Mar 5, 2018 | Brief
Widespread SSL Certificate Revocation Disrupting Internet Transport Encryption with Further Disruption Planned for April and October On Wednesday, Trustico (a Symantec reseller) triggered the revocation of roughly 23,000 SSL/TLS certificates, in advance of April and...
Feb 26, 2018 | Brief
Increased attacker focus on exposed cloud services, specifically AWS Simple Storage Service (S3) Buckets Issue Amazon’s cloud-based Simple Storage Service Buckets, colloquially referred to as “S3 Buckets”, have been a recent focus of attackers and security...
Feb 20, 2018 | Brief
Theft of Newtek domains is a reminder to stay vigilant Issue Last week a web services company (Newtek) responsible for hosting over 100,000 e-commerce based websites and email servers had three of its core domains stolen. These domains originally hosted software...
Feb 12, 2018 | Brief
Smart devices add exposure and threat during a breach and are a source of intelligence and forensic data during incident response. Issue A common challenge in any incident response is figuring out how access was gained, which vulnerability or exploits were used, and...
Feb 5, 2018 | Brief
Strava heatmap exposes sensitive military bases invokes the law of unintended consequences. Issue Something as innocuous as a running application paired with cloud access and GPS location data allowed users to identify sensitive military and government bases and...
Jul 17, 2017 | Brief
Kaspersky anti-virus removed from two GSA Schedules Kaspersky Anti-Virus (AV) has been removed from two GSA (Government Services Administration) schedules, due to concerns that the Kremlin may use Kaspersky products to compromise US Government computers. A commonly...
