Hot Topics
No More LOLs -

  The Internet is fragile. This summer, the world saw governments trying to shut down the Internet as thousands. 

5 days ago | 0
A critical remote execution flaw spotted in Samba Win-Linux interop code -

  CVE-2015-0240 is a critical security flaw in Samba that resides in the smbd file server daemon and can. 

6 days ago | 0
Forbes Hack Shows Gap in Consumer Security -

Security researchers from iSight and Invincea uncovered a highly sophisticated data exfiltration APT. However,. 

6 days ago | 0

No More LOLs

By Aamir Lakhani | On Wed, Feb 25th, 2015 - No Comments »
no-hooking

  The Internet is fragile. This summer, the world saw governments trying to shut down the Internet as thousands rallied for democracy in the Middle East. We also saw rioters use the Internet in the UK to coordinate attacks on the innocent. The San Francisco transit system, BART shut off Internet access in hopes to prevent nefarious hacker groups from disrupting the mass transit system. However,. 

A critical remote execution flaw spotted in Samba Win-Linux interop code

By Blog | On Tue, Feb 24th, 2015 - No Comments »
samba-2-718x400

  CVE-2015-0240 is a critical security flaw in Samba that resides in the smbd file server daemon and can be exploited by a malicious Samba client remotely. Linux administrators urge to update their systems due to the discovery of a critical vulnerability the open source Linux-and-Windows-compatibility software Samba. The vulnerability in Samba, coded as CVE-2015-0240, affects versions. 

Forbes Hack Shows Gap in Consumer Security

By Blog | On Tue, Feb 24th, 2015 - No Comments »
Exploit Kit-01

Security researchers from iSight and Invincea uncovered a highly sophisticated data exfiltration APT. However, the target of the attack was not company that was compromised; it was that site’s users. Forbes.com, one of the most highly trafficked websites in the world, was compromised and used to spread malware to site visitors. Similarly to other website attacks reported in recent months,. 

Datalossdb.org : See Who Has Been Breached

By Joey Muniz | On Thu, Feb 19th, 2015 - No Comments »
url

Data breaches continue to hit the news yet are only a fraction of what is being reported. Some recent ones are Sony (more on this HERE … and yes I saw The Interview because of the press behind this) and Anthem (more on this HERE). The reasons why organizations don’t report a breach vary from the fear of having critical infrastructure confiscated (which today usually isn’t the case. 

The World’s Email Encryption Software Relies on One Guy, Who is Going Broke

By Joey Muniz | On Wed, Feb 18th, 2015 - No Comments »
Logo-PGP-niebieskie_znak-graficzny

The people at Propublica.org wrote a really cool piece on the creature of GPG, Enigmail and GPG4Win Werner Koch (original post can be found HERE). Until recently, Werner has been the one man band behind developing and maintaining a few versions of free email encryption software applications. Large organizations and governments tend to dump funds into spying and cyber defense yet can’t. 

Bank Hackers Steal Millions via Malware

By Aamir Lakhani | On Sun, Feb 15th, 2015 - Comments Off
cyber-attack-hacker

Another week, another hack. A group of cybercriminals used phishing attacks to install remote access toolkits (RATs) and steal over $300 million from banks and other financial institutions (source: http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html) Using RATs is not new, and common method cybercriminals use. We had an in-depth look at njRAT and the Sweet. 

Your TV Can Spy On You – Warning over listening TV

By Joey Muniz | On Fri, Feb 13th, 2015 - Comments Off
tv-watcher

Imagine your are watching your favorite tv show and start chatting about sensitive subjects. Those things could be leaked through your TV according Samsung’s warning about users of their smart TVs. Thats right, the TV that suppose to be providing entertainment is also listening for commands … BUT ALWAYS LISTENING. Joey Muniz, The Security Blogger, wrote a great article looking if our. 

From Russia with love: Sofacy/Sednit/APT28 is in town

By Aamir Lakhani | On Thu, Feb 12th, 2015 - Comments Off
From_Russia_With_Love_Poster

Yesterday, another cyber espionage group with Russian roots made it to the New York Times headlines again courtesy of FireEye and a new report they published. FireEye did a pretty good job on attribution and giving some technical indicators; however, they neglected to reference previous work on this threat actor from companies like PWC, TrendMicro, ESET and others. See more at: Click here. 

Anthem: Yet Another Victim of the “Highly Sophisticated Attack”

By Aamir Lakhani | On Mon, Feb 9th, 2015 - Comments Off
Sneaky-Anthem

It should come as no surprise that another major data breach is in the headlines. Anthem, the nation’s second largest insurance provider, may have had as many as 80 million personal records compromised. There are several factors that make this breach notable. Primarily, it is the first major health insurance breach of its scale. The largest breach prior was the loss of over 4 million.