DecryptedTech

Tuesday05 July 2022

Displaying items by tag: Security

A few days ago we published an article that covered a leaked batch of emails that showed Kaspersky has worked with the Russian Government. We also covered that the pieces of the emails that were published were completely out of context, and also are nothing out of the ordinary for a company that has a contract with a Government body. Kaspersky's denial of cooperation is also nothing new, so why the big deal in the media? Well we might have found a few pieces to that puzzle which would certainly explain the big push to discredit Kaspersky.

Published in Leaks and Rumors

Questionable security practices aside, it seems that just about every "big" scandal lately has had leaked emails as some sort of component. In the latest such scandal we find that leaked Kaspersky emails are at the core of the US National Security policy maker's concerns over the company and the use of the product inside the US. According to "internal company emails obtained by Bloomberg Businessweek" Kaspersky has had a rather close relationship with Russian intelligence agencies.

Published in Editorials

WikiLeaks is at it again with their "Vault 7" releases. This time part of the dump features a nice little took kit for continued exploitation of some Linux systems. The tool kit is called OutlawCountry and is, to be perfectly honest, not much more than a remote management, monitoring and exfiltration tool. It is intended to run in the background on a system after a vulnerability has been exploited to allow the payload to be pushed. It looks very similar to a tool that the NSA used for years and has now become the commercial product Kaseya.

Published in Editorials
Thursday, 29 June 2017 15:44

What was uncle Petya really doing?

For the last couple of days the world has been buzzing with news about the Petya malware. When the news of the outbreak broke on Tuesday morning, it was all about a new ransomware that was spreading around the globe. References to WannaCry were made and fingers pointed to the use of the same NSA exploit as the attack vector. However, Petya was not really like WannaCry in that there was no “kill-switch”. Wednesday morning the big players in the anti-malware and security markets had sent out their “what you should know emails” and a low-grade form of panic hit many enterprises.

Published in News

Remote management and access tools are great things for IT staff to use, but if they are not set up correctly or they have bugs hidden in the code they can quickly become a nightmare. Intel’s AMT (Active Management Technology) suite of tools recently was found to have a rather nasty little surprise hidden in them. It seems that a flaw in the way their SOL (Serial on LAN) tool runs combined with the way Windows deals with AMT allowed attackers to use AMT to deploy malware and to exfiltrate data from a compromised system.

Published in News

The Internet of Things, or IoT, Connected Devices, Smart devices whatever you want to call them have become a fixture in most homes. It has gotten to the point where you have to look hard to find a device that is not “Smart”. Manufacturers love to push the marketing term smart onto the consumer as it becomes a value add proposal; hey this can do all of this and you can control it using your phone from anywhere. What they do not disclose is exactly how insecure these devices are and how much privacy you can end up giving up just by having them in your home.

Published in Editorials

If you have been paying attention to the technical news lately you might have noticed more than a few articles pointing fingers back and forth between the AntiMalware company Cylance and the… well the industry. The argument (if you have not already read about it) goes something like this; the big AV/AM companies are accusing Cylance of stacking the deck in their favor when they demo their product against the competition. Cylance, for their part, claims that they provide a realistic test in comparison to what is usually done when it comes to AV/AM testing. Both sides have their points and it calls into question something that exists in all levels of the technical press and testing bodies; real world vs scripted testing.

Published in Editorials

Black Hat 2016, Las Vegas, NV
We had the chance to sit down with Chris Carlson, vice president of product management for Qualys and talk a little about what Qualys is up to and where they are moving to in the security market. For many Qualys is a name that brings vulnerability management and reporting   to mind. This is due to the fact that this has been their bread and butter for a number of years. Now they are moving into new verticals in the market to expand on their knowledge in this arena. One of the highlights of the talk was in coving their Cloud Agent which brings a whole new set of features to the Qualys product line.

Published in Shows and Events

Last year at Black Hat we had an interesting conversation with Tammy Moskites from Venafi. Although Tammy is both the CIO and CISO of Venafi the conversation did not focus on that company or the product as a whole. Instead we talked at length about trust and controlling the keys to data and devices. This conversation is still a very important one as continue to see attacks and vulnerabilities in the systems that control access to and the encryption of important data.

Published in Shows and Events
Thursday, 14 July 2016 10:29

As printers become smarter so do the bad guys

These days it is not unheard of for something as simple as a printer to have all sorts of bells and whistles. You can find wireless, remote file access, remote (web) printing and more. These devices also have very advanced controls that are often accessible through a web interface. All of this technology can be had for very little money making advanced printers a common thing in the market. The downside? Well there is also very little security in these products. Walking through a business the other day with my WiFi sniffer on I found multiple, unprotected wireless networks screaming at me to join. Without exception these were all printers connected to the company’s network. All easy prey if I was up to no good.

Published in News
Page 10 of 46