From The Blog
-
ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
Written by Sean KalinichAlthough the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that…Written on Tuesday, 19 March 2024 12:44 in Security Talk Read 347 times Read more...
-
Social Manipulation as a Service – When the Bots on Twitter get their Check marks
Written by Sean KalinichWhen I started DecryptedTech it was to counter all the crap marketing I saw from component makers. I wanted to prove people with a clean…Written on Monday, 04 March 2024 16:17 in Editorials Read 1266 times Read more...
-
To Release or not to Release a PoC or OST That is the Question
Written by Sean KalinichThere is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source…Written on Monday, 26 February 2024 13:05 in Security Talk Read 707 times Read more...
-
There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
Written by Sean KalinichIn what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled…Written on Thursday, 22 February 2024 12:20 in Security Talk Read 684 times Read more...
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 1904 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 1388 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 1835 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 1597 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 1605 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 116250 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 87093 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 81628 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 79996 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 70409 times Read more...
Secure Infrastructure in the distributed workplace Featured
Written by Sean KalinichThere was a time when the thought of secure infrastructure would bring items like properly configured IDS/IPS, Firewalls, Switches and Routers with hefty ACLs and 802.1x to mind. However, after Covid and even a bit before the traditional walled layout of the business network design was starting to become outdated. Remote workers and BYOD meant that not everyone could shelter safely inside the castle walls (not that they were safe before). Now IT and Security teams now had a much bigger area to observe and protect. The task becomes harder; much, much harder, but not impossible. The tools change and how you deploy, monitor, and update these tools also change. Let’s look at how to expand the concept of secure infrastructure into the modern distributed workforce.
All-in Vulnerability and Risk Management Featured
Written by Sean KalinichIt is a common belief that vulnerability management is nothing more than scanning and patching. However, as we have seen in many breaches and attacks, this is far from true. Vulnerability management is about understanding your organization and the risks it faces. Risks that an organization faces can include insider threats, public exposure, data leakage, improper configurations or safeguards, data integrity models, and quite a bit more. It is not enough to simply scan with a specific flavor of vulnerability scanner, it is a much larger effort and requires buy-in from every team and person in an organization.
Cylance PROTECT and the mystery of Script Control Featured
Written by Sean KalinichAs the title implies, we will be talking about Cylance PROTECT (now wholly owned by Blackberry). Our focus will not be on the inner workings, or any type of vulnerability. Our focus today will be all about Protect’s script control function and why many people do not enable it. If this sounds like a fun read, then you might be one of those security admins that have beat your head against the wall figuring out just how to get this working right in your environment.
Vendors - once again - rule the security world, especially in Health Care Featured
Written by Sean KalinichIt seems that is the time once again to talk about the relationship between software vendors and the security posture of different business verticals. Why are we beating this particular dead horse? Well with the Covid-19 Pandemic, the rush to shift to remote work force and an increase in attacker activity aimed at the remote workforce and healthcare you would think that there would be an increase level of effort to fix vulnerabilities in remote access and healthcare services software. If you thought that, you would be wrong. Instead during this time, we are seeing more software vendors pushing FDA as law and healthcare organizations even refusing opportunities to patch critical software. This on top of an extremely slow response to threat to the remote workplace.
As Work from Home Increases with COVID-19 Cases are We Looking at a Playground for Threat Actors? Featured
Written by Sean KalinichIn December 2019 a new virus was detected in Wuhan China, this virus (COVID-19 or the Coronavirus) has spread rapidly through out China and the rest of the world. With its apparent ease of transmission and difficulty in detecting (early stages can look like the Flu), many companies are looking into allowing employees to work from home more in an effort to slow down the spread of this potentially deadly virus. The question is, are these companies really ready to have so many people connecting in from home, or are we potentially opening or a massive hole that threat actors are bound to exploit.
With More and More Hardware Flaws Found, How Will the Security Industry Respond? Featured
Written by Sean KalinichThe IT Security industry has spent billions of dollars on software to keep you “safe” from malware and attackers. Whether that money was spent in marketing or actual product improvement is up for debate. Still the fact remains that each year we hear about new advances that can keep you and your systems safe from Malware and or threat actors. Almost all of these systems rely on software to do their job and in most cases cannot even see beyond the OS they reside on. This focus has caused the development of a massive blind spot, hardware-based attacks.
