Resources

Blog

Looking Back On SOHOpelessly Broken at DEF CON 25

DEF CON 22 was my third DEF CON and the first time ever for the IoT Village and related "SOHOpelessly Broken" contests. That year, I easily won both tracks of the competition with only a handful of hours spent analyzing and hacking routers. As anyone who’s ever attended DEF CON can tell you, there are roughly one billion options for how to spend the...
Blog

Cerber Ransomware Now Capable of Stealing Bitcoin Wallet Files

The developers of Cerber ransomware have equipped their creation with the ability to steal victims' Bitcoin wallet files. Security researchers first discovered Cerber in early 2016. Since then, the crypto-malware family has gone through at least six iterations. It's also sparked a ransomware-as-a-service (RaaS) platform that's raked in upwards of a...
Blog

The GDPR Adventure: A Legal Perspective

Adventure (ad•ven•ture) / ad-ven-cher / noun: an undertaking usually involving danger and unknown risks; an exciting or remarkable experience; and enterprise involving financial risk. Origin: Old French aventure (noun), based on Latin adventurus ‘about to happen.’ There are many people who have the privilege of saying that they get paid to be...
Blog

New Trojan Never Saves a File during Its Infection Chain

A new trojan leverages a fileless infection chain in that it never saves a file to the machine, thereby making analysis via a sandbox more difficult. It's unclear how the malware, detected by Trend Micro as JS_POWMET, initially arrives on a computer. Users could unknowingly download it from malicious websites. Alternatively, other malware could drop...
Blog

Threat Hunting: Do Hackers Know Where You Are?

The internet is full of personal and business-sensitive information if you know where to look. In a previous post, we detailed our method of collecting Open Source Intelligence (OSINT) by “scraping” the content posted to public websites where stolen information is regularly released by hackers. That post focused on email and password combinations ...
Blog

Thoughts from Black Hat 2017 and Killer Car Washes

With Black Hat 2017 and DEFCON rapidly receding into the desert sunset, I am left with a couple of thoughts after several days on the show floor talking to customers: 1. Wow! So many fidget spinners – cheap ones, expensive ones, plastic, metal, ones that lit up, ones that didn’t, and ones that were supposed to, but didn’t. The go-to schwag for...
Blog

Top 5 Barriers to Security Implementations

I have been in this business for over 10 years, specifically in the business of trying to ensure our critical infrastructure remains in a safe, reliable and secure state. After all, if our critical infrastructure were to fail, the implications could be huge. Since 2011, I think the real threat of large-scale attacks against critical infrastructure...
Blog

Privacy Group Wants Answers into Google Consumer-Tracking Program

It's widely recognized that online advertisers know a lot about web users. The most "sophisticated" of these companies gather data on potential customers by tracking their behavior around the web. Specifically, they analyze what sites users visit and what links they click. They then compile that identifying information into a database, build upon it...
Blog

Cyber Security Heroes Part 5: Scott Helme

They say you should never meet your heroes—often they will just disappoint you. But thankfully, there are also exceptions to this rule. In this five-part series, I will be introducing you to five of my key cyber security/infosec heroes. These individuals inspire me to continuously strive for more, with one even motivating me to move across the pond....
Blog

Third-Party Breach Might Have Exposed 18.5K Anthem Customers' Data

Health insurance plan provider Anthem says a third-party breach might have exposed 18,500 customers' personal and medical data. In a statement (PDF), Anthem media contact Gene Rodriguez reveals how the security incident links back to LaunchPoint Ventures LLC, a firm which provides insurance coordination services to Anthem: "On April 12, 2017,...
Blog

Shadow IT – How Do You Protect What You Don’t Know You Have?

For a cybersecurity program to succeed, it must identify the assets it aims to protect. Without a clear understanding of its assets, no organization can truly understand the value of its resources, assess the risks they face, or understand how much to spend to secure its infrastructure. Unfortunately, the process of identification is not getting any...
Blog

Cyber Security Risks in the Social World

We’re all fairly knowledgeable about how to deal with security issues for email. We don’t open emails that come from someone we don’t know, for example, and if we do, we’re certainly wary about clicking on links. These same malicious tools can be used with social media posts to infect people’s computers and smart devices. But for some reason, people...
Blog

Phishers Hack Chrome Extension to Push Out Spam

Phishers hacked an extension for Google Chrome and abused their ill-gotten access to push out spam to unsuspecting users. The security incident befell Copyfish, a type of software which allows users to extract text from images, video, and/or PDF documents. Only the program's Chrome extension suffered as a result of the attack. It's Firefox...
Blog

12 Indispensable DevOps Tools for 2017

DevOps is revolutionizing the way enterprises deliver apps to the market. It blends software development and information technology operations, or the processes and services used by IT staff, as well as their internal and external clients to fulfill their business duties. Such a convergence creates an assembly line for the cloud, as Tim Erlin wrote...
Blog

Virgin America Alerts Employees, Contractors of Personal Data Breach

Virgin America has alerted thousands of employees that the company’s systems were breached, leading to the compromise of their personal data. The American airline, which was acquired by Alaska Air in 2016, notified workers via letter, stating that the incident occurred earlier this year. “On March 13, 2017, during security monitoring activities, our...
Blog

Pro Soccer Player's £5M Mansion Raided after Social Media Skiing Post

UPDATED 28/07/17 Thieves raided a professional soccer player's £5 million mansion after he posted to social media a picture of himself on a skiing holiday. Back in February 2017, 36-year-old Ashton Villa defender and former Chelsea captain John Terry shared a picture of himself and with his wife Toni, 35, with his 3.4 million Instagram followers....
Blog

What If Your IoT-Enabled Camera (DSLR) Had Security Protocols?

Have you ever thought about the possibility that your IoT-enabled camera could be controlled by a hacker if you're not careful? Sounds a bit too much, doesn't it? No one could even think of such a thing happening a few years ago. Unfortunately, as more and more IoT-enabled features and offerings have been introduced, the probability of getting them...
Blog

How a Smart Coffee Machine Infected a PLC Monitoring System with Ransomware

Once upon a time, operational technology (OT) enjoyed little-to-no connectivity with the web. Industrial system attack surfaces were quite small, with physical access acting as the overriding attack vector in many security incidents that did occur (including Stuxnet). It was a simpler time. But all that changed with the Industrial Internet of Things ...