Archive by Author

DHS orders DNS security for federal agencies

DHS has ordered that federal agencies must update the security of their DNS, all while the government shutdown continues. The move is in response to reports from FireEye and Talos that attackers have been compromising DNS and using that access to issue fraudulent TLS certificates. During incident response engagements with Rendition Infosec customers, we have […]

Jonathan Ham Joins Rendition Infosec

Today, we are proud to announce that Jonathan Ham is is joining Rendition Infosec as our new Threat Hunting Operations Lead. Jonathan is a network forensics and defensive cyber operations expert with more than two decades of experience in the field. Jonathan literally wrote the book on network forensics (as well as the first mainstream […]

51% Attack on Ethereum Classic

Discussing 51% Attacks on Blockchain Applications In this webcast, we discuss the 51% attack on the cryptocurrency Ethereum Classic. There are multiple concerns when implementing a blockchain that come from any decentralized proof of work platform. We strongly advise clients to consider the following before deploying a blockchain solution: Do you benefit from having a […]

Equifax Report Demonstrates Why Culture Matters

According to the Congressional report on Equifax, a root cause of the breach was that Equifax moved the IT security team out from under IT due to “fundamental disagreements.” Although this is highlighted as a shortcoming in the report, in my opinion, this is misguided.  In the vast majority of organizations, infosec shouldn’t be under […]

Super Micro Hardware Backdoors

Today, Bloomberg published an article claiming that at least some Super Micro motherboards contained hardware backdoors. While we don’t have any inside information, we’ve been fielding several calls from clients about actions they should take and wanted to expand our thoughts on this outside our existing customer base. To begin, it’s important to note that […]

Facebook Breach Webcast

Today Rendition Infosec presented a webcast on the Facebook API breach. We covered what we know and what we don’t about the breach up to this point. Note: the audio has a few issues. I apologize for some audio problems we had due to a user interface issue with our webcast provider. We’ve fixed it […]