From The Blog
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 730 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 365 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 716 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 537 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 658 times Read more...
-
Leaked Data from Duolingo incident Shows US is most Impacted
Written by Sean KalinichDuolingo, is a language learning site (not to be confused with an LLM) and has a very large base of users. The site is a…Written on Tuesday, 29 August 2023 19:12 in Security Talk Read 1084 times Read more...
-
We talk about the Ransomware Threat Landscape with SecureWorks at Black Hat 2023
Written by Sean KalinichBlack Hat 2023 – Las Vegas, NV – One of my personal focuses is understanding the “Why” behind changes in the threat landscape. In simple…Written on Tuesday, 29 August 2023 18:26 in Security Talk Read 589 times Read more...
-
Now Patched Flaw Leverages Abandoned Reply URL found in Entra ID allows for Privilege Escalation
Written by Sean KalinichMicrosoft has not been having the greatest of months. First it was identified that a stollen MSA signing key was used by a Nation State…Written on Monday, 28 August 2023 15:39 in Security Talk Read 1308 times Read more...
-
Qrypt Looking to Attack the Inefficiencies in Quantum Encryption to make Quantum Secure Communication a Reality Today
Written by Sean KalinichBlack Hat 2023, Las Vegas – At Black Hat one of my favorite things to do is see what the latest buzzword(s)/phrases are. One of…Written on Monday, 28 August 2023 12:53 in Security Talk Read 807 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 115438 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 85233 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 79558 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 78523 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 68370 times Read more...
Displaying items by tag: Privacy Laws
Google Finds a Sneaky Way to Keep Tracking Paid Workspace Users
Google has a bit of a history (understatement) of abusing data collection and sneaking in ways to continue collecting data on its users. This type of collection is all in service to their ad business. They want to be able to send targeted ads to users and the only way to do that is to collection information about them. This pattern of behavior has led to more than one lawsuit in the past based on the way they word turning features on or off and what they collect. Even Google’s current proposed solution to excessive data collection for targeted ads is confusing and seems like nothing more than a way to maintain control of the collection process.
Microsoft cares about your privacy
![]() |
Microsoft has embarked on a campaign claiming that they are concerned about your privacy on the internet. The campaign is a direct attack at Google who does not have the best track record when it comes to protecting people’s privacy. In fact Google is currently under investigation for establishing policies that violate EU privacy laws. Microsoft is taking advantage of commotion around Google’s privacy problems to try and bring people over to their side. This move, when looked at is as interesting as it is funny.
Does DEA Note leaked to CNET Show a Need for New Laws Or Incompetence?
![]() |
Remember the news we brought you about the FBI and other law enforcement agencies wanting more power to dig into your electronic communication? Well we have been forwarded an interesting follow on article today that looks like an opening shot in the campaign to get laws passed to extend these powers. The article was published on cnet and raises concerns about what our government is willing to do to get their way and require ISPs to put in real-time monitoring hardware and systems. These systems could potentially allow for broad harvesting of electronic communication without the need for a warrant (if CISPA and other bills are passed as well).
Facebook Scanning User Posts AND Private Messages; Claims They Are Looking For Illegal Activity
![]() |
It looks like Facebook has already begun sharing user information with Law Enforcement; possibly without consent and in violation of some wiretapping laws. The news comes on the heels of a Reuters Interview with an investigator for the Florida Department of Law Enforcement. In this interview Jeffrey Duncan said that Facebook contacts law enforcement when they find a post or conversation (through the Facebook messaging system) that contains possible criminal activity.
Google Fined $22.5 Million For Traking Safari Users, Too Bad It Will Not Stop This In The Future
![]() |
Google has agreed to settle with the FTC over accusations that they bypassed security features in Safari to track users’ internet habits. Although Google often comments that they maintain the highest privacy and security standards for its users they have been repeatedly in the news for violations of privacy. Let’s face it, Google wants and needs data they really do not care so much about how they get it as long as they do. They have been in trouble over street view, Google Maps, Google Docs, Chrome, and now for tracking people when they specifically use features to prevent them from being tracked.
Drone Makers Try Out a Code of Conduct, But Will It Be Enough?
![]() |
Last week we published an article that highlighted the work of a group of students at the University of Texas led by Professor Todd Humphreys. During an impressive demonstration they were able to bring a commercial drone (the same type is also used by Law Enforcement) down by spoofing the GPS data sent to it during navigation. The flaw was found in just about any Drone that uses the civil GPS system (which also could apply to many other devices) and does not include encrypted GPS applications yet although the research did show that with the right equipment even encrypted GPS systems could be vulnerable.
A Tiny Portion of the Facebook News for the Week Ending On 5/12/2012
Google has been competing with Facebook for a long time. This goes back to before the launch of their Google+ social networking service. We have honestly never bothered to see what the original reasons for the competition are since the two companies originally did not even operate in the same market space. Google is all about ads and Facebook is really all about gathering… Ah there it is. So now that we have hit the nail on the head so to speak let’s talk about this little rivalry along with some of the fun stuff that is rumored to be going on and that is really going on.
Microsoft Playing the PR Game with CISPA...
It seems that Microsoft is working the PR angle again. First we saw this when it was obvious that public opinion was turning against it with SOPA and PIPA. They distanced themselves from the BSA (Business Software Alliance) and then released a statement saying that they could not support SOPA in its current incarnation. This time Microsoft is doing the PR shift with CISPA. They released a statement to CNET saying pretty much the same thing while not really opposing the actual bill or its ramifications.
Just How Much Data Does Your Phone Collect and Transmit About You?
The explosion of the smart phone tied to the sudden need for people to post where they are and what they are doing every minute of the day has led to some rather interesting consequences. We all have heard the numerous reports of applications that are taking your personal data right off of your phone and then either selling it or using it to push their own applications… which reminds us… what ever happened to all those congressional requests and demands? Anyway getting back to the point we have even heard how one application (now pulled from distribution) used public Facebook profiles combined with check-ins on the Facebook game Four Square to allow almost anyone to stalk nearby women.
Give Up Your Facebook; or You Won't Get Hired...
Facebook has not always been on the side of user privacy. In fact they have gotten into hot water about many of the features that they want to, and indeed have implemented. These are features like auto-tagging and facial recognition, the use of user pictures for their targeted ads. Storing user information after the user deletes it and even keeping deleted profiles after the user leaves Facebook. Now in what could be a PR move (and probably is) or could really be their concern over a new issue Facebook is telling users not to disclose their Facebook account passwords to employers, potential employers or during interviews.