From The Blog
-
ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
Written by Sean KalinichAlthough the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that…Written on Tuesday, 19 March 2024 12:44 in Security Talk Read 689 times Read more...
-
Social Manipulation as a Service – When the Bots on Twitter get their Check marks
Written by Sean KalinichWhen I started DecryptedTech it was to counter all the crap marketing I saw from component makers. I wanted to prove people with a clean…Written on Monday, 04 March 2024 16:17 in Editorials Read 1569 times Read more...
-
To Release or not to Release a PoC or OST That is the Question
Written by Sean KalinichThere is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source…Written on Monday, 26 February 2024 13:05 in Security Talk Read 1103 times Read more...
-
There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
Written by Sean KalinichIn what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled…Written on Thursday, 22 February 2024 12:20 in Security Talk Read 1074 times Read more...
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 2123 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 1842 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 2114 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 2091 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 1879 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 116518 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 87453 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 82009 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 80320 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 70967 times Read more...
Did Intel Repond to Threadripper, or just to Ryzen in General?
Written by Sean KalinichComputex 2017 is done, the hangovers are pretty much gone, and what do we have to show for it? Well… we have a new fight for fanboys and review sites alike to talk about. This is the fight between AMD’s Threadripper and Intel’s New X series CPUs. The crux of the argument is that Intel’s 18 Core i9 with 44 PCIe lanes is a reactionary move to a leak of Threadripper’s specifications.
This is going to be a little bit of a departure from how we would normally approach covering specific technology. Instead of addressing the state of hardware based on what we have actually worked with, we are going to look at VR from the standpoint of a consumer looking to buy for the first time. There are a couple of reasons to do this; the first is that we do not have either an Oculus Rift, HTC Vive or any other PC based VR technology. We do have the Oculus powered Gear VR, but that is in a category all on its own which we will cover in some detail below. So with the preface out of the way, let’s get started
AMD Drops the Ryzen based Threadripper CPU on Computex
Written by Sean KalinichEarlier today, we talked about Intel’s response to AMD’s Ryzen success so we thought we would give some love to AMD as well. Although we are not out at Computex (again) we are still getting news from different manufacturers. We are also getting information from a few people that are in the sweltering heat…. Oh yeah; back to talking about AMD’s response to Intel’s Core i9 X-series.
Intel Launches the new X-Series at Computex 2017
Written by Sean KalinichWith Computex going on there has already been lots of news hitting the street about new PC gear. Everything from GPUs, Laptops, Cases, overclocking world records, you know the stuff. We have also heard that Intel has kicked a new series of CPUs out the door. These are their “X” series of CPUs and are pretty much a direct response to the performance that AMD’s Ryzen has shown off.
Conumers have a blind spot when it comes to IoT and Security
Written by Sean KalinichThe Internet of Things, or IoT, Connected Devices, Smart devices whatever you want to call them have become a fixture in most homes. It has gotten to the point where you have to look hard to find a device that is not “Smart”. Manufacturers love to push the marketing term smart onto the consumer as it becomes a value add proposal; hey this can do all of this and you can control it using your phone from anywhere. What they do not disclose is exactly how insecure these devices are and how much privacy you can end up giving up just by having them in your home.
Since the ATi purchase AMD has struggled with trying to compete in the CPU market. They have tried many different strategies and approaches. One even included distancing themselves from the performance market and focusing solely on mobile. This disastrous strategy did not work out well and led to a string of APUs that performed well when it came to graphics but had some serious performance issues when it came to traditional compute work. Now AMD is attempting to position themselves back in the enthusiast space with a new strategy and a new architecture.
Product Testing for Security Tools Must Change or Things Will Go From Bad To Worse
Written by Sean KalinichIf you have been paying attention to the technical news lately you might have noticed more than a few articles pointing fingers back and forth between the AntiMalware company Cylance and the… well the industry. The argument (if you have not already read about it) goes something like this; the big AV/AM companies are accusing Cylance of stacking the deck in their favor when they demo their product against the competition. Cylance, for their part, claims that they provide a realistic test in comparison to what is usually done when it comes to AV/AM testing. Both sides have their points and it calls into question something that exists in all levels of the technical press and testing bodies; real world vs scripted testing.
Qualys talks to us about getting a handle on security and feature parity in the cloud
Written by Sean KalinichBlack Hat 2016, Las Vegas, NV
We had the chance to sit down with Chris Carlson, vice president of product management for Qualys and talk a little about what Qualys is up to and where they are moving to in the security market. For many Qualys is a name that brings vulnerability management and reporting to mind. This is due to the fact that this has been their bread and butter for a number of years. Now they are moving into new verticals in the market to expand on their knowledge in this arena. One of the highlights of the talk was in coving their Cloud Agent which brings a whole new set of features to the Qualys product line.
We meet Venafi's Tammy Moskites to see what has changed about trust in a year
Written by Sean KalinichLast year at Black Hat we had an interesting conversation with Tammy Moskites from Venafi. Although Tammy is both the CIO and CISO of Venafi the conversation did not focus on that company or the product as a whole. Instead we talked at length about trust and controlling the keys to data and devices. This conversation is still a very important one as continue to see attacks and vulnerabilities in the systems that control access to and the encryption of important data.
Cymmetria shows us a new type of deception at DEF CON using MazeRunner
Written by Sean KalinichDEF CON 24 - Las Vegas, NV
The term Honey Pot is one that most people are very aware of. It is a form of detection that is designed to lure an attacker into targeting a simulated system so that you can identify their techniques and tools. Honey pots have been used to gather intelligence about bot nets, malware in the wild and many other forms of malicious activity. The problem now is that these simulated systems are very easy to identify and avoid by today’s advanced attackers.
More...
AMD shares up after licensing moves and Radeon success
Written by Sean KalinichIt seems that AMD’s recent licensing moves and the press that Zen has been getting has given investors more confidence in the company. On Friday this confidence pushed AMD’s share price by almost 10% at $6.18 (the 52 week high) of this writing AMD’s share price has dropped some, but is still up by a little more than 5% ($6.14). Some have seen this as proof that AMD is going to have a comeback soon and that Intel should be very worried.
These days it is not unheard of for something as simple as a printer to have all sorts of bells and whistles. You can find wireless, remote file access, remote (web) printing and more. These devices also have very advanced controls that are often accessible through a web interface. All of this technology can be had for very little money making advanced printers a common thing in the market. The downside? Well there is also very little security in these products. Walking through a business the other day with my WiFi sniffer on I found multiple, unprotected wireless networks screaming at me to join. Without exception these were all printers connected to the company’s network. All easy prey if I was up to no good.
The FBI hides collection of Iris information by local law enforcement since 2013
Written by Sean KalinichIn the last week the world saw what appeared to be another attempt to violate privacy by government law enforcement. In this case the FBI opened a “pilot” program to capture iris imprints for a searchable database. To date they have captured more than 400,000 of these imprints. The major concern here is that there was (and remains) no public debate, or oversight on the program. The program stands on its own outside the many restrictions that protect privacy and also other rights that people have. Well at least that is how things look on the surface. We took a little bit of a deeper look and tried to peel away some of the FUD and hype over the collection.
SVET Working on product to bring healthy light into our lives
Written by Sean KalinichWith the rise of the crowd funding the consumer electronic world has been given an interesting kick in a new direction. We are now seeing some very interesting tech from companies that we might never have heard of if it were not for crowd funding. This has both good and bad consequences, although the good do outweigh the bad at this stage. One item that was brought to our attention is SVET. If you are not familiar with SVET is it a new type of lighting technology that claims it is healthier than any other light in use.