New Tech, Stale Tech, and the Diminishing Security Skill Set Featured
Written by Sean KalinichAlthough not a new subject here at DecryptedTech we thought it was time for us to dive into three of serious issues in the security world (out of many). The three we are covering today are emerging technologies, stale technologies and how the security, and IT, skill set seems to be diminishing. All three are cause for concern and often seen as at least contributing factors in breaches. What make this more interesting is that in many cases the three are connected.
When updates go wrong, horribly wrong Featured
Written by Sean KalinichWhen you think about operating system updates you probably do not think about the security team. Sure, there are security patches and such, but those are on the operations team and not really pushed out by the security team. Well, that is when they are done properly by the OS vendor.
We take a look at the Pico Pro Home Brewing Machine Featured
Written by Sean KalinichTechnology has brought us a ton of interesting and fun devices. We have smart phones, Smart TVs, Wireta… I mean home personal assistants and even home automated brewing systems. The latter is going to be the subject of our review toady. The concept of home brewing is not new at all. People have been spending lots of money to boil grain (and adding hops) to ferment it into the magnificent substance we call beer. However, boiling grain and inserting hops into your different mash stages can be both boring and time consuming for many. Enter IoT and the concept of the connected device. Beer enthusiasts realized that they could use a certain level of technology to pre-program temperature, mash time, bittering etc. all into a computer and push that information to the cloud. There are a few products on the market that fit this bill, today we will be looking at one of the more popular and efficient systems, the Pico Pro. The Pico Pro is not new technology, but I felt it was time to take look at this from both a “it makes beer” and a technology perspective.
The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out Featured
Written by Sean KalinichWhen Red Digital Cinema first announced they were looking to build a phone many people were very interested. The idea that the company who turned the world of cinema cameras on its head taking on the stagnant world of smartphones with mediocre cameras was a big one. Sadly, after the announcement there were significant delays for the new device. Happily, for the rest of the smartphone world, newer generations of cameras and camera software began to up their game on what we can do with our smartphone cameras. Still, this is Red we are talking about here, so despite these advances they were sure to have a significant product. If you read most of the “reviews” out there you would not think that was the case. Personally, I was not deterred by the reviews as most of them came off as incomplete. I decided to take it for a spin, but not a quick 15 minutes, but a 30-day plus test run including taking it around to get reactions from other people. So, with that in mind, let’s see what we found.
More...
Dell and others move to disable Intel's Management Engine
Written by Sean KalinichIt seems that PC makers are not happy with the Intel’s Management Engine (IME) and the flaws that keep being found in it. The original flaw allowed attackers a clean way to compromise a system including uploading malware and exfiltrating data. This could be done in a way that bypassed most security systems and even allowed for tampering with the UEFI BIOS if the attacker was sophisticated enough. To their credit, Intel did warn people and manufacturers about this and patched it fairly quickly. The problem is, now that the cat is out of the bag about one flaw; there are sure to be more.
Root7 Pink Himalayan Salt Shot Glasses Up on Test Bar... Featured
Written by Sean KalinichEvery now and then, we get a chance to take a look at something that is a little outside of the tech world. A few months ago as I was contemplating a vlog series entitled “Bits, Bytes and Beer”; we received a very cool package in the mail. It was a set of shot glasses made from Himalayan Pink Rock Salt. It seemed a very fortuitous product to hit our lab and one that we certainly want to go into detail on now. So, let’s take a quick look at the Root7 Pink Himalayan Rock Salt shot glasses.
Voice is an often overlooked big threat vector as phone fraud rises – part I Featured
Written by Sean KalinichDef Con 25, Las Vegas, NV –
Your phone rings and you check the number as a precaution against marketing calls and it looks like it is from your office. The voice on the other end says that there is an issue on the network and they need your assistance to troubleshoot. The person is calm, friendly and helpful so you agree to assist. By the time it is all done you have in advertently given away vital information about your network to a potential attacker.
Illusive Networks says that deception everywhere is the way to go Featured
Written by Sean KalinichBlack Hat 2017, Las Vegas, NV -
When an attacker gains a foothold in a network the first thing they need to do is learn the lay of the land. They have done some research on the target to gather information about possible systems they might encounter. In reality, they do not truly know what is going on. They are likely to have hit an exposed system with little true access into the good parts of the network. They are going to need to check shares, network connections and also scrape memory for and stored credentials. With these in had they begin the process of moving around the network and building their map of the target environment.