Sean Kalinich

Sean Kalinich

New Tech, Stale Tech, and the Diminishing Security Skill Set
Published in Editorials

Although not a new subject here at DecryptedTech we thought it was time for us to dive into three of serious issues in the security world (out of many). The three we are covering today are emerging technologies, stale technologies and how the security, and IT, skill set seems to be diminishing. All three are cause for concern and often seen as at least contributing factors in breaches. What make this more interesting is that in many cases the three are connected.

When updates go wrong, horribly wrong
Published in Editorials
Monday, 04 February 2019 12:07

When updates go wrong, horribly wrong

When you think about operating system updates you probably do not think about the security team. Sure, there are security patches and such, but those are on the operations team and not really pushed out by the security team. Well, that is when they are done properly by the OS vendor.

We take a look at the Pico Pro Home Brewing Machine
Published in Gadgets

Technology has brought us a ton of interesting and fun devices. We have smart phones, Smart TVs, Wireta… I mean home personal assistants and even home automated brewing systems. The latter is going to be the subject of our review toady. The concept of home brewing is not new at all. People have been spending lots of money to boil grain (and adding hops) to ferment it into the magnificent substance we call beer. However, boiling grain and inserting hops into your different mash stages can be both boring and time consuming for many. Enter IoT and the concept of the connected device. Beer enthusiasts realized that they could use a certain level of technology to pre-program temperature, mash time, bittering etc. all into a computer and push that information to the cloud. There are a few products on the market that fit this bill, today we will be looking at one of the more popular and efficient systems, the Pico Pro. The Pico Pro is not new technology, but I felt it was time to take look at this from both a “it makes beer” and a technology perspective.

The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
Published in Gadgets

When Red Digital Cinema first announced they were looking to build a phone many people were very interested. The idea that the company who turned the world of cinema cameras on its head taking on the stagnant world of smartphones with mediocre cameras was a big one. Sadly, after the announcement there were significant delays for the new device. Happily, for the rest of the smartphone world, newer generations of cameras and camera software began to up their game on what we can do with our smartphone cameras. Still, this is Red we are talking about here, so despite these advances they were sure to have a significant product. If you read most of the “reviews” out there you would not think that was the case. Personally, I was not deterred by the reviews as most of them came off as incomplete. I decided to take it for a spin, but not a quick 15 minutes, but a 30-day plus test run including taking it around to get reactions from other people. So, with that in mind, let’s see what we found.

Dell and others move to disable Intel's Management Engine
Published in News

It seems that PC makers are not happy with the Intel’s Management Engine (IME) and the flaws that keep being found in it. The original flaw allowed attackers a clean way to compromise a system including uploading malware and exfiltrating data. This could be done in a way that bypassed most security systems and even allowed for tampering with the UEFI BIOS if the attacker was sophisticated enough. To their credit, Intel did warn people and manufacturers about this and patched it fairly quickly. The problem is, now that the cat is out of the bag about one flaw; there are sure to be more.

Root7 Pink Himalayan Salt Shot Glasses Up on Test Bar...
Published in My Ramblings

Every now and then, we get a chance to take a look at something that is a little outside of the tech world. A few months ago as I was contemplating a vlog series entitled “Bits, Bytes and Beer”; we received a very cool package in the mail. It was a set of shot glasses made from Himalayan Pink Rock Salt. It seemed a very fortuitous product to hit our lab and one that we certainly want to go into detail on now. So, let’s take a quick look at the Root7 Pink Himalayan Rock Salt shot glasses.

Voice is an often overlooked big threat vector as phone fraud rises – part I
Published in Shows and Events

Def Con 25, Las Vegas, NV –
Your phone rings and you check the number as a precaution against marketing calls and it looks like it is from your office. The voice on the other end says that there is an issue on the network and they need your assistance to troubleshoot. The person is calm, friendly and helpful so you agree to assist. By the time it is all done you have in advertently given away vital information about your network to a potential attacker.

Illusive Networks says that deception everywhere is the way to go
Published in Shows and Events

Black Hat 2017, Las Vegas, NV -
When an attacker gains a foothold in a network the first thing they need to do is learn the lay of the land. They have done some research on the target to gather information about possible systems they might encounter. In reality, they do not truly know what is going on. They are likely to have hit an exposed system with little true access into the good parts of the network. They are going to need to check shares, network connections and also scrape memory for and stored credentials. With these in had they begin the process of moving around the network and building their map of the target environment.

CloudPassage Looks to secure your entire cloud infrastructure
Published in Shows and Events

Black Hat 2017, Las Vegas, NV -
The cloud has become one of those buzz words that people like to use when they want you to put your data or workloads on someone else’s computers and network. Amazon Web Services (AWS), Microsoft Azure, and some lesser known systems. The problem is that once you put your information into their network there is a lot that you have to do to ensure that your information or workloads are secure. Amazon, Microsoft and others are only going to take security so far for you and that leave you vulnerable.

Vera jumps into the document control market with both feet
Published in Shows and Events

Black Hat USA 2017 – Las Vegas, NV
Three years ago we talked with a company that had something of a change in thought process on how to protect your data. Instead of building bigger walls they wanted to make the items behind those walls unusable to anyone that did not actually have access to them. This year at Black Hat we have talked with multiple companies that have the same, or a similar idea. One of the companies we talked to about this is Vera. Vera is another in a growing group of companies that understand that the traditional security posture is just not enough.