After serving stale posts to my visitors for months, this blog is refreshed.
Its not that nothing happened during this last year. I shifted base, had too many things happening on all the fronts, keeping me away from blogging. Well, I hope future breaks will be of shorter durations. Since I still need to figure what to write about, how about posting a talk I gave a few weeks back on some DDoS attacks we saw in Feb.
Then also - a few month back one of our servers was exploited using the imagetragick attack. While we could have done better on anticipating this and fixing it before someone could do a PoC, I still feel proud about our response time, duly noted by our hacker friend. We got notified of this issue on a server that didn’t contained critical user data post midnight, and we fixed it in 4 hours.
This is great to be on the positive side of things, but its scary how every (in)action has a consequence these days. pic.twitter.com/1SsC6zTOoQ— Qasim Zaidi (@kernelhacker) July 19, 2016