It seems that PC makers are not happy with the Intel’s Management Engine (IME) and the flaws that keep being found in it. The original flaw allowed attackers a clean way to compromise a system including uploading malware and exfiltrating data. This could be done in a way that bypassed most security systems and even allowed for tampering with the UEFI BIOS if the attacker was sophisticated enough. To their credit, Intel did warn people and manufacturers about this and patched it fairly quickly. The problem is, now that the cat is out of the bag about one flaw; there are sure to be more.
Every now and then, we get a chance to take a look at something that is a little outside of the tech world. A few months ago as I was contemplating a vlog series entitled “Bits, Bytes and Beer”; we received a very cool package in the mail. It was a set of shot glasses made from Himalayan Pink Rock Salt. It seemed a very fortuitous product to hit our lab and one that we certainly want to go into detail on now. So, let’s take a quick look at the Root7 Pink Himalayan Rock Salt shot glasses.
Def Con 25, Las Vegas, NV –
Your phone rings and you check the number as a precaution against marketing calls and it looks like it is from your office. The voice on the other end says that there is an issue on the network and they need your assistance to troubleshoot. The person is calm, friendly and helpful so you agree to assist. By the time it is all done you have in advertently given away vital information about your network to a potential attacker.
Black Hat 2017, Las Vegas, NV -
When an attacker gains a foothold in a network the first thing they need to do is learn the lay of the land. They have done some research on the target to gather information about possible systems they might encounter. In reality, they do not truly know what is going on. They are likely to have hit an exposed system with little true access into the good parts of the network. They are going to need to check shares, network connections and also scrape memory for and stored credentials. With these in had they begin the process of moving around the network and building their map of the target environment.
Black Hat 2017, Las Vegas, NV -
The cloud has become one of those buzz words that people like to use when they want you to put your data or workloads on someone else’s computers and network. Amazon Web Services (AWS), Microsoft Azure, and some lesser known systems. The problem is that once you put your information into their network there is a lot that you have to do to ensure that your information or workloads are secure. Amazon, Microsoft and others are only going to take security so far for you and that leave you vulnerable.
Black Hat USA 2017 – Las Vegas, NV
Three years ago we talked with a company that had something of a change in thought process on how to protect your data. Instead of building bigger walls they wanted to make the items behind those walls unusable to anyone that did not actually have access to them. This year at Black Hat we have talked with multiple companies that have the same, or a similar idea. One of the companies we talked to about this is Vera. Vera is another in a growing group of companies that understand that the traditional security posture is just not enough.
Black Hat USA 2017 - Las Vegas, NV.
Another company that we have the chance to sit down with was Attivo Networks. Attivo, if you are not familiar with them specialize in network deception through the use of projected systems. These are systems that do not really exist in the network but that occupy space and would appear real to someone looking at the network from behind the scenes. They use different methods to make these systems appear to be real including mapped drives (that are invisible to an actual user). This way when a system on the network is compromised an attacker might be fooled into interacting with a deception system and give themselves away.
Black Hat USA 2017 - Las Vegas, NV
When you think of Dell you might get many different images that come to mind. For some they might think about the 90s and the “you’re getting a Dell Dude” guy. Others might think about servers, or corporate desktops. In recent years, you might think about Dell’s push back into the performance market. However, for a large number of people you would not think about Security when the Dell name gets tossed out. This would be a mistake though as Dell does have a large team of people that work on security. This is not just for Dell products, but also for other products that are outside of the Dell realm. While at Black Hat 2017 I had the chance to site down with Brett Hansen, VIce President of Dell Data Security and we talked about some of the security offerings that Dell has.
A few days ago we published an article that covered a leaked batch of emails that showed Kaspersky has worked with the Russian Government. We also covered that the pieces of the emails that were published were completely out of context, and also are nothing out of the ordinary for a company that has a contract with a Government body. Kaspersky's denial of cooperation is also nothing new, so why the big deal in the media? Well we might have found a few pieces to that puzzle which would certainly explain the big push to discredit Kaspersky.
Questionable security practices aside, it seems that just about every "big" scandal lately has had leaked emails as some sort of component. In the latest such scandal we find that leaked Kaspersky emails are at the core of the US National Security policy maker's concerns over the company and the use of the product inside the US. According to "internal company emails obtained by Bloomberg Businessweek" Kaspersky has had a rather close relationship with Russian intelligence agencies.