My buddy Aamir Lakhani and Keith Rayle wrote a funny post about research they did on decrypting Ashley Madison user passwords (original post found HERE). In summary, they took all the passwords that were released, decrypted the weak passwords and tallied up the top weak passwords used by Ashley Madison users. The results are pretty damn funny. Continue reading
Cisco just announced the intent to acquire Portcullis, a security consultant firm based out of the UK. This would be the 2nd recent services play following the acquisition of Neohapsis earlier this year. More on this announcement can be found below and on the Cisco blog HERE. Continue reading
I posted about the OPM breach a few weeks ago HERE and the resignation of the director Katherine Archuleta HERE. Well it looks like the original estimates of lost records from this breach were a few million off. The original post from the washingtonpost can be found HERE.
One of the scariest parts of the massive cybersecurity breaches at the Office of Personnel Management just got worse: The agency now says 5.6 million people’s fingerprints were stolen as part of the hacks. Continue reading
The venturebeat.com posted about special characters that can crash your Google Chrome browser (original post found HERE). Have fun crashing your browser now … just copy http://a/%%30%30 and paste that into your browser, wait for it and CRASH. The image above is what you will see. Below is the post from venturebeat.com. Continue reading
There has been a lot of recent news about the recent paper from Mandiant on a backdoor malware named SYNful Knock. Some headlines make it seem like this is a major day zero however here is the real story … its not a product vulnerability. See the Cisco blog post on this HERE and PSIRT announcement HERE regarding what is really vulnerable and how to handle it. Continue reading
Well this is interesting … a vulnerability in VxWorks that NASA’s space tools leverage. Imagine one day a hacker compromising and remotely driving a lunar lander. Hopefully that doesn’t happen. The original post from net-security.org can be found HERE.
A critical, remotely exploitable vulnerability in VxWorks, the world’s most popular real-time operating system (RTOS), can be exploited by attackers to gain backdoor access to the systems using it. Continue reading
Cisco very recently acquired OpenDNS. For those that are not familiar with OpenDNS, they see around 80 billion DNS records a day meaning they can be pretty effective at determining what is a possible threat from a reputation perspective. Customers can point their devices at OpenDNS and enable content filtering along with different threat blocking features. Cisco also just announced that they have integrated other threat intelligence research from ThreatGrid and AMP making the OpenDNS offering much more effective.
I have tried out the free version in the past and now running the Umbrella upgrade. This post will cover my experience with both the free and paid Umbrella offering. Continue reading
Joe Malenfant from the Cisco Talos team wrote a great post summering Cisco’s Advanced Malware Protection AMP (original post found HERE). The focus of the article is going beyond sandbox technology.
A few years ago sandboxing technology really came of age in the security industry. The ability to emulate an environment, detonate a file without risk of infection, and analyze its behavior became quite a handy research tool. Since then, sandboxes have become relatively popular (not nearly on the same scale as anti-virus or firewalls) and can be found in larger organizations. You may even have purchased a sandbox a few years ago, but it’s likely that your malware analysis needs have gone beyond the traditional sandboxing technologies that simply extract suspicious samples, analyze in a local virtual machine, and quarantine. Continue reading