From The Blog
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 1224 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 735 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 1109 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 901 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 975 times Read more...
-
Leaked Data from Duolingo incident Shows US is most Impacted
Written by Sean KalinichDuolingo, is a language learning site (not to be confused with an LLM) and has a very large base of users. The site is a…Written on Tuesday, 29 August 2023 19:12 in Security Talk Read 1388 times Read more...
-
We talk about the Ransomware Threat Landscape with SecureWorks at Black Hat 2023
Written by Sean KalinichBlack Hat 2023 – Las Vegas, NV – One of my personal focuses is understanding the “Why” behind changes in the threat landscape. In simple…Written on Tuesday, 29 August 2023 18:26 in Security Talk Read 986 times Read more...
-
Now Patched Flaw Leverages Abandoned Reply URL found in Entra ID allows for Privilege Escalation
Written by Sean KalinichMicrosoft has not been having the greatest of months. First it was identified that a stollen MSA signing key was used by a Nation State…Written on Monday, 28 August 2023 15:39 in Security Talk Read 1603 times Read more...
-
Qrypt Looking to Attack the Inefficiencies in Quantum Encryption to make Quantum Secure Communication a Reality Today
Written by Sean KalinichBlack Hat 2023, Las Vegas – At Black Hat one of my favorite things to do is see what the latest buzzword(s)/phrases are. One of…Written on Monday, 28 August 2023 12:53 in Security Talk Read 1098 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 115675 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 85914 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 80295 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 78993 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 69146 times Read more...
Displaying items by tag: Firewall
Juniper Admits to backdoors in their ScreenOS code as far back as 2012
Juniper has acknowledged that “unauthorized code” was somehow inserted into their ScreenOS. The code appears to have been around since at least 2012 which means that it went unnoticed during multiple code updates, patches and even full version updates. Although the code was buried deep in cores parts of the OS it still should have been noticed during at least one update over the last three years.
Intel launches a new Xeon based SoC that should be perfect for Firewalls and NAS boxes
In an unsurprising move Intel has kicked out a new SoC (System on Chip) that bears the label Xeon. The Xeon D 1500 family is intended as to be a one-chip solution for networking devices, storage appliances and micro-servers. The Xeon D also has functions to assist with compute operations which should make it pretty versatile.
Current Security Methods are seriously Outdated... Time for a new Model.
Malware and breaches are inevitable. Anyone that has been in security knows that this is a simple fact. Every day there are hundreds of attempted (and successful) attacks executed against businesses, consumers, and the government. These attacks have been traditionally met with an incident-response thought process. IT departments monitor their networks for suspicious activity and respond when/if they find someone who is either attempting to or actually has broken in. Sadly, this is probably not the best way to handle security.
D-Link Flaw Exists in Many Common Residential and SOHO Routers
Yesterday we wrote about a disturbing flaw in some D-Link routers that allow for a malicious individual to access it without a username or password. Shortly after we published the article we were reminded that this flaw does not just exist in D-Link hardware, but is also present in devices from many other companies that have SOHO and Residential products. The string for each might be different and in some cases harder to gain access to, but it is there.
Iran blocks Google and Gmail
![]() |
In preparation for launching their own internet, the Iranian government has decided to block Google. This move should “protect” Iranian citizens from big bad internet freedom. An official known only by his last name Khoramabadi stated "Google and Gmail will be filtered throughout the country until further notice“. The Iranian Students News Agency (ISNA) said that this move was provoked by the anti-Islamic movie posted on YouTube that Google refused to remove. As we all know, Muslims don’t take these kinds of things lightly and we saw many newspapers or TV shows that made fun of their religious figures have received death threats shortly after the incident.
IPV6 Means More IP Addresses, But Comes With Some Concerns
Internet Protocol Version 6 (IPV6) has officially launched in certain areas of the globe. The replacement for the aging Internet Protocol Version 4 (IPV4) is said to have built in security, Encryption capabilities and a ridiculous number of address combinations making it sustainable for a very long time. The downside is that, as with many core technology updates, there are not many products that use it and the average home user is facing a pretty steep learning curve in getting things going.