From The Blog
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 711 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 348 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 700 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 515 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 643 times Read more...
-
Leaked Data from Duolingo incident Shows US is most Impacted
Written by Sean KalinichDuolingo, is a language learning site (not to be confused with an LLM) and has a very large base of users. The site is a…Written on Tuesday, 29 August 2023 19:12 in Security Talk Read 1064 times Read more...
-
We talk about the Ransomware Threat Landscape with SecureWorks at Black Hat 2023
Written by Sean KalinichBlack Hat 2023 – Las Vegas, NV – One of my personal focuses is understanding the “Why” behind changes in the threat landscape. In simple…Written on Tuesday, 29 August 2023 18:26 in Security Talk Read 573 times Read more...
-
Now Patched Flaw Leverages Abandoned Reply URL found in Entra ID allows for Privilege Escalation
Written by Sean KalinichMicrosoft has not been having the greatest of months. First it was identified that a stollen MSA signing key was used by a Nation State…Written on Monday, 28 August 2023 15:39 in Security Talk Read 1290 times Read more...
-
Qrypt Looking to Attack the Inefficiencies in Quantum Encryption to make Quantum Secure Communication a Reality Today
Written by Sean KalinichBlack Hat 2023, Las Vegas – At Black Hat one of my favorite things to do is see what the latest buzzword(s)/phrases are. One of…Written on Monday, 28 August 2023 12:53 in Security Talk Read 787 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 115430 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 85199 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 79535 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 78507 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 68346 times Read more...
Understanding How, and When, to Spend on Cybersecurity is a Lost Art
Written by Sean KalinichOne of the things that has always confused me is how often a business will look at and spend on revenue generating and very little on revenue maintenance. Every budget year you see money thrown at expansion, new tools or software that bring in more money and I get it. You have to earn to keep the lights on. However, you also need to ensure that you can keep what you earn. Think about it like this, if you have a business and it only takes cash you would not just leave the cash laying around for anyone to take. No, you would invest in a secure place like a safe to keep it. This concept also involves modern “digital” businesses, but we just are not seeing them spend any money on the safe.
Try2Check Dismantled by Authorities, $10M Reward Posted for its Creator
Written by Sean KalinichThere you are doing your stollen credit card number shopping, like you do every Sunday. You come across a big batch of them, and the deal seems good. How do you know these things are real? I mean this isn’t exactly Amazon with reviews and a return policy. This is a dark web marketplace. The answer to your dilemma is to use a card checking service. One of, if not the, most popular services on the darker side of the web was Try2Check. I say was since this system was taken down by the US Government this week in what has been described as a multi-national operation.
The other day while wading through the sludge that is the internet, I stumbled across a poll on Twitter asking the binary question “Who do you trust more with AI; Bill Gates or Elon Musk?” This led to a fun few hours diving deeper into that particular rabbit hole. I stumbled across articles where Bill Gates talks about AI via interviews as well as some interviews of Elon where he disparages Gates’ grasp on AI. Like I said, fun.
Double DLL Sideloading, it’s a Thing as Attackers Grow More Sophisticated
Written by Sean KalinichDLL sideloading is a common technique for attackers to use when getting their malware in place and has been in use since around 2010. Simply put your malicious DLL in the same directory as the application and Windows in all its helpfulness loads it first instead of the legitimate one that might be in another directory. This method is also referred to as DLL search order hijacking. With the age of this technique and advances in EDR/MDR its usefulness has decreased.
Level Finance Crypto Finds Out Passing an Audit is not Security the Hard Way
Written by Sean KalinichThere is an old adage that says compliance is not a substitute for security. You can check all the compliance check boxes, pass audits, and still end up with an insecure environment. Level Finance Crypto found this out the hard way after they were hacked due to a vulnerability in how some of their smart contracts were set up, despite passing more than one IT Security Audit.
