - A Gateway for Vulnerabilities
Virtual Private Networks (VPNs) are the backbone of today's businesses providing a wide range of entities from remote employees to business partners and...
• By Vijay Sarvepalli
In CERT/CC Vulnerabilities
Securely Connecting Africa
While the Internet has enabled modernization in parts of the developing world, it has also introduced new cybersecurity challenges....
• By Vijay Sarvepalli
In CSIRT Development
Security Begins at the Home Router
In recent days, the VPNFilter malware has attracted attention, much of it in the wake of a May 25 public service announcement from the FBI, as well as a number …
• By Vijay Sarvepalli
In Reverse Engineering for Malware Analysis
DNS Blocking: A Viable Strategy in Malware Defense
Electronic CountermeasuresDuring the wars in Iraq and Afghanistan, insurgents' use of improvised explosive devices (IEDs) proliferated. The United States ramped up its development of counter-IED equipment to improve standoff detection …
• By Vijay Sarvepalli
Powered by Mirai
Distributed denial-of-service (DDoS) attacks have been dominating the IT security headlines. A flurry of reporting followed the September 2016 attack on the computer security reporter Brian Krebs's web site KrebsonSecurity …
• By Vijay Sarvepalli, Rachel Kartch
Practical Math for Your Security Operations - Part 3 of 3
Hi, this is Vijay Sarvepalli, security solutions engineer in the CERT Division again. In the earlier blog entries for this series, I introduced set theory and standard deviation. This blog …
• By Vijay Sarvepalli
In CERT/CC Vulnerabilities
Practical Math for Your Security Operations - Part 2 of 3
Hi, this is Vijay Sarvepalli, Security Solutions Engineer in the CERT Division again. In my earlier blog post, I offered some ideas for applying set theory in your SOC (Security …
• By Vijay Sarvepalli, CERT Insider Threat Center
In CERT/CC Vulnerabilities
Practical Math for Your Security Operations - Part 1 of 3
Hi, this is Vijay Sarvepalli, Security Solutions Engineer in the CERT Division. Mathematics is part of your daily tasks if you're a security analyst. In this blog post series, I'll …