Rendition Infosec completed a new scan overnight for DOUBLEPULSAR scans and the number of infections continues to rise, though only slightly. For liability reasons, Rendition is not performing the vulnerability scan to determine vulnerable hosts. Rendition only communicates with hosts to determine if DOUBLEPULSAR is present on a machine. At this time, Rendition is only scanning for the […]
Archive | April, 2017
DOUBLEPULSAR Infections On The Rise
DOUBLEPULSAR Shadow Brokers UncategorizedAs you have probably heard, a group known as the Shadow Brokers released a large cache of Windows tools and exploits. One of the exploits installs a kernel mode implant known as DOUBLEPULSAR. There have been several good articles written on DOUBLEPULSAR already, so I won’t detail repeat that work here. Several of the Windows […]
The “Digital Geneva Convention” – without attribution, it’s smoke and mirrors
Cyber Attribution Cyber Policy / Law Cyber Threat IntelligenceMicrosoft released their idea of a “Digital Geneva Convention” to help normalize behavior on the cyber battlefield. The document, linked here, is generally well written and documents the need for a document of its type. The problems start by the second paragraph where a “Digital Geneva Convention” is compared to other non-proliferation treaties, such as those […]
Business impact of Shadow Brokers release of Windows exploits
UncategorizedOn April 14, 2017 the Shadow Brokers released another cache of files. This cache of files apparently contains the Windows tools and exploits hinted at in the January 8, 2017 directory listing of files, very few of which were released. Early reports indicated that the Windows files contained multiple zero day exploits. However, this was […]
Rendition InfoSec CEO Speaking At Central Ohio Infosec Summit
Press ReleasesRendition InfoSec CEO Speaking At Central Ohio InfoSec Summit Leading information security industry expert to speak on Healthcare Incident Response at top industry event. Augusta, Georgia – April 18, 2017 – Rendition InfoSec, the nation’s leading provider of information security solutions and consultation, today announced that company CEO and Principal Consultant Brandon McCrillis will be […]
Corporate Business Impact of Newest Shadow Brokers Dump
Cyber Attribution Cyber Threat Intelligence Hackers Hacktivism Shadow Brokers TableTop Exercises Threat ModelYesterday, the Shadow Brokers released the password for the encrypted zip file they seeded last year (link). This release gives threat intelligence teams unprecedented insight into the capabilities of the Equation Group Hackers. The dump appears to contain only Linux and Unix tools and exploits, so organizations running only Windows don’t need to react to […]
Rendition InfoSec Founder Jake Williams To Teach At SANS 2017
Press ReleasesRendition InfoSec Founder Jake Williams To Teach At SANS 2017 Leading information security industry expert to teach SANS Institute’s most advanced course, Advanced Exploit Development for Penetration Testers (SEC760). Augusta, Georgia – April 5, 2017 – Rendition Infosec, the nation’s leading provider of information security solutions and consultation, today announced that company founder Jake Williams […]
In Your Face – Securing Digital Displays
Digital Displays Hackers Hacktivism Threat ModelOn Monday, a large publicly visible art exhibit in Spain that normally shows projections of modern art displayed pornography for 45 minutes. Per this story (in Spanish), the taxi drivers who viewed the porn while waiting for riders at a nearby train station were thrilled (pun definitely intended), but most people were understandably not happy. The […]
Wikileaks and the Marble Framework
Cyber Attribution Cyber Threat Intelligence WikiLeaksThis week, Wikileaks released CIA’s Marble framework. As Rendition Infosec works with many organizations on security and threat intelligence, we have been fielding calls asking what the release means for businesses. WikiLeaks suggests that the Marble framework can be used to confuse analysts into attributing CIA malware to Russia or China. Many of our customers […]