Yesterday, Google Project Zero announced that they discovered a campaign exploiting a wide range of iPhone models and iOS versions in the wild. Google shared details about the exploits and the malware, but little about the campaign itself. This may be to protect business interests or it may be to stop a panic of those […]
Archive | Uncategorized
Twas the night before infosec Christmas – 2018 Edition
UncategorizedTwas the night before Christmas and all over the ‘net, Not a creature was stirring except China hacking Tibet. The IPS were strung by the egress with care, In hopes that St WannaCry soon would be stopped there. The children were nestled all snug in their beds, While IoT devices mined the dreams from their […]
Equifax Report Demonstrates Why Culture Matters
UncategorizedAccording to the Congressional report on Equifax, a root cause of the breach was that Equifax moved the IT security team out from under IT due to “fundamental disagreements.” Although this is highlighted as a shortcoming in the report, in my opinion, this is misguided. In the vast majority of organizations, infosec shouldn’t be under […]
Facebook Breach Webcast
UncategorizedToday Rendition Infosec presented a webcast on the Facebook API breach. We covered what we know and what we don’t about the breach up to this point. Note: the audio has a few issues. I apologize for some audio problems we had due to a user interface issue with our webcast provider. We’ve fixed it […]
It’s 10pm, do you know where your API keys are?
UncategorizedYesterday, the social media archival service Timehop announced that they had suffered a breach. The service allows users to look back through their social media feeds to see what was happening last year for instance. In order to facilitate this, Timehop stores API keys for users’ social media accounts. Timehop did a great job disabling […]
ICE Subpoenas Information About Infosec Researcher
UncategorizedYesterday, Zack Whittaker from ZDNet published a story about ICE attempting to gain information about a Twitter user who publishes information about data left exposed on the Internet. This is likely about export control regulations, but even if so, it is precedent setting. In this post, I share some thoughts on how this may change […]
Infosec Advent Challenge #14 posted – Linux syslog analysis
Infosec Advent UncategorizedWe’ve posted the 14th challenge in the “Infosec Advent” series. This one is a Linux server intrusion case. You get syslog and auth.log. Unfortunately that’s all that was being forwarded. We have some Linux syslog and authentication logs download here. Download and analyze the logs for signs of intrusion. Based on the log data, let us […]
Rendition Infosec Enters Into Strategic Partnership With Cybereason
UncategorizedLeading information security firm to tap Cybereason’s vast experience and expertise in endpoint detection and response. Augusta, Georgia – October 3, 2017 – Rendition Infosec, the nation’s leading provider of information security solutions and consultation, today announced that the company has partnered with Cybereason and that the company will immediately begin providing Cybereason’s industry […]
An important consideration for “bug bounty” programs
UncategorizedThe US DoJ recently released guidance on running vulnerability disclosure programs (aka bug bounties). The document is nothing earth shattering, but does provide some free advice to organizations considering such programs. Rendition’s advice to organizations considering a bug bounty program? Think VERY carefully about how it will impact your monitoring and detection strategies. People looking […]
Is Kaspersky “inappropriately removing” files?
UncategorizedIn a Reuters article yesterday, former FBI employees commented on the case investigating Kaspersky and reported a serious allegation against the Russian antivirus giant. According to the article: Two former employees and a person briefed on the FBI case told Reuters that Kaspersky software has at times inappropriately inspected and removed files from users’ machines […]