Netrepser is a JavaScript (JavaScript ≠ Java) Trojan designed for espionage purposes. This was detected and reported by Bitdefender on May 5, 2017. Believed to be of Russian origin, the common distribution of this Trojan is by Email. However, its JavaScript nature suggests that this may be able to cause infections in web-based “Drive-By Download” […]
Centralization, Decentralization, and AI
A couple of months ago, Bruce Schneier wrote a great post entitled “Security Orchestration and Incident Response”. The discussion ultimately morphed into AI and Machine learning, but put forth two Universal Truths regarding computer networks: When things are uncertain, you want your systems to be decentralized. When things are certain, it is more important to […]
BOLO: New “Jaff” RansomWare
Yesterday, May 11, 2017 a new type of ransomware was released called “Jaff”. This is spread via the Necurs Botnet using Email as the transmission media. Considering last weeks exploits of Google Gmail accounts, I suspect this will eventually migrate to appear as Emails from legitimate friends. Beware of any emails with the subject lines […]
Windows Patch Tuesday: 5/9/2017
This weeks Patch Tuesday update from Microsoft contain more critical fixes for the Graphics Device Interface (GDI) within Windows systems. This will require a reboot. Affected software: All supported releases of Microsoft Windows Affected editions of Microsoft Office 2007 and Microsoft Office 2010 Affected editions of Skype for Business 2016, Microsoft Lync 2013, and Microsoft […]
BOLO: Critical Update – Windows AntiMalware
Microsoft is pushing an out-of-band Critical Update that fixes issues with their AntiMalware Protection Engine. This affects Security Essentials, Windows Defender, Endpoint Protection, etc. The bug allows for remote code execution from hackers and allows them to take control of your PC. More details can be found in Microsoft Security Advisory 4022344. This is also […]
BOLO: Intel Chip Zero-Day Vulnerability
Be advised that computers with Intel chip sets ship with a management tool called Active Management Technology (Intel AMT). This service runs on TCP/IP Ports 16992 and 16993. Attackers can gain complete control over the PC through a password authentication flaw. Interestingly, some peripherals, such as the Mouse and Keyboard, can be controlled even when […]
Top Attacking Countries: April 2017
From WordFence’s monthly summaries:
Two PHP and WordPress Security Tips
If you have file transfer access to your WordPress site, use a simple text editor and create a file called “.htaccess” that consists of the following lines. These are the most often exploited folders (wp-includes and plugins) within WordPress. The syntax differs between Apache 2.2 and Apache 2.4 Apache 2.2: Order Deny,Allow <Files *.php> deny […]
Security & Ambient Light Sensors
A couple of months ago I was reading a write-up about video camera drones that can fly outside a window and take pictures of a target’s blinking hard drive activity LED. Not that you can gain any useful information from that; but it can be used by hostile entities to see if a hack on […]
The Greatest Unsolved Mysteries
On the whimsical side, here’s a fantastic graphic illustrating the 10 greatest unsolved mysteries of all time!