SecurityThreats

Microsoft’s WMI (Windows Management Infrastructure) presentation by Matt Graeber at BlackHat 2015: https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf You can easily see from the diagram that WMI is integral to Windows technologies.  Matt goes on to create PowerShell code which queries all WMI classes and namespaces. Some interesting class paths that i found interesting: CIMV2:Win32_BIOS CIMV2:Win32_AllocatedResource and more PowerShell  seems to … Read more

2 Wired articles : http://www.wired.com/2015/07/senate-bill-seeks-standards-cars-defenses-hackers/ http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/ The articles discuss  how one industry is using the new Internet connected services and devices to give more functionality to their customers. That’s great right? So what did 2 researchers do 2011? they connected a laptop and controlled the car through the diagnostic connector. The auto industry laughed at … Read more

http://www.darkreading.com/cloud/inside-a-vicious-ddos-attack/a/d-id/1321286 has the full story – it is worth your time for you to read it.   The technical overview by the CEO is the following (from article): { The assailants hit with 10- to 15 gigabytes per second (Gbps) of traffic – 250 times our standard rate. When I called my peers in banking and … Read more

The X-force Blog has a good post about Platform as a Service (PaaS) cloud   (#28 in Security analyzed page) http://securityintelligence.com/platform-as-a-service-paas-cloud-side-channel-attacks-part-ii/#.VZq8NflglmM   The Platform as a Service is a certain kind of Cloud service.  In some cloud services your data resides on machines dedicated for your company (IaaS) – Infrastructure as a Service. In PaaS … Read more