Mitre has a nice article on how thin client technology with Secure Remote Peripheral Encryption Tunnels (SeRPEnT). Their image shows how a thin client can have a trusted connection to the server and thus have a trusted connection to the server. The article pushes thin clients and as we all know thin clients can … Read more
Brian Krebs broke the story again, since he reviews the bank fraud channels, as well as the crook channels in Russia and elsewhere at times. Tripwire has a good video that explains how the cards are sold – it is a company which creates many IT security products. I have used Tripwire File Integrity and … Read more
Internet Storm Center discusses the month of CSAM false positives: ” The HUGE problem with this is false positives and false negatives.” Fortinet Blog post discusses the pressure on IT decision makers Wired story has Gonen Fink, the CEO of LightCyber, writing about how we need better products reviewing the false positives (a false positive is … Read more
A customer handed me a computer that was infected with Cryptowall 2.0 With this message: I cleaned the computer of the virus portion of the problem, but unfortunately as on many sites explaining this issue: http://www.bleepingcomputer.com/forums/t/552103/updated-cryptowall-20-ransomware-released-that-makes-it-harder-to-recover-files/ In the several guides on the Net, the best one in my opinion is this one: http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information I … Read more
Wednesday evening we ran a bash script command against a lab computer which was designed to be vulnerable Downloaded a system .iso file from http://www.vulnhub.com It is from the Pentester Lab section https://twitter.com/PentesterLab/status/515079459284594688 then started the computer (now I had a test lab computer system) Then ran the above command on a Kali Linux machine … Read more