From The Blog
-
ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
Written by Sean KalinichAlthough the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that…Written on Tuesday, 19 March 2024 12:44 in Security Talk Read 655 times Read more...
-
Social Manipulation as a Service – When the Bots on Twitter get their Check marks
Written by Sean KalinichWhen I started DecryptedTech it was to counter all the crap marketing I saw from component makers. I wanted to prove people with a clean…Written on Monday, 04 March 2024 16:17 in Editorials Read 1544 times Read more...
-
To Release or not to Release a PoC or OST That is the Question
Written by Sean KalinichThere is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source…Written on Monday, 26 February 2024 13:05 in Security Talk Read 1087 times Read more...
-
There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
Written by Sean KalinichIn what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled…Written on Thursday, 22 February 2024 12:20 in Security Talk Read 1049 times Read more...
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 2107 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 1825 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 2097 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 2073 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 1854 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 116500 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 87421 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 81970 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 80288 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 70938 times Read more...
Microsoft Says Ads in Windows 11 File Explorer Were Not Meant for Us to See
Written by Sean KalinichYesterday we reported that insider builds of Microsoft’s Windows 11 were displaying ads for other Microsoft services inside File Explorer. Like most people, we felt this was not a good thing and the news went around the internet at a pace typical of things that are bad. In response to this Microsoft release a statement saying, “This was an experimental banner that was not intended to be published externally and was turned off,” Basically the marketing equivalent of a 5-year-old saying they got the cookie for you.
Phishing Campaign Targeting Ukraine uses Fake AntiMalware Update
Written by Sean KalinichUkrainian Security Officials are warning of an active phishing campaign. The campaign involves emails that impersonate government agencies and include links to what appear to be critical security updates. The payload of the campaign delivers Cobalt Strike and a few other things to complete the set and compromise the computer.
Microsoft Testing Ads in File Explorer as Part of Preview Builds of Windows 11
Written by Sean KalinichMicrosoft, famous for bad marketing moves, is looking to make another one. In this case the mistake has not hit the general public but is in a preview build of Windows 11. The mistake is shoveling ads to people for other Microsoft products as part of the Windows File Explorer. To say that this move caused some concern with testers is a bit of an understatement. Some even called it “one of the worst places to show ads”
The Slippery Slope of Censorship Happening Around the Russian Invasion of Ukraine
Written by Sean KalinichThe internet is a great thing. It has allowed peoples of different nations and geographical locations to meet, talk, share information and ideas. The massively connected world we live thanks to the internet is one where information of all kinds is literally at our fingertips. Hovering over all these good things has always been the shadow of censorship, control and digital spying. It has also given rise to crime on a massive scale, multiple new types of bullying, harassment, and assault. Still the idea of massive censorship and information control is one that most would agree is a bad thing.
Why the ZuckerVerse is not the Wonderful Thing Some Might Think it is
Written by Sean KalinichThe concept of an immersive virtual reality world is one that is often talked and written about. It also has been the subject of several movies. When it is the topic of books and movies, it is rarely a good thing. So, when we hear about the creation of a fully immersive world, we view it with a healthy bit of skepticism. Especially when the person behind it is Mark Zuckerberg and his company, Facebook. You might ask why, and there is an easy answer. Facebook ceased being a communication platform a very, very long time ago and is now nothing more than a way to collect information and push ads.
DuckDuckGo Makes Changes after Increased Pressure from US Lawmakers
Written by Sean KalinichDuckDuckGo, the privacy-focused search engine and browser company, has come under a lot of negative press recently and now are facing pressure from the US government. They have already been labeled as a search engine for “conspiracy theorists” by many media outlets despite not really catering to any one group of people. The reality of the search engine is that it is attractive to people that are not happy with increased data collection from groups like Google, Facebook, and many, many others. A benefit of this is that, until now, DuckDuckGo has also not altered or censored search results based on current political motivations or narratives.
