Discussion of public breaches of security
Reading the Oversitesentry 30 Security Analysis posts I was struck by the recurring theme of detection avoidance and obfuscation is the name of the criminal game. Specifically: Rapid7’s Blog post¹ on how attackers evade SIEM (Security Information event Manager) and the interesting post by Drops² about obfuscation by Windows programs that run in the 64bit … Read more
Although on December 7th is another year gone by for remembering Pearl Harbor attack in 1941 (74 years ago) I want to focus on the suprise attack angle. Tora Tora Tora トラ・トラ・トラ means “We have achieved complete surprise” in Japanese codeword. A translation is Tiger. Tora (Tορα) is translated to “now” from Greek. Torah … Read more
Checking your Logs for anomalies is getting more difficult as time goes on. There is a new report out by FOX IT¹ and the report dissects a long running botnet (botnet is a program that connects to itself across the Internet). This botnet may be considered the largest and longest running as it started around … Read more
The latest shoe to drop for Internet security? http://lgms.nl/blog-2 Luc Gommans, a student at Roermond, Netherlands. Although he is also working at HBO Software Engineering and Cyber Security. Has put together a test for the most basic connection of the Internet… a TCP handshake test. He goes on to explain a Man in the … Read more
Samy Kamkar is at it again: http://www.net-security.org/secworld.php?id=19155 Samy Kamkar is a unique hacker as he hacks with small hardware devices such as his previous device OpenSesame(Opens garage doors): http://oversitesentry.com/hackers-find-ways-to-attack/ My last post was to explain the process of hacking a bit, which Samy uses to just figure out a way to do things … Read more
