FireEye new report -APT28 coming from Russian government

FireEye report and what is in it: This report says what we knew – a major attack vector is coming from Russia. Russia  is attacking us and others  (East European interests) the first takeaway is the very targeted nature of an attack on the Georgian journalist covering the Caucasus. The email claimed to originate from … Read more

What is Risk level regarding IT Security concerns?

How does IT Security rank with respect to other company risks? There are always risks in life for individuals, and so there are risks for companies  as well. In IT risk revolves around data protection (Denial of Service as well as network or equipment failures), continuity of service, preventing IT security breaches, PC life cycle … Read more

Patch your cisco routers

This is a fix to a long outstanding remote code execution bug – post from Threatpost Dennis Fisher discusses the basics of this issue this is a bug from 2011 (sic) and could cause someone to access your older Cisco router pax-pentest.com has a list of the telnet Metasploit payloads Here are the relevant entries: … Read more

My IT is outsourced – I don’t worry about security

Recently I had a discussion with an executive, and he said he outsourced his IT functions, so I don’t have to worry about it anymore.  Is that right? So i searched for a theoretical talk… —————————————————————————————————————————- Black hat 2014 had several talks about Cyberspace security – Jason Healy discussed how to save Cyberspace SEP = … Read more

Escalation Privilege threats – What’s the big deal?

Mitre has a nice article on how thin client technology with Secure Remote Peripheral Encryption Tunnels (SeRPEnT). Their image shows how a thin client can have a trusted connection to the server and thus have a trusted connection to the server.     The article pushes thin clients and as we all know thin clients can … Read more