The cloud, IoT, vendors and security: things that do not go together.
Published in Editorials
This is not the first time that I have spoken out about cloud computing (internet based, or the Internet of Things and the way they are impacting the ability to secure a network. It is also not going to be…
08 October 2015
Rate this item
(0 votes)

NETGEAR drops the WAP720 with Ensemble Mode. We take a look Featured

WiFi is one of those services that people simply expect to see these days. When you walk into just about any public building you are going to start looking for the “free” WiFi that they have. Most people do not stop to think about that that looks like behind the scenes especially when you are in a smaller business. In a large business you have multiple wireless access points (WAPs) that are run by a central controller. This centralized control system makes it relatively simple to control both the business side and the guest side of the wireless network. These tools can be very expensive and out of the budget range for most small companies. Instead a small business will end up with either an edge device with built in wireless (and really bad service), a single WAP or multiple individual WAPs that need to be managed independently and have their own problems.

Potential New Exploit found in OpenSSL gets around latest hotfix
Published in News
It seems that someone may have found a way around at least one of the latest hot fixes for OpenSSL. According to some talk around the darker places on the internet, a rehash of metadata can allow a malicious individual…
28 September 2015
Rate this item
(0 votes)

Possible Breach At Hilton Highlights PoS Risk

Just when you thought it was safe to use your credit card we are hearing rumblings of a breach at Hilton. According to Brian Kerbs and some of our own sources a payment card breach has taken place and the…
Hackers using unencrypted satellite communication to hide C&C servers
Published in News
Security and malware research company, Kaspersky has recently released a paper describing what they say is the “ultimate level of anonymity” used by any malicious hacking group. In their report they describe a new attack by the group Ouroboros as…
Concerns about an EA Origin Breach Pop Up After a Round of Password Reset Emails Go Out
Published in News
There are rumblings on the internet that all might not be well with EA after a round of password reset notices appear to have been sent out on Sunday (8-13-2015). EA does not give a specific reason behind the reset…
The life of a security researcher is not all beer and pizza. In most cases the days are long and very few seem to appreciate what you are doing. From the stand point of a security researcher they are the…
Last year at Black Hat USA 2014 we met up with a company that was looking to make some changes in the way we protect our data, Ionic Security. The concept was very simple, but the implementation was sure to…
In addition to seeing more than a few products and ideas during Black Hat and DEF CON we also had the chance to see something really cool from the team at Trustwave. This was not a product, but a chance…
The one common thing that I keep hearing everyone talk about at Black Hat and even DEF CON is how to protect your data. It is pretty much a given that if someone wants to get into your network they…
Have you ever lost your keys and had that moment of panic where you are not sure who might have them? This is not a good feeling. You do not know if someone has them and might use them to…
One of the truths in security is that while an attacker can stay hidden they can continue to operate. In short, if you do not know about something, there is nothing you can do. Now you would think that this…
For a while now (many years actually) I have argued that the rush to turn everything into a techno-gadget has been irresponsible and dangerous. However, companies that are looking into the “Internet of things” simply do not care. They see…
AMD looking to HBM2 for their Artic Islands GPUs
Published in News
Although much of the press surrounding AMD at the moment is focused on their lackluster earnings for Q2, there is some potentially good news from them. AMD’s dive into the use of High Bandwidth Memory is going to continue with…
Last year during DEF CON 22 we saw a demonstration of a UEFI root kit that was extremely worrying. This root kit was installed using a multipart systems to infect the UEFI BIOS in such a way as to grant…
After multiple 0-days, many call for Flash to go away
Published in News
After three spate 0-day vulnerabilities are found in your product you can pretty much expect the market to call for you go away. This is the situation that Adobe is in right now. After fighting to their little slice of…
Although it will not come as a surprise, there seems to be yet another bug in Adobe’s flash player that allows for an attacker to potentially take control of a system by forcing a crash of the application. According to…
Hacking Team's Spyware source code released to the wild after Hack
Published in News
The Italian Security firm Hacking Team is now admitting that their spying software is potentially in the hands of bad guys. After a hack that saw roughly 400GB of company information liberated from their systems they have been monitoring what…
Cross-Site Scripting Flaw found in US ID Protection Company LifeLock's site
Published in News
Irony is one of those things that is not appreciated by security guys. They do not find humor in it nor do they enjoy it when someone points an ironic situation involving them out. This has to be the case…
When you use a search engine like Yahoo or Google you expect to get relevant results for your efforts. In many cases this does really happen, but often times we enter what we are looking for and find very little…
Cisco SSH key bug in virtual security appliances leads to some questions
Published in News
Cisco has acknowledged (and released patches for) a fairly serious security bug in three of their virtual appliances that, oddly enough, are related to security. The three products in question are the Cisco Web Security Virtual Appliance, the Email Security…
Over the course of its development there has been a lot to like about Windows 10. There seems to be a good blend of the traditional Windows desktop with some of the touch-centric features that Microsoft tried to force in…
When Microsoft and Sony announced the move to x86-64 based gaming consoles some (pronounce that many) in the gaming community were more than a little annoyed that they would not be able to play their older games. Both companies hoped…
The term privacy has come to mean a great many things in the last few years. To some the idea of privacy is being able to do or say certain things without the fear of anyone finding out. Most people…
During pre-show events at E3 Bethesda decided to release information about a few games including Dishonored 2, Fallout 4 and DOOM. All three of these games have been staples in the gaming community for a number of years and all…