Sean Kalinich

WiFi is one of those services that people simply expect to see these days. When you walk into just about any public building you are going to start looking for the “free” WiFi that they have. Most people do not stop to think about that that looks like behind the scenes especially when you are in a smaller business. In a large business you have multiple wireless access points (WAPs) that are run by a central controller. This centralized control system makes it relatively simple to control both the business side and the guest side of the wireless network. These tools can be very expensive and out of the budget range for most small companies. Instead a small business will end up with either an edge device with built in wireless (and really bad service), a single WAP or multiple individual WAPs that need to be managed independently and have their own problems.

Potential New Exploit found in OpenSSL gets around latest hotfix
Published in News

It seems that someone may have found a way around at least one of the latest hot fixes for OpenSSL. According to some talk around the darker places on the internet, a rehash of metadata can allow a malicious individual to get around the latest hot fix designed to stop someone from bypassing the CA check in OpenSSL. The original flaw was found to exist during certificate validation. When OpenSSL checks the certificate chain it will try to build an alternate route if the first attempt fails. Due to a flaw in the way this is done can allow a “bad guy” to actually force some of the secondary checks to be bypassed and allow an invalid cert to pass.

Possible Breach At Hilton Highlights PoS Risk
Published in News

Just when you thought it was safe to use your credit card we are hearing rumblings of a breach at Hilton. According to Brian Kerbs and some of our own sources a payment card breach has taken place and the only unique feature about this was that all of the affected cards were used at a Hilton Property. This is not just the regular Hilton Logo properties, but also includes Embassy Suites, Doubletree, Hampton Inn and Suites, Waldorf Astoria Hates and Resorts, and potentially others. The exact timing of the breach is unclear at the moment, but could go as far back as November 2014.

Hackers using unencrypted satellite communication to hide C&C servers
Published in News

Security and malware research company, Kaspersky has recently released a paper describing what they say is the “ultimate level of anonymity” used by any malicious hacking group. In their report they describe a new attack by the group Ouroboros as “exquisite”. This is the same group that was linked to the Turla malware last year so we are not talking about amateurs or script kiddies. The attack uses commercial satellites’ unencrypted communication channels to send and receive traffic to their C&C servers.

iConnect has a Lightning interface that can be plugged into an Apple device directly – Now available in the U.S.

September 2nd, 2015 - Taipei, TaiwanFoxlink, PQI, the world’s leading brand in peripheral storage accessories for portable devices is proud to announce the ultimate storage solution, the iConnect. It seems that almost everyone eventually runs out of space on their iPhone, iPad or iPod, whilst there are multiple ways to solve this problem, there’s nothing better than simply having more space. The iConnect is an Apple certified Lightning interface flash drive that can be plugged directly into an iOS device to store photos, music, movies and to back up contacts. With the iConnect, you will no longer have to go through your phone deleting old memories or trying to figure out which app you can live without. Available in the U.S. this September, the iConnect will give you enough space so you never miss the next photo or video opportunity.

Concerns about an EA Origin Breach Pop Up After a Round of Password Reset Emails Go Out
Published in News

There are rumblings on the internet that all might not be well with EA after a round of password reset notices appear to have been sent out on Sunday (8-13-2015). EA does not give a specific reason behind the reset notifications other than suspicious activity. However, the timing seems to correlate with an authentication exploit that has been talked about on the darker side of the internet. These claims are that a group has been silently exploiting EA’s authentication servers for months. It is far from certain that EA has suffered a large-scale breach, but it does bring up the subject of authentication server security.

A security researcher's lot is not a happy one, but it should be
Published in Editorials

The life of a security researcher is not all beer and pizza. In most cases the days are long and very few seem to appreciate what you are doing. From the stand point of a security researcher they are the good guys trying to help push an agenda of security. They spend countless hours finding the holes in code and hardware before the “bad guys” do. Sure there are bug bounty programs that pay fairly well and some researchers work for larger firms, but it is not all about the money or attribution.

Ionic Security says they can make your data useless to the bad guys
Published in Shows and Events

Last year at Black Hat USA 2014 we met up with a company that was looking to make some changes in the way we protect our data, Ionic Security. The concept was very simple, but the implementation was sure to be complex. I was not sure that what they wanted to accomplish could even happen. However, after a conversation with them I became more than interested. It was a simple concept, but it did not need to be overly complex. To make things even more interesting this was not a truly new idea, but it was one that had never been implemented for real data security.

Trustwave shows off an impressive copromise of RIG's admin servers at Black Hat 2015
Published in Shows and Events

In addition to seeing more than a few products and ideas during Black Hat and DEF CON we also had the chance to see something really cool from the team at Trustwave. This was not a product, but a chance to see the back end of the command and control servers for a new and improved version of the RIG exploit kit. To say that what they showed was impressive is an understatement.

If the barbarians are past the gates how do you protect your data from being looted? enSilo says they have a way
Published in Shows and Events

The one common thing that I keep hearing everyone talk about at Black Hat and even DEF CON is how to protect your data. It is pretty much a given that if someone wants to get into your network they are going to get in. The number of flaws, vulnerabilities and compromises that are out there are simply too many to protect against. So there needs to be some other method to make sure that any sensitive data that you have is keep out of the hands of the “bad guys”. There are many suggestions about this, but most of them still try to do the same things stop the barbarians at the gate.