Resources

Blog

Supercell Urges Users to Reset Passwords Following Forum Breach

Supercell, a mobile game development company, has urged users to reset their passwords following a breach that affected its forum. An administrator for the firm, which has produced popular multiplayer games like Clash of Clans and Clash Royale, announced the incident on 17 January: "We're currently looking into report that a vulnerability allowed...
Blog

Adobe Acrobat auto-installed a vulnerable Chrome extension on Windows PCs

Adobe is no stranger to finding itself in the security headlines for all the wrong reasons, and it seems that things may not be changing as we enter 2017. There was controversy earlier this month when news broke about how Adobe took the opportunity on Patch Tuesday of using its regular security updates to force Adobe Acrobat DC users into silently...
Blog

Assessing Cyber Security Risk: You Can't Secure It If...

In the course of working with our clients to improve their security posture, I have come across several common factors that often limit a business's ability to assess and mitigate cyber security risk. Last month, we looked at a few of these themes and some real-world examples of how they apply. Let's now take a look at a few more. You can't secure...
Blog

BSidesSF Preview: DNS Attacks, A History and Overview

In modern times, it is possible for an attacker to persistently and repeatedly hijack a victim's bank account at most major US banks through the victim visiting a web page. This is done without browser exploits or any visible warning. For a criminal, these attacks are cheap and highly successful. The attack that I am talking about is DNS hijacking....
Blog

Fired IT Employee Demands $200K in Exchange for Unlocking Data

A fired IT employee demanded his former employer pay him 200,000 USD in exchange for the return of its sensitive information. Triano Williams hired attorney Calvita J. Frederick to represent him in a dispute involving the American College of Education, an Indianapolis-based online provider of Master's and Doctorate degrees in teaching at which he...
Blog

Drones, OSINT, NLP and Sherlock Holmes

15 January 2017 was yet another treat for me. I watched the most excellent Benedict Cumberbatch playing the part of the brilliant yet crazed Sherlock Holmes. Granted, this is an imaginative and fictitious portrayal of the character created by Arthur Conan Doyle. But I am wondering, if you also watched it, did you note the crossover from fiction to...
Blog

No, CVE Details Did Not Just Prove Android Security Stinks!

It’s January again, and as usual, various media outlets are busy reporting on vulnerability statistics from the previous year. As usual, the CVE Details folks have worked up a lot of hype based on CVE counts, and once again, the media has taken the bait with sensational headlines about Google’s Android being the most vulnerable product of 2016. For...
Blog

Dutch Website Builder Used Secret Script to Hack 20,000 Users

A Dutch website builder leveraged a secret script to steal 20,000 users' login credentials, hack their accounts, and commit payment fraud. On 17 January, police in the northern Netherlands announced they're contacting 20,000 users with the advice that they change their passwords as soon as possible. This move comes several months after the world...
Blog

"123456" STILL the Most Common Password among Users

Another year has gone by...but "123456" still remains the most common password employed by users to protect their web accounts. On 13 January, password manager and digital vault developer Keeper Security broke the somber news in a blog post: "Looking at the list of 2016’s most common passwords, we couldn’t stop shaking our heads. Nearly 17 percent...
Blog

Whitelist Relationships as a Path to Better Security

Implicit deny and explicit allow were two core fundamentals from the start of the information security discipline. However, as the scale and complexity of infrastructures grew, it became evident the list of things we should allow is exponentially smaller than the list of things we should deny. Say "no" to everything unless it is known to be good....
Blog

Shadow Brokers' Swan Song: A Sale of Hacking Tools for Windows

The digital world is riddled with threat actors of which we know very little. Some of these mysterious agents launch one or two modest attacks and peter out soon after crawling their way into existence. Others last a bit longer, raising hubbub and gaining notoriety in the process. Not a lot of actors make it into the latter category without the...
Blog

Email Campaign Uses Fake Silverlight Update to Install Keylogger

A targeted email campaign used a fake Microsoft Silverlight update to trick users into installing a keylogger onto their computers. Overall, the attack campaign consisted of only a few malicious emails sent to employees at a major financial services provider. Each email bore a Microsoft Office document as an attachment--an attack vector seen in...
Blog

Amazon Scammers Using Fake Payment Sites to Steal Buyers' Money

Scammers are using fake Amazon payment sites to steal money from customers lured in by unbeatable deals. Comparitech, a website which offers consumer advice on topics relating to technology and information security, recently investigated one such fraudster. The fake seller goes by the name Sc-Elegance. They have a reputation for selling expensive...
Blog

Alexa, Are You Keeping My Information Private?

"By sitting in the alcove, and keeping well back, Winston was able to remain outside the range of the telescreen, so far as sight went. He could be heard, of course, but so long as he stayed in his present position he could not be seen." The above quote is a snippet from George Orwell’s dystopian-themed novel 1984, where Big Brother is constantly...
Blog

Spora Ransomware Equipped with Sophisticated Encryption, Payment Site

A new ransomware family called Spora comes outfitted with a sophisticated encryption scheme and a professionally designed payment portal. Spora, which is Russian for the word "spore," relies on fake invoice emails for distribution. The emails bear ZIP files containing HTML Application (HTA) files as attachments. But users might not realize it. That...