From The Blog
-
ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
Written by Sean KalinichAlthough the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that…Written on Tuesday, 19 March 2024 12:44 in Security Talk Read 715 times Read more...
-
Social Manipulation as a Service – When the Bots on Twitter get their Check marks
Written by Sean KalinichWhen I started DecryptedTech it was to counter all the crap marketing I saw from component makers. I wanted to prove people with a clean…Written on Monday, 04 March 2024 16:17 in Editorials Read 1591 times Read more...
-
To Release or not to Release a PoC or OST That is the Question
Written by Sean KalinichThere is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source…Written on Monday, 26 February 2024 13:05 in Security Talk Read 1125 times Read more...
-
There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
Written by Sean KalinichIn what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled…Written on Thursday, 22 February 2024 12:20 in Security Talk Read 1100 times Read more...
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 2144 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 1870 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 2141 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 2110 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 1903 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 116533 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 87518 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 82058 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 80344 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 71011 times Read more...
Displaying items by tag: Gmail
Google’s Verification Feature in Gmail already Abused by Scammers and Phishers
The news that a feature in Gmail that shows a verification check mark for a sender is being abused by attackers should come as a surprise to no one. After all attackers have coopted, code singing certificates, legitimate web sites, and more as part of their attack processes, why wouldn’t a simple blue check mark be difficult? The new feature was introduced last month and, on the surface, looks like a great idea. Show that the sender of an email is who they say they are.
Google's Email Encryption Efforts are Little More Than Window Dressing Until Laws are Changed
A couple of days ago Google started pushing encryption for e-mail. No, we are not talking about the typical https connection required for Gmail. We are talking about actually encryption of email as it moves from server to server using TLS (Transport Layer Security). In simplest terms this method creates connections between servers using a secure tunnel to each other for the purposes of transmitting the message. Once the message has been passed to the destination server the tunnel closes. However, despite the length of time TLS has been around not many companies use.
New update for Android version of Gmail
Users who do not want or simply do not have enough room on their Android devices for attachments that they received via Gmail service, can now save their attachments via new options. The new version of the Gmail application for Android devices will be able to directly store attachments received via Gmail in Google's data storage service - Google Drive.
Gmail is testing a new interface
A few users noticed that Google is testing a new interface for its popular Gmail service. Good people from Geek.com have snagged a few screenshots from the test phase of the new website, and have shared them with the public.
Improved Gmail for Android
Users of Gmail Android app until now could sent as an attachment only photos and videos, but with the new version 4.7 Google has finally allowed sending of other file types. The new version of Gmail allows sending of zipped files which can also now be downloaded directly to the Android device.
Google and Amazon Drop Offline in the Same Week...
In life, there are many things that we all take for granted. These are everyday things that always just seem to be there and are only conspicuous when they are absent. In the last week two of these items have shown that they are not as enduring as many might have thought. Google and Amazon have both had major outages to their services that impacted internet traffic. These two mysterious outages have caused some concern about the reliability of both companies as well as the possibility of a larger issue (perhaps a potential attack). However, neither Google nor Amazon are coming clean about these incidents making many even more nervous.
Google Says Gmail Users Have No Reasonable Right to Privacy
Google has made the statement that users of Gmail not only have consented to any electronic snooping and scanning of their communication, but have no reasonable expectation that their mail will remain private anyway. The revelation comes through a brief filed by Google to dismiss a data-mining suit against them. In it they describe the act of sending email through their services as if you are handing your letter to someone else. They seem to forget that letters are processed by the post office (or other carrier) and during transit cannot legally be opened. This makes the analogy very inaccurate indeed.
Google's second quarter
Google has announced their financial results for the second quarter of 2013. They reported total revenues of $14.11 billion (an increase of 19% compared to the same period last year), of which $12.1 billion came directly from advertising services. Operating profit was also impressive, $3.23 billion U.S. dollars, compared to 2.79 billion from the last year.
Gmail introduces inbox tabs
As they say on Google's official blog, every day our inboxes are bombarded with different types of emails - messages from friends, notifications from social networks, newsletters, automated email which serve to confirm the registration on a web site, etc.
Gmail forces switch to a new message editor
Google wants to force all new users upgrade to the new (well, now is not so new) message editor in Gmail. For those who have not (willingly) switched to the new editor, in the next few days they will be moved to a new editor force, if they have not already. During that transfer Gmail will walk them through a short course where they explain where they can found all the things they use.