I recently had a conversation about data protection, specifically protecting the confidentiality and integrity of sensitive data. Over the course of that conversation, realized that there is a LOT of confusion on the topic. How do we protect data? When does the data have to be protected? What constitutes protected? Ultimately, we discovered that the […]
Tag: security
The best place to get started on the red team?
The blue team.
The blue team.
One question that I get a lot, whether it’s from students, current or hopeful IT folks or just curious folks who wonder how one gets into this line of work, is “How do / can I get started hacking?” or “How do / can I get started on the red team?”. I’ve heard tons of […]
Pen tests and baby pictures
I had a conversation a few days ago that highlighted an interesting similarity between offensive security and, oddly enough, baby pictures. The conversation was with a photographer who worked extensively with families (family portraits, baby pictures, etc.). The photographer mentioned that they offer a package for parents to get pictures of their babies at newborn, […]
Some lessons learned from the ransomware attack on the City of Atlanta
On 22 March 2018, the public learned of a ransomware attack in the City of Atlanta information systems. The City of Atlanta held a press conference soon after the news broke and multiple news outlets covered the incident. In this article, I don’t want to re-hash the information already presented but rather highlight a few […]
Cyber Attack on the City of Atlanta – A stark reminder of the need for and importance of ethical hacking
Thursday morning (22 March, 2018), the City of Atlanta’s computer systems fell victim to what’s being called a ‘cyber attack’. According to the information that we’ve seen thus far, the attack is apparently a ransomware attack demanding payment in exchange for the decryption keys to unlock the affected data. According to news articles, local, state […]
Critical Infrastructure, Energy and More – The growing dangers of IoT
The Internet and the Internet of Things (IoT) has revolutionized the way that the world does business. I don’t mean things like Facebook, Twitter and all of those cat videos that everyone seems to be obsessed with, I mean the cool things that the Internet has enabled us to do (or do better). Connecting offices […]
More than 591,000 systems in the US available via Remote Desktop with only a username and password
What is RDP? Remote Desktop Protocol, or RDP, is a tool that many organizations leverage to allow users to access systems remotely. It’s built into all modern versions of Windows, is easy to enable, typically uses the same username and password used to access other systems (laptop, desktop, email, etc.) and offers a full desktop […]
Knowing what you don’t know. Some lessons learned from Equifax and WannaCry.
It seems like we’re seeing report after report in the news about so-called ‘cyber attacks’ in organizations that, it seems, should have known better or done a better job at protecting themselves (and our data). What didn’t they know that led to the attack (and subsequent breach)? What could they have done to have prevented […]
Even after WannaCry, 5.5 million devices still exposed (up from 4.6 million in 2016).
Rapid7 conducts an annual scan of the Internet (about 3 billion IP Addressable devices) and found about 160 million devices with open ports that should not be exposed to the Internet. Among the ports that were scanned (a total of 30 ports according to the article) was SMB, which is the port that was [ab]used […]
New malware currently targeting restaurants. What you need to know before it targets your industry.
According to this article from Threatpost, a new malware nicknamed FIN7 is using a new technique to spread and avoid detection. The malware is reportedly associated with the Carbanak group and is targeting the restaurant industry. Considering it’s effectiveness though, it’s safe to assume that either this attacker will move to other industry verticals or […]