So there is a new model making the rounds on the interwebs as an update to the well known Cyber “Kill-Chain” recently. I think its a reasonable model and makes sense. Forgetting there is an underlying corporate message from Carbon Black here, the general notion that this is more of an iterative loop than a […]
Author Archives: biff
What is old is new again
So I have had this blog for 4+ years. Use it rarely as you can see. Going to give it another crack to put some random musings so I can find them again in a future existence 🙂 – feel free to enjoy or not.Â
For Reference – IOT goodness – Mirai source code
Going to start posting some stuff here again at times. Makes it easier to share with folks. Will likely be improved upon quickly, but cannot help but laugh about how insecure IOT is and consumers go and buy these things, install them and leave them out there. Its going to get worse before it gets […]
Adobe Flash update – need to pay attention
Active exploits in the wild on this one and it impacts almost everyone. (yes you linux 🙂 ) PDF attached TLP:White that has CVE details – open article to get full link Get details here
OpenSSL needs another fix
Probably prudent to pay attention to this. Somewhat narrow in scope but important. https://www.openssl.org/news/secadv_20150709.txt
Equation Group Details – Professionals Infecting Whoever They Want
If you are here, you have likely heard about the news making the rounds in the last couple days about the “Equation Group”. Several sites have been giving high level reviews of the exploits and information. Kaspersky Labs has published some details on what all this means… Rather than bore you with a recount of […]
Cryptowall 3.0 information and analysis
So be sure to tell your end users to again to practice safe computing. Don’t click on email links and simply open attachments, be careful what you surf to in shady corners of the Internet. Appears that there is still some cryptowall floating around in this “3.0” ransomware trojan variant that has been detected. The […]
NTP needs a security update
NTP users and server admins – There are multiple vulnerabilities that are in the wild that are being exploited actively. If you have not been paying attention to security updates, attached is a consolidated report that will give you the resources you need to protect your infrastructure. Take a few minutes to read and see […]
Poodle Bites Back
Another Poodle related vulnerability has been reported in the wild in various channels. This time impacting TLS to a degree. So admin’s should take a moment and read up on it and keep current as its likely to continue developing over the next couple days/weeks as more vendors are likely determined as I am sure […]
Artillery – honeypot and or server protection
I need to spend some quality time looking and testing this further. It appears to be something that I can use in production quickly and easily. Good summary here https://www.binarydefense.com/project-artillery/ Also Holisticinfosec has a good writeup on it. http://holisticinfosec.blogspot.com/ and here http://www.southbasecamp.com/blog/setting-up-a-honeypot-artillery/