Well, here is the NSA document that Reality Winner sent off to The Intercept. A locally cached copied is here. sacrificed her job and freedom for. The document details a successful Russian hack back in in August of 2016. Russia’s military intelligence agency, GRU, attacked a voter roll software company called VR Systems. The information […]
A Funny Sign of Our Times
Having some fun with Visio and some Talking Heads. Enjoy!
BOLO: PowerPoint Order/Invoice Exploit
This is another Office document infection that can occur without the benefit of Macros. The active malware associated with this exploit is called “Zusy” and affects Microsoft PowerPoint. The infection occurs when the mouse is moved over (Mouse-Over) a warning hyperlink. PowerPoint inexplicably invokes PowerShell, allowing the exploit to install. When the user opens […]
Top Attacking Countries: May 2017
No change in the Top 4 countries on the list from WordFence’s April summary:
Foscam: A Chinese Disaster
Foscam, a Chinese manufacturer of IP Cameras, is a good example of what’s bad with the Internet of Things. They also demonstrate that low-cost *is* low-security. If you have a Foscam product, you might as well put a sign up saying, “Hack Me. I don’t care.” F-Secure released a report earlier this week detailing […]
Google Chrome 59 Released
On Monday, 6/2/2017, Google released a new version of their Chrome browser, version 59. It addresses It fixes 30 bugs in all, 5 of them of High priority. Google shelled out $23,500 to external researchers as part of their Bug Bounty program. Here are the particulars: https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html Upgrading is pretty easy. Click on the three vertical […]
‘Twas a Three Dog Night
So it came to pass, back in my old Timeplex days, that I was conducting an evaluation of the new Quad Synchronous Port (QSP) modules. In the Link family of multiplexers, it was the first use of ASICs (Applicaton Specific Integrated Circuits), so DIP switches and FPGAs (Field Programmable Gate Arrays) were eliminated. The product […]
SAMBA Bugs: Is Your NAS Updated?
Samba is the Server Message Block protocol implementation on Unix boxes. There have been a couple of exploits that the Samba group has fixed, including the Unix equivalent of the EternalBlue exploit used in the recent WannaCry(pt) ransomware attacks. As per CVE-2017-7494, April 4, 2017: “Samba since version 3.5.0 is vulnerable to remote code execution […]
BOLO: FireBall Browser Malware
Checkpoint Software Technologies reported an outbreak of browser-based Malware called “FireBall“. This malware delivers unwanted ads and popups and completely takes over your web browsers. It was created by the Chinese advertising company, “Rafotech“. FireBall gets installed as a bundle from other legitimate programs downloaded from the Internet. However, it has a great deal […]
HIPAA: Ransomware IS a Breach
Effective June 11, 2016, HHS issued new rulings regarding Ransomware. Previously, since breach of PHI could not be ascertained in Ransomware infections, reporting was not necessary. With the new rule changes, Ransomware reporting is mandatory. The HHS findings can be found here: https://www.hhs.gov/sites/default/files/RansomwareFactSheet.pdf Methodology on Report Filing can can be found here: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf The […]