Month: November 2021

APT annual review 2021

In the Global Research and Analysis Team at Kaspersky, we track the ongoing activities of more than 900 advanced threat actors and activity clusters; you can find our quarterly overviews here , here and here . For this annual review, we have tried to focus on what we consider to be the most interesting trends and developments of the last 12 months.

Source: APT annual review 2021

IT threat evolution in Q3 2021. PC statistics

IT threat evolution Q3 2021 IT threat evolution in Q3 2021. Mobile statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, in Q3 2021: Kaspersky solutions blocked 1,098,968,315 attacks from online resources across the globe.

Source: IT threat evolution in Q3 2021. PC statistics

Searching for Exposed ASUS Routers Vulnerable to CVE-2021-20090, (Fri, Nov 26th)

Over the past 7 days, my honeypot captured a few hundred POST for a vulnerability which appeared to be tracked as a critical path traversal vulnerability in the web interfaces of routers with Arcadyan firmware. If successfully exploited, could allow unauthenticated remote actors to bypass authentication and add the router to the botnet Mirai botnet.

Source: Searching for Exposed ASUS Routers Vulnerable to CVE-2021-20090, (Fri, Nov 26th)

A Few Commands

Well, I learned a few things over the past few weeks. I may be used to a Linux desktop environment less so a server one. Time to lab it up and work these new commands into that muscle memory.

setfacl, getfacl, advanced permissions
chage, passwords

chcon, SELinux (Security) RedHat, CentOS, Fedora

I wasn’t sure ‘FACL’ would work on Arch and so I can the command and sure enough, it did.

Are We at War?

Stuxnet was at the forefront of cyberwarfare. Today we’re consistently attacking others and others are attacking us. Know where you belong.


I used to work for them in quality. Great bunch of guys and I enjoyed working with them. They were acquired by ACI 10/2020.

Boathouse Capital’s ACI Learning Acquires ITProTV

I have a day job and when I’m off during the week on Wednesday, I’ll look them up and see what they’re doing.

IT Training to Accelerate Your Career | ITpro.TV


Here is my buddy Daniel and his take on this cert. This is on my roadmap in the future.

Linux Certs

Interesting how many certs there are. Depending on experience and work environment may determine what path is best for you. I believe that I’m a novice at this point. My very first Linux distro was #Smoothwall back in 2001. Later in 2002 I went back to school for Network administration and learned a little of #RedHat. Next on my Linux journey, I worked for a small WISP and they used #Fedora at the time. At home, I dabbled with #Gentoo and #SuSe. Today I happen to run #Arch.

Looking for Resources

I’m on a journey to successfully pass #Linux+ and break back into IT after the pandemic. A new career path awaits.

I found this useful and I was able to answer most of the questions from memory.