Using Python to Decrypt Dispind.A and Helminth HTTP Beacons

Posted on May 30th, 2016

Microsoft’s Windows Defender Advanced Threat Hunting Team and Palo Alto’s Unit 42 recently published some great technical writes up that detail targeted attacks, PLATINUM and OilRig, respectively. The reports are great because they provide some actionable intelligence for network defenders to detect malicious activity. The reports also go into great detail about how the attackers […]

ImageMagick Undocumented Feature – RCE (CVE-2016-3714)

Posted on May 9th, 2016

Overview: This past week a very interesting vulnerability (CVE-2016-3714) came out affecting ImageMagick – software used to convert, edit, and manipulate images. The main attack vectors for the vulnerability are going to be web applications that leverage the software for image modification. Now the software package adds some additional functionality for us attackers #RCE 🙂 […]

Web Hacking with Burp Suite 101

Posted on April 6th, 2016

< Overview > In this talk, we’ll walk through utilizing one of the most popular web vulnerability testing frameworks Burp Suite. During this presentation we will cover the process of how to conduct a successful web penetration tests, while utilizing Burp Suite’s features and tools (Free and Pro Version). This discussion will also cover realistic […]

Image

Error Messages Matter

Posted on March 9th, 2016

There is no single tool that will protect your network from sophisticated actors. The biggest advantage in defending a network starts with staff that understand the terrain – hopefully better than the adversary. The biggest killer of an effective team can be tools that generate volumes of alerts or data that do not provide meaningful […]

InfoSec News Summary 02/26/2016

Posted on February 26th, 2016

Hacker Backdoored Linux Mint Repo: Hacked web application + posted backdoored ISOs Ransomware springboards from WordPress to Joomla domains Drupal 6 EOL February 24th 2016 Operation Blockbuster Reveals Information Behind the Lazarus APT Group Drupal Updates Fixes 10 Vulnerabilities including a Critical Access Bypass Anticipated High Severity OpenSSL Patch to be Released Tuesday March 1st […]

InfoSec News Summary 02/19/2016

Posted on February 19th, 2016

glibc Vulnerability: A stack based buffer overflow in the “getadrrinfo” function in glibc is currently trending as a critical severity vulnerability.  The full scope of affected products are not currently none, but are suspected to include linux binaries such as ssh, sudo, and curl.  The vulnerability should be patched across Linux distributions leveraging all versions […]