A Hiatus, DDos and Imagetragick

Published: 22 Jul 2016

After serving stale posts to my visitors for months, this blog is refreshed.

Its not that nothing happened during this last year. I shifted base, had too many things happening on all the fronts, keeping me away from blogging. Well, I hope future breaks will be of shorter durations. Since I still need to figure what to write about, how about posting a talk I gave a few weeks back on some DDoS attacks we saw in Feb.

Then also - a few month back one of our servers was exploited using the imagetragick attack. While we could have done better on anticipating this and fixing it before someone could do a PoC, I still feel proud about our response time, duly noted by our hacker friend. We got notified of this issue on a server that didn’t contained critical user data post midnight, and we fixed it in 4 hours.


blog comments powered by Disqus