ChatGPT Might get a Private Option for Business According to Microsoft
Written by Sean KalinichA recent incident where ChatGPT users at Samsung unknowingly exposed sensitive data via ChatGPT has raised concerns in multiple industries. The banking and finance industry saw several companies put a stop on the use of ChatGPT and certain regulators began investigating how its use could leak PII, or other financial information. To combat this new obstacle to business adoption, Microsoft is looking to offer a private business model which would exclude user input from being used to train the LLM.
The Dangers of AI; I Think I Have Seen this Movie Before
Written by Sean KalinichIf you are a fan of science fiction movies, then you have probably seen multiple movies where an AI (Artificial Intelligence) has gone mad and decided that humankind needed to be eradicated. Everything from the Terminator series, through to the Matrix warns us of the dangers of creating something that is smarter and more powerful than ourselves. Of course, these are works of fiction, but they do represent an understanding of humankind’s hubris when it comes to creating artificial intelligence.
T-Mobile’s History of Data Breaches Comes up as the Second Breach of 2023 is Announced
Written by Sean KalinichT-Mobile has disclosed their second breach of 2023. According to the mobile provider a threat actor gained access to their systems in February and was not detected until March. This allowed the attacker access to a small amount of customer data, 836 records. T-Mobile is stating that the data did not contain financial information, but it did contain enough Personally Identifying Information (PII) that the affected customers are exposed to identity theft.
Over Regulation and the Laws of Diminishing Returns in Cybersecurity
Written by Sean KalinichAlthough not a new story the recent revelations around the CFPB (Consumer Financial Protection Bureau) data breach are very important. This incident is one of those times when you can either learn an important lesson, or you can ignore it and walk into a much bigger shitshow. The outcome of this one is something that only time will tell, but it is not something that anyone should just ignore.
Black Hat 2022, Def Con 30 and the Return to Vegas
Written by Sean KalinichAfter a three-year absence from Hacker Summer Camp, I finally returned to Vegas. Two of those years were related to Covid of course. However, three years is a long time to be out of the environment and the craziness that is both Black Hat and Def Con. To say I was excited to return to Vegas and everything that both cons have to offer would be an understatement. Both cons have their place in what I do here at DecryptedTech, but it was more than just the articles and conversations about security that I enjoy, it is getting to catch up with people I only see during the con and also the prospect of meeting new people and developing new relationships.
More...
Attackers are Actively Exploiting Recent Vulnerabilities Found in F5 BIG-IP
Wiley SikesThis one goes in the “this is why patching is important” file and highlights the need to be able to quickly apply patches for critical flaws found in different devices and software. After the disclosure of a critical vulnerability tracked as CVE-2022-1388 (CVSS 9.8) that was identified in multiple versions of F5’s BIG-IP operating system complete with patches last week. We have already seen researchers develop POC code for it and now hear that attackers are actively exploiting the flaw in the wild.
New Advanced Fileless Malware Found Using Windows Event Logs
Written by Sean KalinichWhen most people think of malware, they think of binaries that are downloaded to a drive and executed. However, that is only part of the malware world. The other side does not actually download the malicious binary directly to the drive and often injects it directly into memory though the use of scripts. The name fileless is a bit of a misnomer as there are always files to be found in different stages of the attack, it is more to the point that much of the malicious work is doe through injection of code into legitimate processes without the need to write much of it to disk.
Ukrainian Hacktivists Hit Russia Where It Hurts, Alcohol.
Written by Sean KalinichIts seems that the efforts of Ukrainian hacktivists have decided to focus their efforts on a new and interesting target. In addition to other strategic targets, they have gone after one of the central portals for Russian alcohol distribution. The attack is currently manifested in the form of a distributed denial of service attack(s) targeting the portal to render it inaccessible. This means that distillers and distributors of alcoholic beverages are not able to get their products into consumers hands.
Another Bug Found in Android, This One Actively Exploited
Written by Sean Kalinichin the wild. The patch for this bug is one of 37 that are part of the monthly security release which covers multiple components in the popular mobile OS. This comes at a time when mobile banking malware is on the rise and there are also concerns around threat groups targeting phones to compromise them for use in MFA request responses.