Something that I really thought I wouldn’t be hearing by now is “I bought a Mac because Macs don’t get viruses”. Unfortunately, I’m still hearing it and, unfortunately, it’s still not true. That said, a recently discovered piece of malware targeting the Apple / Mac platform offers a good opportunity to highlight a few important […]
Category: /dev/random
Attackers are leveraging legitimate file sharing sites to increase phishing effectiveness
We are seeing a new variation of phishing attack that’s leveraging a users trust of legitimate file sharing services (Dropbox and Egnyte specifically) to increase the effectiveness of their phishing campaigns. We have included similar techniques in a number of recent phishing engagements for clients and have seen a significant increase in the number of […]
Beware of redundant, state based “cyber crime” legislation
In Georgia, State Bill 315 was introduced in 2018 to criminalize unauthorized computer access. In addition to the two page bill being overly vague and open to interpretation, unauthorized access was already criminalized by the Computer Fraud and Abuse Act (CFAA), a federal law. The bill was quickly passed by the House and Senate and, […]
Your data is already stolen, now what?
I read an interesting article from Bruce Schnier today that was basically a commentary on an equally interesting article from Brian Krebs about the recently disclosed Marriott breach. I’ve linked both articles below but wanted to highlight a couple of key points. Accept that you are vulnerable (your data has been, and will continue to […]
The best place to get started on the red team?
The blue team.
The blue team.
One question that I get a lot, whether it’s from students, current or hopeful IT folks or just curious folks who wonder how one gets into this line of work, is “How do / can I get started hacking?” or “How do / can I get started on the red team?”. I’ve heard tons of […]
More than 591,000 systems in the US available via Remote Desktop with only a username and password
What is RDP? Remote Desktop Protocol, or RDP, is a tool that many organizations leverage to allow users to access systems remotely. It’s built into all modern versions of Windows, is easy to enable, typically uses the same username and password used to access other systems (laptop, desktop, email, etc.) and offers a full desktop […]
Vecrypt v1.19 released and fixes multiple low, medium and critical risk vulnerabilities
The open-source encryption software and successor to Truecrypt Veracrypt has been updated to v1.19 to address vulnerabilities discovered in a recently completed code audit. The update addresses all critical, medium and low-risk vulnerabilities and workarounds have been provided for those vulnerabilities not yet addressed. The audit was completed against Veracrypt v1.18 and was completed on […]
Vulnerability Assessment or Penetration Test, which do I need (and why)?
When I meet people and tell them what we do (I usually lead with ‘Offensive Security’, that seems to be a real conversation starter), the conversation almost always ends up going something like “What is a vulnerability assessment, what is a penetration test, do I need one and, if so, which one do I need?” […]
Hacking a penetration tester
I just finished reading this article titled “Hacking a Penetration Tester” and made a few notes that I thought may be helpful to pass along. The basic premise of the article is that the author (Wesley McGrew) and his team were conducting a penetration test and found a Meterpreter shell that had been left behind […]
Hiding in plain sight, how attackers use your network against you
We’ve all seen the movies and television shows where ‘hackers’ use elaborate tools to break into networks and, once in, use more elaborate tools to move around undetected doing whatever they set out to do. It’s true, there are some pretty cool tools out there (a few noted below) but, as this article at Threatpost […]