DecryptedTech Feed (3878)
Wednesday, 16 August 2023 14:38
Hacker Summer Camp 2023 Recap and My Thoughts
Written by Sean Kalinich
Las Vegas – So Black Hat 2023 and Def Con 31 have come and gone, and while the exhaustion that comes from this epic combined event might not be completely gone, I am ready to give my thoughts on the…
Read 1372 times
Published in
Security Talk
Thursday, 03 August 2023 18:45
The Odd Duality of AI and its Unexpected Negative Impact on Cybersecurity
Written by Sean Kalinich
As we head into Hacker Summer Camp in Las Vegas, the emails are already flowing freely into my inbox. Some of them are the regular players that I see every year and others are new. Still more are people that…
Read 1286 times
Published in
Security Talk
Monday, 31 July 2023 13:31
June NPM Attack Attributed to North Korea in Recent Phylum Report
Written by Sean Kalinich
Hey, remember that supply chain attack on NPM that happened recently? Which one? Yeah, that is sort of the problem with recent supply chain attacks. In particular the ones that are targeting the development pipeline. This is because they are…
Read 861 times
Published in
Security Talk
Monday, 31 July 2023 11:48
Browser and App Pivots are part of the Problem, Seraphic looks to Address this with one Agent to Rule them All
Written by Sean Kalinich
If you look at common attack vectors and especially Initial Access Broker attacks, there are a few parts of the attack chain which stand out. These are the pivot through some form of communication/collaboration app to the phishing landing page.…
Read 1021 times
Published in
Security Talk
Friday, 28 July 2023 14:58
BreachForums finds themselves the Victim of a Data Breach and Data Leak
Written by Sean Kalinich
Using a famous idiom, it looks like the shoe is on the other foot as BreachForums has found themselves the victim of a data breach and release of data. The breach took place in November of 2022 and culminated with…
Read 1918 times
Published in
News
Monday, 24 July 2023 15:07
Open-Source Supply Chain Attack used in Campaign Targeting Banks
Written by Sean Kalinich
Supply chain attacks are all the rage right now (although certainly not new). These attacks are part of what appears to be a multi-pronged shift in the threat landscape. While attacks on the endpoint and users are still happening, we…
Read 1114 times
Published in
News
Friday, 21 July 2023 17:50
Recently Stolen Microsoft Account Signing Keys can be used to Abuse other Microsoft Identification Related Services
Written by Sean Kalinich
After a recent attack on Federal Civilian Execute Branch (FCEB) Agencies by an APT (Advanced Persistent Threat) group currently suspected of being a nation-state group from China, (whew that was a long start), It has come to the attention of…
Read 1299 times
Published in
News
Thursday, 20 July 2023 17:53
Cybersecurity needs to Stop Fighting the “Last War” as Attackers Pivot easily Between Vectors
Written by Sean Kalinich
When I was in the military, one of the things that I noticed was a massive reluctance to create new and unusual scenarios for war games. Instead, we always seemed to train for the last major combat theater. When going…
Read 663 times
Published in
Security Talk
Wednesday, 19 July 2023 16:55
The Art of Turning Strategic Goals into Reality for Cybersecurity and Why it is Important
Written by Sean Kalinich
One of the most frustrating things is to sit in on a C-Suite meeting and hear the lofty strategic goals presented for the company and for cybersecurity only to have them torn to pieces when you explain what those goals…
Read 969 times
Published in
Editorials
Tuesday, 18 July 2023 15:25
How to Start Building or Improving Your Cybersecurity Program
Written by Sean Kalinich
One of the most commonly asked questions in cybersecurity is “where do I start?” This common question shows just how overwhelmed many organizations are when faced with the reality of the threats that are out there. From ransomware to business…
Read 691 times
Published in
Security Talk
Tuesday, 18 July 2023 13:30
Mystery still Surrounds theft of MSA signing Key in recent FCEB Breaches
Written by Sean Kalinich
Last week Microsoft, the FBI, and CISA made disclosed several attacks on Federal Civilian Executive Branch agencies and other targets of a campaign that appeared to be driven by a new threat group out of China. The attack we detected…
Read 801 times
Published in
News
Thursday, 13 July 2023 14:57
BlackLotus UEFI Bootkit Source Coe Leaked Allowing Researchers and Threat Groups Alike to Review the Code
Written by Sean Kalinich
The UEFI (Unified Extensible Framework Interface) was the replacement for the old BIOS (Basic Input Output System). It was intended as an improvement to the underlying systems on a motherboard (also called mainboard) the motherboard controls communication between all components…
Read 627 times
Published in
News
Thursday, 13 July 2023 12:37
US Federal Civilian Executive Branch Agency’s Email Compromised by new Chinese APT Group
Written by Sean Kalinich
It seems that an unnamed FCEB agency had their Outlook Web Access (Exchange Online) environment compromised by a new threat group that is current being attributed to China. The attack and the group were disclosed by CISA and the FBI.…
Read 697 times
Published in
News
Thursday, 13 July 2023 11:36
Security Researchers are Still on Attacker Radar as new “POC” is Found to have Malware Inside
Written by Sean Kalinich
If I have said it once, I have said it a thousand times; attackers are cunning. The adage that attackers are lazy has nothing to do with strategic, tactical, or technical knowledge. They understand the landscape and, in many cases,…
Read 878 times
Published in
News
Tuesday, 11 July 2023 17:33
Policy Loopholes in Microsoft Windows used to Allow Forged Kernel-Mode Driver Signatures
Written by Sean Kalinich
Diver Signing requirements in Windows is a feature that is intended to help prevent the Windows Operating system from being compromised through malicious software posing as legitimate drivers. The policy was implemented way back in early versions of the 64-bit…
Read 851 times
Published in
News
Tuesday, 11 July 2023 13:31
Judge Says that the FTC did not Show Potential for Harm in their Request for a Preliminary Injunction
Written by Sean Kalinich
It seems the Judge in the case involving the FTC, Microsoft and Activision Blizzard thinks that the FTC failed to reach a sufficient threshold to prove harm in a request for a preliminary injunction. To some this is cause for…
Read 652 times
Published in
Game Thoughts