From The Blog
-
ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
Written by Sean KalinichAlthough the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that…Written on Tuesday, 19 March 2024 12:44 in Security Talk Read 347 times Read more...
-
Social Manipulation as a Service – When the Bots on Twitter get their Check marks
Written by Sean KalinichWhen I started DecryptedTech it was to counter all the crap marketing I saw from component makers. I wanted to prove people with a clean…Written on Monday, 04 March 2024 16:17 in Editorials Read 1266 times Read more...
-
To Release or not to Release a PoC or OST That is the Question
Written by Sean KalinichThere is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source…Written on Monday, 26 February 2024 13:05 in Security Talk Read 707 times Read more...
-
There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
Written by Sean KalinichIn what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled…Written on Thursday, 22 February 2024 12:20 in Security Talk Read 684 times Read more...
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 1904 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 1388 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 1835 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 1597 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 1604 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 116250 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 87093 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 81628 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 79995 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 70409 times Read more...
Displaying items by tag: Privacy
TOR releases version 5.5 of the TOR Browser Bundle; bug fixes galore
Tor has pushed out a new version of its privacy enhancing Tor Browser Bundle. We are up to 5.5 now and, according to the Tor Project it is a full stable release. The update fixes a laundry list of bugs and also covers some usability issues that have been plaguing the software for some time. One interesting note is that they are finally working on blocking ways of fingerprinting users through different mechanisms (resolution, keyboard type etc.).
BMG wants Cox to give up personal information on suspected Pirates
The world of copyright and patents is one of ignorance, greed and just plain stupidity. This is, sadly, on just about all sides of the game. From the people complaining all the way to the judges asked to decide these cases. We have already talked (at length) about the fantasy math the copyright holders use in determining damage and the massive impacts on privacy that they want to further their causes, but now we area in a situation where they have “won” something that no one every should have even considered.
California Lawmakers push to ban the sale of encrypted smartphones
You would think that in 2016 the people in power would either understand technology, or would have been replaced by someone that does. Sadly, this is not the case in… well just about every place there is an elected official. Over the past few years we have seen some very stupid bit of technical legislation come over the wire. Everything from kill switches in smartphones to backdoors in software and encryption standards. All of the legislation proposed read like they were written by someone that has no clue about technology, but might watch a lot of TV… and bad TV at that.
CISA passes the Senate, opens the door to more abuse and fails to address security
Cybersecurity is a fairly common buzz word used in Washington these days. It is tossed around to scare people that are ignorant of the way computer systems work so that legislation that is exceptionally pro-corporate friendly and anti-consumer can be pushed through. The latest of these is the Cybersecurity Information Sharing Act. This handy little bit of law just passed through the US senate on the 28th (74 to 21) and allow corporations to share customer data with the US government and other companies without any consequences for doing so. This effectively removes any recourse customers or users have about the sharing of their personal information.
Privacy: it doesn’t mean what you think it means
The term privacy has come to mean a great many things in the last few years. To some the idea of privacy is being able to do or say certain things without the fear of anyone finding out. Most people like to know that what they do on their own time is their business. Where things get a little muddy is when people liken the desire for privacy with a desire to hide wrongdoing. This belief couldn’t be farther from the truth . It is not just that it is wrong, but it is also dangerous. To imply that anyone that wants to have privacy is somehow hiding something illegal sets a dangerous precedent. Keeping this mentality alive will allow for a further erosion of peoples’ rights and grants very worrying powers to agencies that are there to protect, not to oppress.
Florida Judge Says that an IP Address is not enough to prove piracy
If you have been following news about piracy, copyright, or indeed almost anything you will know that the copyright industry often employs some rather shady methods to get their way. One of the shadiest methods is the demand letter. If you are not familiar with this term let us explain (if you are bear with us): a demand letter is when a legal firm tries to tie IP addresses they have identified to actual ISP subscribers. They send large numbers of subpoenas to ISPs asking that they put the two together so that they (the law firm) can then send a settlement letter demanding money from the alleged pirate.
The problem with messenger applications... there really is no privacy and never was
There are many things that people take for granted in the world. Some of them are more than a little naïve while others are quite understandable. One of them is that the things we say or do in conversation are somewhat confidential. We do not expect our mail, phone or personal conversations to be listened to and by extension we feel that our online conversation are equally private. Sadly this is simply not the case and, in reality, it never has been.
New Browser Based Flaw Leaks VPN Users' IP Addresses
Privacy on the internet is a hard thing to achieve. For starters there are tons of companies that are very interested in what you do and where you go online so they can get you to buy things. On top of that there are the spying eyes of the government watching to make sure you are not a bad guy and storing all of this data in massive warehouses. This mass data collection seems to exist in every single device we own; from laptops to phone to smart TVs. It is enough to make someone paranoid, or at least to look for some form of privacy when connected to the internet.
New Windows 10 Technical Preview Hides a Keylogger This Time
As the world gets all excited about some of the new “features” in Windows 10 there are some in the press (and consumers) that are less than thrilled about them. We are talking about Cortana and some of the predictive typing tools and features that Microsoft has embedded and how they really work. On the surface the concept of predictive text and searches is a pretty neat idea. After you type something in, or search for a topic your system will build a small database of information to help you find those things again.
Judge Posner says the NSA should have unfettered access to your data
It would seem that some in the judicial branch of the US government feel that privacy is not really about protecting citizens from unjustified surveillance. They also do not seem to have any fear of the US becoming a place where the government has powers that extend beyond the ones granted by the US constitution. At least this is the opinion of one US Judge; Judge Richard Posner. The interesting thing is that Posner has made more than a few statements in favor of individuals including condemning the existing copyright system and the way that the copyright lobby is trying to enforce it.