From The Blog
-
ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
Written by Sean KalinichAlthough the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that…Written on Tuesday, 19 March 2024 12:44 in Security Talk Read 595 times Read more...
-
Social Manipulation as a Service – When the Bots on Twitter get their Check marks
Written by Sean KalinichWhen I started DecryptedTech it was to counter all the crap marketing I saw from component makers. I wanted to prove people with a clean…Written on Monday, 04 March 2024 16:17 in Editorials Read 1499 times Read more...
-
To Release or not to Release a PoC or OST That is the Question
Written by Sean KalinichThere is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source…Written on Monday, 26 February 2024 13:05 in Security Talk Read 1052 times Read more...
-
There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
Written by Sean KalinichIn what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled…Written on Thursday, 22 February 2024 12:20 in Security Talk Read 902 times Read more...
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 2077 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 1788 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 2060 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 2049 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 1820 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 116467 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 87370 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 81921 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 80247 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 70873 times Read more...
Displaying items by tag: Apple
Apple's iCloud Easy to Crack with Existing Tools
Two days ago we reported on the iCloud controversy which involved an attack on Apple’s Cloud based Find My iPhone application. This attack (which appears to have been a dictionary attack) resulted in the release of nude images of a number of celebrities posted on the internet for all to see. Apple immediately jumped to the defensive and released a statement saying they were not “hacked” and it is not their fault. Now on the surface this is true as there was not a full breach of their security, but it is about as wrong as you can get.
Was a Flaw in Apple's Find my iPhone Responsible for the Recent Celebrity Nude Photo Leak?
Over the weekend a number of articles broke describing a “hack” that allowed nude photos of celebrities to be stolen and then reposted on the internet (4chan). Although the story held minimal interest at the time of its release we did not see it as big news since phone and cloud service hacks are far too common these days, just because it happened to be someone famous did not make it anymore news worthy. If anything it made it less as you should not be storing nude or explicit images of yourself on your phone or in any cloud service these days.
Apple Bans Devs from Selling HealthKit Data to Ad Companies
Apple has made a decision about the data that is stored in their borrowed HealthKit API. The decision is to ban developers from sharing any of the data that the service collects to ad agencies. This move will be in effect the day that iOS 8 and will run until Apple changes their mind. This move is actually a very good thing and does cover some concerns about the amount of personal information that mobile devices are starting to amass.
Despite being late to the party, Apple's iWatch will probably do well
Right now the going rumor is that Apple will unveil the world’s first true smart watch on September 9th (yes sarcasm). Just exactly what this new product will do has many blogs up all night in a lather of love for Apple. These sites comb through patent filings, rumors and even developer code to see if they can be the first to identify what Apple will really do when they finally get around to joining the rest of the world with a wearable product.
TSMC and Samsung to have 14/16nm FinFET early while Intel delays
According to recent rumors it seems that TSMC and Samsung will be able to push out 14nm full node and 16nm half node FinFET products earlier than anticipated. This is certainly going to be good news for many customers of the two foundry companies including Apple and nVidia.
Apple Files a Patent on a Way to Find Your Car... Too bad it has been done before
Over the years Apple has surprised the world by taking old tech, optimizing it and then pushing out to the world as their own. They can do this thanks to having one of the best marketing teams in the world and until recently having a leader that believed his own legends. This has led to a string of patents that are built in the ideas and often inventions of others. To say that the US Patent and Trademark Office simply rubber stamps these is an understatement. In some cases there is no way that they could not know that the patent in question was covered in prior art.
How to get the most out of your tablet when it comes to gaming
There is a perception that to enjoy brilliant tablet gaming you have to pay big bucks – but that is not the case. There are tablets at every price that can give you this; you just need to find the right specs at the right price for you.
Security Expert claims iOS "Undocumented Services" allow for data collection
There is a lot of information flying around the internet about security this month. Much of this is due to the looming Black Hat and DEF CON conferences that kick off in August. While many of the articles hitting the net are malware centric we are hearing about a few more that punch more than a few holes in the security of some very popular devices. We have seen Blackberry poke at Samsung and their Knox secure phone layer and vice versa. The biggest one that we have seen is the 58 page document published by security expert Jonathan Zdiarski about the iPhone.
Analysts in a Frenzy over Possible New iDevices, But What is the Reality?
Well, with all of the news about Apple’s next round of products we thought we would chime in with our take on this. Warning Apple fans the following article is not based on analyst WAGs (wild ass guesses), but on information that is available publicly and, well through other means. Right now far too many analyst firms are looking to bolster their portfolios by talking up products from Apple that do not even have firm or realistic specifications attached to them. We are talking about Apple’s rumored iWatch, 12.9-inch iPad and large screen iPhone. All three of these are rumored to hit the market in September as Apple tried to catch up to the rest of the world and offer the same style of product that is already out there.
Newegg, Google, Canon, Dropbox, SAP and othes join to fight Patent Trolls.
Have you ever heard of a PAE? No? Well it stands for Patent Assertion Entity, Still not sure what they do? You might recognize them if we call them patent trolls. PAEs are companies that own the rights to patents through contracts with inventors or that buy them from others with the sole intent to file law suits against anyone that might be infringing on any patent they currently own. It is a big business and one that costs the market millions of dollars each year.