RSS Feed

Netsec, comsec, infosec and IA news, research and trends



This malware can steal passwords, credit card info in Chrome, Safari from Randall


Europol Now Going After People Who Bought DDoS-for-Hire Services

Feds Dismantle xDedic Dark Web Credentials Market


Hackers are going after Cisco RV320/RV325 routers using a new exploit from Randall


Linux-Targeting Cryptojacking Malware Disables Cloud-Based Security Measures: Report from Randall

Windows Torrent File Malware Can Swap Out Crypto Addresses, Researcher Warns from Randall


‘The Age of Surveillance Capitalism’ Review: The New Big Brother

US judge rules that feds can't force fingerprint or face phone unlocks from Red


Towards Improving CVSS


Widely Used JavaScript Library Had a Backdoor to Steal Bitcoin from Zach


The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies - Supply chain issues are coming home to roost.


One Small Step for the Web... from Zachary


APT28 Uses LoJax, First UEFI Rootkit Seen in the Wild from Kendall


Palo Alto Networks' Fuel User Group has a free online test lab from which one can sign up for free 4 hour time slots to go in and play with their equipment.


The Untold Story of NotPetya, the Most Devastating Cyberattack in History from Red


"Web of Profit" report detailing the cybercrime landscape


Nist List - Search for forensic tools by functionality


VPNfilter malware is sowing chaos


Similar to the GeeWhiz's post regarding quad 1 below, a different service by the name of "Quad9 blocks against known malicious domains, preventing your computers and IoT devices from connecting malware or phishing sites. Whenever a Quad9 user clicks on a website link or types in an address into a web browser, Quad9 will check the site against IBM X-Force threat intelligence that includes 800+ terabytes of threat intelligence data including 40B+ analyzed web pages and images and 17 million spam and phishing attacks monitored daily"


Internet Exposure, Flaws Put Industrial Safety Controllers at Risk of Attacks


Cloudflare is hosting DNS over TLS and HTTPS at and

2018 Verizon Data Breach Investigations Report

This is an interesting article that relates to HIPAA and the safeguarding of PHI. I actually worked on solving this problem with my current employer a couple years ago and something missing from this article is, why is this happening?

It could be explained as a complex relationship web of conflicting goals between the business units (hospital departments), the network management folks and network security, while this is all true in most cases it is much simpler. The hospitals are (almost) required to network certain devices and medical devices have strict certification requirements (translation: is it expensive, for a device manufacturer, to get a device through certification, therefore, they don't want to change the device). In most devices, any change no matter how minuscule (like a security patch) requires a complete recertification of the device.

There is still no excuse to have any external exposure of medical IOT devices. This is really a network security gap and considering the continually increasing risk factors that unpatched systems are posing, the network teams must work harder to ensure the protection of patient PHI.


Stealing Credit Cards from FUZE via Bluetooth from Lee

3.22.2018 Bullguard has a free online scanner that will scan your network edge to see if your IOT toaster is reachable from the outside. If so, you can bet has already grabbed its banner. Speaking of which, if anyone has a pcap file for an IOT toaster, I would love to get my hands on it! Thanks. "Security Planner is an easy-to-use guide with expert-reviewed advice for staying safer online. It provides recommendations on implementing basic online practices, like enabling two-factor authentication on important accounts, making sure software stays updated, and using encrypted chats to protect private communications. More advanced users can receive advice on where to go for more help." This site interactively guides the user through a few questions related to the technologies used, the user's security concerns, and the user's desire for more specific information related to security. It then provides a list of general recommendations along with more detailed information should the user want to dig further. Its very "approachable" and provides good top level recommendations for users who may not be very technically savvy. AnyRun is an online malware sandbox where you can open files, urls, code, etc and run these inside of a virtual machine to see what happens. They have a limited free version which gives you a full two minutes to play in a somewhat limited but useful VM. It's come in handy a few times for me when I wanted to explode something safely off of my network.


Trustico revokes 23,000 SSL certificates due to compromise from Lee


MeltdownPrime and SpectrePrime: Automatically-Synthesized Attacks Exploiting Invalidation-Based Coherence Protocols from Lee


For Russia, Unraveling US Democracy Was Just Another Day Job - Influence operations occur and surround everyone in the Internet age nonstop. People want others to "pay" attention and are willing to spend money to make this happen. Inspired by a story sent by Kendall.


Quantum Computers Pose Imminent Threat to Bitcoin Security from Sam


Trisis has mistakenly been released on the open internet from Lee


Apple 0-day - Happy New year! More from the source.


Bruce Schneier on the Equifax Breach from Joel

IBM, Packet Clearing House and Global Cyber Alliance Collaborate to Protect Businesses and Consumers from Internet Threats


OceanLotus Blossoms: Mass Digital Surveillance and Attacks Targeting ASEAN, Asian Nations, the Media, Human Rights Groups, and Civil Society


$1000 in mobile ads is sufficient to track a person's location.


Serious flaw in WPA2 protocol lets attackers intercept passwords and much more


Details emerging on Apple's FaceID

This page is powered by Blogger.

Site Meter Locations of visitors to this page