From The Blog
-
ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
Written by Sean KalinichAlthough the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that…Written on Tuesday, 19 March 2024 12:44 in Security Talk Read 698 times Read more...
-
Social Manipulation as a Service – When the Bots on Twitter get their Check marks
Written by Sean KalinichWhen I started DecryptedTech it was to counter all the crap marketing I saw from component makers. I wanted to prove people with a clean…Written on Monday, 04 March 2024 16:17 in Editorials Read 1576 times Read more...
-
To Release or not to Release a PoC or OST That is the Question
Written by Sean KalinichThere is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source…Written on Monday, 26 February 2024 13:05 in Security Talk Read 1110 times Read more...
-
There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
Written by Sean KalinichIn what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled…Written on Thursday, 22 February 2024 12:20 in Security Talk Read 1081 times Read more...
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 2131 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 1853 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 2122 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 2098 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 1890 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 116522 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 87469 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 82027 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 80334 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 70987 times Read more...
Displaying items by tag: Legal
Microsoft stands their ground over Dublin emails, finds themselves in contempt of court
It is not often that we can write about a big company like Microsoft and say they are doing “the right thing”. This is even more true in light of the Snowden revelations that showed the close cooperation that Microsoft (and others) had with many data collection programs run by the NSA. Any trust that people had in Microsoft and their drive to protect their customer’s data vanished in an instant. Since those days Microsoft has been working very hard to rebuild consumer trust. They have put SSL and TLS encryption on their email service and have put a few privacy (pronounce that security if you are in government) features in place to help change the public opinion.
The BBC says if you use VPN you are probably a pirate
The concept of the VPN (Virtual Private Network) is one that is intended to allow people to make a secure, encrypted connection from point A to point B. in most cases this connection is from a remote location back to the home or an office. VPN actually covers a few different protocols that include IPSEC (IP Security), PPTP (point to point tunnel protocol), L2TP (Layer 2 Tunneling Protocol), SSL (Secure Socket Layer) and a few other less common ones. In recent years it has also become a method to get around DNS blocking and also as a form of maintaining private/ anonymous communication.
Why The MPAA Would Like To Dig Into Kim Dotcom's Recent Financial Sucess And Seize that Money Too
In the soap-opera that has been the case against Kim Dotcom and Mega Upload we now has another chapter. It seems that the copyright groups responsible for the original claims against Dotcom want to have a look at this financial state. If you remember when the case and raid first happened we mentioned that the move was most likely done to remove competition from the playing field. The actions and claims that followed certainly seemed to support our hypothesis.
Google Processes One Million Takedown Requests Per Day
There is a story running around the internet that says Google is now processing one million piracy take down requests in a single day. Now there are two different spins to this story (and we will cover both) out there. One of them is being pushed by the copyright lobby groups, while the other is popping up through sites like Google and various net neutrality groups.
NZ High Court Rules the FBI Should Not Have Posession of Dotcom HDDs, Denies Access to Encryption Keys
So, remember back when the FBI removed data that is was not allowed to search for from the home of Kim Dotcom, (that they were not really allowed to search)? Well if not we will sum things up for you here. Back when the US DoJ was really pushing the Mega Upload case the FBI convinced New Zealand law enforcement to execute a raid on the Dotcom house without a properly defined warrant. The reason it was not properly defined is that it did not spell out what they were searching for.
US Supreme Court Rules Abstract Software Patents are a No Go
In a somewhat surprising decision the US Supreme Court has rules that patents that cover an “abstract idea” are not valid. This was the final outcome of a battle between two financial institutions, Alice Corp and CLS Bank. The story is one that has played out very often, Alice Corp. holds the patent for the concept of an electronic escrow system. CLS wants to use the same type of system, but as the patent held by Alice Corp is so vague and abstract they cannot do so without running the risk of infringing.
Ex-Microsoft Employee that Leaked Windows 8 Gets Three Months
The guy that leaks Windows 8 to a French journalist is going to get a whopping three months in jail for his actions. Alex Kibkalo will also have to pay a whopping $100 fine for his actions. These actions are likely to follow him for the rest of his life and most certainly will hurt his career opportunities. Kibkalo leaked information about Windows 8 just before the launch of the OS.
Tesla Says "All Our Patents Are Belong to You"
To say that I am speechless is an understatement. Although I know the move by Tesla Motors today is also a marketing move it still stands on its own as one of the coolest things I have seen in a while. Oh that’s right I had probably better tell you what I am talking about. Although the head line makes much of this clear today Tesla announced that it will not seek patent litigation against any company that wants to use their technology in good faith.
Microsoft's Fight Against Search Warrant Could Have Big Consequences
When Edward Snowden revealed the extent of US Government surveillance and just how much corporations cooperated with them to accomplish their goals everyone was shocked. Many could not believe that the companies we trust would betray us in the ways that Snowden showed. Even as the clarifications and denials were being typed up by Microsoft, Google and others the consumer backlash was starting and not just in the US. Consumers here and overseas were pulling their data out and cancelling accounts. This change has (and will continue to) seriously hurt technology companies financially. As we all know, the only way to motivate big business is to hit them in the bank account.
Snapchat charged for misleading statements about user's privacy
Snapchat lately came under criticism after it was revealed that their services are not entirely what they appear. The case went before the U.S. Trade Commission, which has accused the company that messages sent via Snapchat can easily be saved even though the application claims that they are only temporary.