News & Insights

Topic: Shadowserver

Beyond the SISSDEN event horizon

October 1, 2019
Between May 2016 and April 2019, The Shadowserver Foundation participated in the SISSDEN EU Horizon 2020 project. The main goal of the project was to improve the cybersecurity posture of EU entities and end users through the development of situational awareness and sharing of actionable information. It exceeded KPIs, with 257 sensors in 59 countries, using 974 IP addresses across 119 ASNs and 383 unique /24 (Class C) networks, and collected 31TB of threat data. This blog post provides detail on Shadowserver's role in SISSDEN, including a 3 minute explainer video.

Of Vacations and Armageddon

June 3, 2019
2019-06-02 - 0820 UTC-7 - It seems that the power company "accidentally" turned off all the power to the building where our data center resides for about 20 minutes.  This of course took everything out. 

Sighting of Mythical New Shadowserver Website Confirmed!

April 24, 2019
After over a decade over operations, the Shadowserver Foundation finally launches a shiny new website. The new site hopefully better explains to the public our values, free services and constituents, and what we continue to do to improve the overall security of the Internet. Our team, focus and mission remain otherwise unchanged. But we may hopefully spare ourselves the occasional embarrassing question!

Recent additions to our available free daily network report types

April 18, 2019
Shadowserver has been participating in an EU Horizon 2020 funded project called SISSDEN from May 2016 to April 2019. Multiple network report types have become available due to the deployment and operation of a new large scale distributed honeypot sensor network, as well as from other SISSDEN partner collected attack data sets. This data is available to subscribers via our free daily network remediation reports.

In the Service of National CERT’s (revisited)

April 2, 2019
Shadowserver recently achieved the significant milestone of having our 100th National CERT/CSIRT sign up for our free daily network reports, so we though that this would be a good moment to provide an update on our global network remediation coverage.

How two seconds become two days

November 17, 2015
At 3:37PM PST, we had a power blip in one of our datacenters.  In those two seconds, over 1,000 systems blinked offline.  As a non-profit, we don't have all of those niceties such as hot-hot datacenters or those new fangled UPSes.  Instead, we do it the old fashioned way, which means we are susceptible to power failures within the building our core systems reside.

What does complete failure smell like at Shadowserver?

August 15, 2015
In any corporation there is a fine line between success and failure.  Part of that is how each one is dealt with.  We at Shadowserver are as proud of our successes as we are of our failures.  We try to be upfront when something breaks and explains what occurred.  We failed completely at that this time as well.

You have Mail!

December 19, 2014
Whelp, there it happens again.  It seems that our filters blew up again and everyone is receiving a much larger set of data than normal.

In the Service of National CERT's

December 11, 2014
Our goal as always has been to get data about infected, compromised or abuse-able hosts to the network owners as efficiently as possible.  The most consistent and effective vehicle for that is using National CERT's.  In many ways they are the gateway to the rest of the networks of a country.

A bit too much DNS Data in Open Resolver Report from 2014-05-22

May 23, 2014
While this has been communicated via e-mail to most of our report recipients, we wanted to make a quick note on our blog regarding the Open Resolver report that recently went out dated 2014-05-22. Please disregard the DNS openresolver data from this data. It lists all DNS servers, not only the ones that are open resolvers.