From The Blog
-
ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
Written by Sean KalinichAlthough the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that…Written on Tuesday, 19 March 2024 12:44 in Security Talk Read 350 times Read more...
-
Social Manipulation as a Service – When the Bots on Twitter get their Check marks
Written by Sean KalinichWhen I started DecryptedTech it was to counter all the crap marketing I saw from component makers. I wanted to prove people with a clean…Written on Monday, 04 March 2024 16:17 in Editorials Read 1268 times Read more...
-
To Release or not to Release a PoC or OST That is the Question
Written by Sean KalinichThere is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source…Written on Monday, 26 February 2024 13:05 in Security Talk Read 712 times Read more...
-
There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
Written by Sean KalinichIn what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled…Written on Thursday, 22 February 2024 12:20 in Security Talk Read 685 times Read more...
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 1906 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 1395 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 1835 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 1599 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 1608 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 116252 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 87099 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 81636 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 79998 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 70415 times Read more...
Displaying items by tag: Privacy
Skype Is No Longer A Secure Means Of Communication
About two weeks ago we saw a random tweet that seemed to indicate that Microsoft had added in technology that would allow for easier spying on Skype conversations. Right after this a tweet on the YourAnonNews feed seemed to indicate that the “bug” that was accidentally sending some conversations to random members of your contact list was related to the new “feature”. There was a much more ominous tweet about an hour later that claimed Skype had been hacked and the source code downloaded. Although we never were able to confirm the relationship to the bug and the reworking of supernodes to switch to Microsoft run servers, we did find out that the released code was not the official source code, but a posting of a decompiled version of the Skype application; still useful if you wanted to look for an exploit, but not the original source code to be sure.
Facebook Scanning User Posts AND Private Messages; Claims They Are Looking For Illegal Activity
It looks like Facebook has already begun sharing user information with Law Enforcement; possibly without consent and in violation of some wiretapping laws. The news comes on the heels of a Reuters Interview with an investigator for the Florida Department of Law Enforcement. In this interview Jeffrey Duncan said that Facebook contacts law enforcement when they find a post or conversation (through the Facebook messaging system) that contains possible criminal activity.
New Executive Order Grants The Department Of Homeland Security Extended Power To Control and Monitor the Internet
The US Government has gone and done something that they have been trying to claim they would never do. They have put forward an Executive Order that outlines their ability to control communications in the event of an “emergency”. The new order has the interesting title of “Assignment of National Security and Emergency Preparedness Communications Functions”. You could say that the new Executive Order does assign functions to different offices in the government and also assigns duties to the rest of the country including “the private and nonprofit sectors, and the public”. If you read the new EO in its entirety (and we highly recommend you do) you will see that this is a precursor to the enablement of the US Government to require surveillance and control measures all across the internet. So it looks like the big content holders have managed to get their way all in the name of “National Security”.
Google Fined $22.5 Million For Traking Safari Users, Too Bad It Will Not Stop This In The Future
Google has agreed to settle with the FTC over accusations that they bypassed security features in Safari to track users’ internet habits. Although Google often comments that they maintain the highest privacy and security standards for its users they have been repeatedly in the news for violations of privacy. Let’s face it, Google wants and needs data they really do not care so much about how they get it as long as they do. They have been in trouble over street view, Google Maps, Google Docs, Chrome, and now for tracking people when they specifically use features to prevent them from being tracked.
Cisco Feeling the Effects Of Forcing The Cloud On A Market That Does Not Want It
Cisco is now facing exactly what we think will happen when people realize how tied down they will be with Windows 8. The networking giant attempted to force people that own their Linksys consumer line of wireless routers to use their cloud services to control simple management and administrative items in these devices. According to most reports the shift came after an automatic firmware update. This meant that most of the users complaining were never given the chance to accept this. According to some reports the update was required to continue using the product at all.
Drone Makers Try Out a Code of Conduct, But Will It Be Enough?
Last week we published an article that highlighted the work of a group of students at the University of Texas led by Professor Todd Humphreys. During an impressive demonstration they were able to bring a commercial drone (the same type is also used by Law Enforcement) down by spoofing the GPS data sent to it during navigation. The flaw was found in just about any Drone that uses the civil GPS system (which also could apply to many other devices) and does not include encrypted GPS applications yet although the research did show that with the right equipment even encrypted GPS systems could be vulnerable.
Orbitz Driving Mac Owners to Higher Priced Offerings Than PC Owners
It is a common comment that the people that buy Apple products will pay more to get less. Although there are some that have “done the math” and calculated the hardware costs a proof of this it is still not where near a “fact” (it is fun to say though). People tend to like what they like and will pay for what they want. As I was told before during a class on sales “a good deal is a state of mind”. If you think it is a good deal then, guess what, it is.
Facebook Has Changed Your Default Email... Without Permission or Notice
When the movie “The Social Network” came out it depicted Mark Zuckerberg as a person with, let’s say, control issues. Both Zuckerberg and Facebook tried to play this down and say that he was and is not really like that. The problem is that time and time again the corporate personality injected into Facebook by Zuckerberg keeps rearing its massively ugly head.
Firefox "New Tab" Feature Using Screen Shots of Browsing Sessions Including Banking Visits...
Firefox has caught up with Google’s Chrome browser when it comes to insecurity. After forcing updates on unsuspecting users (we turn on the computer the other day to be told it was already updated) the newest version of Firefox apparently takes screen shots of your pages to put them into their Tab-Thumbnail view including sites that might be encrypted or secure connections (like your banking information). This is a pretty big privacy issue and one that has quite a few people upset.
Google and Apple's War Over Maps Could Lead to Even Greater Privacy Invasions With The Use of Spy Planes
As we race toward a day when we might not have any real privacy we are wondering where things will actually stop and where the general public’s rights come in and corporate “rights” actually stop. During all of the privacy debates over Facebook, Google and many others that seem to view personal data as a commodity to be traded for cash one thing has been repeated over and over again. This is “do users of online services have a reasonable expectation of privacy?” We have heard this one bandied about by Congress Men and Women, Facebook and Google Lawyers and even legal scholars seem to be unable to answer this.