New Report Shows WordPress Sites leave 30% of Critical Vulnerabilities Unpatched.
Written by Sean KalinichEmotet’s Comeback Shows no Sign of Slowing as Bot Number Exceeds 100,000
Written by Sean KalinichEmotet, (not to be confused with Imhotep the ancient Egyptian Polymath) was originally identified in 2014 and quickly became one of the top threats of the decade. After an early start as a banking trojan, the group amassed a huge number of bots that it was able to leverage to execute attacks on targets. This bot infrastructure was then sold as a service to other groups as part of a malware-as-a-Service model. The prevalence and reach of Emotet was enough that in early 2021 the global law enforcement and cyber security community targeted Emotet’s infrastructure and people that had been identified as part of the group. It was a significant hit to the organization.
16 New Vulnerabilities Found in HP UEFI Firmware Implementations by Binarly
Written by Sean KalinichThe Security Group Binarly has disclosed 16 high-severity vulnerabilities in different implementations of UEFI firmware in HP Enterprise devices. The list of affected devices includes Laptops, Desktops, POS (point-of-sale) and edge computing nodes. The vulnerabilities range in severity from 7.5 to 8.8 putting them square in the high-severity range. The discovery also may affect additional manufacturers via a reference code match that has led to AMD’s firmware driver (AgesaSmmSaveMemoryConfig). This AMD reference code means that some vulnerabilities may exist across the entire computing ecosystem.
Another Linux Kernel Bug Found that can allow an Unauthenticated user Root Privileges
Written by Sean KalinichLinux, often thought of as a more secure alternative to Microsoft, has not had an easy year. We have seen vulnerabilities that affect the iSCSI subsystem, the Extended Berkeley Packet Filter, the Polkit pkexec component bug and now two Kernel bugs. The latest one, dubbed “dirty pipe” It is a method that could allow a “local” user to overwrite read-only files including SUID flies.
More...
Supply Chain Vulnerabilities Found in 150 Devices Spanning Multiple Industries Dubbed Access 7
Written by Sean KalinichSupply chain attacks are always a concern when it comes to device manufacture and distribution. If an attacker can compromise a part of the supply or management chain, they can affect a large part of the market with relatively minimal effort. The SolarWinds supply chain attack is a perfect example of this type of attack that successfully compromised multiple businesses with only one real “attack”. Now security researchers have disclosed a new group of vulnerabilities in PTC’s Axeda software that allow them to attack the devices after distribution.
Google Announces Plans to Buy Mandiant for $5.4 Billion in Cash
Written by Sean KalinichIn early February, rumors about a potential acquisition of Mandiant by Microsoft started to circle the internet. The response was not positive with many feeling that it was allowing the fox to run the chicken coop. Although unpopular the rumor did make sense on a few levels. However, regardless of whether the rumors were true or not, Microsoft is not buying Mandiant; Google is. Yes, Google is scooping up Mandiant for a cool $5.4 Billion.
Samsung Confirms Breach and Theft of Source Code
Written by Sean KalinichEarlier today we reported that the same group that hit NVIDIA and stole source code along with employee logins also hit Samsung and stole around 190GB of source code data related to how galaxy mobile devices operate. The data, according to the Lapsus$ group, covers the bootloader for the trust zone and trusted apps, how galaxy devices encrypt data and other code operating fundamentals.
Firefox Users Urged to Update to Version 97.0.2 over two Use After free Vulnerabilities Found Exploited in the Wild
Written by Sean KalinichMozilla is urging users to update to the latest version of Firefox after two vulnerabilities (CVE-2022-26485 and CVE-2022-26486) have been found to be actively exploited in the wild. Both vulnerabilities are listed as use-after-free vulnerabilities. This type of vulnerability relies on issues in determining which part of an application is responsible for cleaning up used memory. By leveraging this an attacker can set up a situation where they can re-use a part of memory that was freed up by a legitimate process.