-
Vince Kelly commented on the post, Week 1 Update, on the site 5 years, 11 months ago
Thank you Jason. Completely understand and agree Jason – I guess its more a issue of quibbling/semantics. I don’t believe that dirtyc0w is a privilege escalation method at all, its simply a tool that can be used as part of privilege escalation – right? In other words, dirtyc0w itself doesn’t ‘do’ the privilege escalation any more than the C…[Read more]
-
Vince Kelly commented on the post, Week 1 Update, on the site 5 years, 11 months ago
Mark,
First, thank you for your service. Totally agree with your assessment. In addition, what was worrisome to me was the observation about exploits that fall outside of the orderly scanning and patching process – for example the iPhone leveraging a nearby accelerometer to detect what someone typed. I seem to recall several years ago…[Read more] -
Vince Kelly commented on the post, Week 1 Update, on the site 5 years, 11 months ago
good points. I wonder how long before the ramifications of having lax IoT security begin to manifest themselves in unexpected ways – Insurance companies refusing coverage to an company because it hasn’t upgraded it’s old SCADA controllers, 4th amendment issues with a law enforcement agency hacking into a driver-less car in order to determine…[Read more]
-
Vince Kelly commented on the post, Week 2 Update, on the site 5 years, 11 months ago
…follow-up to the initial story:
Pentagon reviews policy after fitness app reveals military locations
https://finance.yahoo.com/news/pentagon-reviews-policy-fitness-app-225200741.html“US Defense Secretary Jim Mattis has ordered a review of the [fitness tracking smart phone] situation”,
‘In a statement, the Pentagon said, “We take…[Read more]
-
Vince Kelly commented on the post, Week 3 Update, on the site 5 years, 11 months ago
sorry, it looks like this blogging software truncated the config file text (I guess ya get what you pay for;). Here is the cut & paste of the configuration file again:
”Centos7 VM for VboxVMLab NGNE Fundamentals
base VM NO Software Installed
user=xxxxxxxxxxxxxxxxxxxxxxxxxxx
password=xxxxxxxxxxxxxxxxxxxxxxxall openstack…[Read more]
-
Vince Kelly commented on the post, Week 3 Update, on the site 5 years, 11 months ago
…..posting the XML failed a second time. I think this el-cheapo blogging tool may be trying to interpret the XML statements – so you’ll have to check it out on your own or send me an email and I’ll reply with the text
-
Vince Kelly commented on the post, Week 3 Update, on the site 5 years, 11 months ago
Great post Sev – the key points were nicely laid out. The impression that I came away with after reading the paper was that the recommendations made in the SANS article seemed to me like they were preparing to ‘fight the next war using weapons and implements from the last war’ The document seemed to take a perspective more along the lines of…[Read more]
-
Vince Kelly commented on the post, Week 4 Update, on the site 5 years, 11 months ago
yes, just a Surface Pro 4. If you have Windows10 it comes with it. I did a write up on how to turn it on and configure VMs over the last couple of weeks – *EXTREMELY* easy to do and use!!!!
Obviously, all those .iso’s and VM files suck up a lot of disk space – but then you’ve got that problem anyway for any hypervisor,. I just didn’t want…[Read more]
-
Vince Kelly commented on the post, Week 4 Update, on the site 5 years, 11 months ago
Interesting post Shi, thanks. It seems like a bit of a stretch thought don’t you think? It assumes the malware can be planted and then happily just sit there regulating/manipulating the workloads without being detected?
I guess you never know:)
Good point on wireless – I seem to recall that several of the early versions of Wireless NIC’s…[Read more]
-
Vince Kelly commented on the post, Week 5 Update, on the site 5 years, 11 months ago
Guys,
I totally agree! it is outrageous what these companies get away with. To Jason’s (rhetorical) question “When will companies learn that the most important response to a security incident is transparency and strong communication to stakeholder?”That’ll happen on the day that it becomes too hard, expensive or too embarrassing not to…[Read more]
-
Vince Kelly commented on the post, Progress Report for Week Ending, February 23, on the site 5 years, 11 months ago
Interesting Zirui. The Slingshot article that I posted also uses its own memory resident virtual file system – although it doesn’t attack or use Windows based operating systems (so it doesn’t exploit WMI or PowerShell tools described in your article as a means of attack).
I guess that one implication here may be that pure signature based…[Read more]
-
Vince Kelly commented on the post, ICE 5.1 Telling a Story through Visualization, on the site 5 years, 11 months ago
agreed but that being said this is going to used to justify future consulting engagements for the rest of time! 😉 As everyone knows, these sorts of high profile incidents just keep the revenue flowing for consultants;)
-
Vince Kelly commented on the post, Week 14 Update, on the site 6 years, 6 months ago
agreed but that being said this is going to used to justify future consulting engagements for the rest of time! 😉 As everyone knows, these sorts of high profile incidents just keep the revenue flowing for consultants;)
-
Vince Kelly wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 6 months ago
Atlanta spends more than $2 million to recover from ransomware attack
. the attackers ‘only’ asked for $51K but the city of Atlanta ended up shelling out $2.7M for what ultimately became an unmitigated dis […]
-
Vince Kelly wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 6 months ago
This was originally taken from an article (below) on a product that Cisco had introduced that can determine if traffic is malware even if it is encrypted with over 90% accuracy.
The thing that I found […]
-
Vince Kelly wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 6 months ago
A combined contingent of law enforcement officials from the US, UK and Netherlands has shut down what was once deemed as the worlds largest contract DDoS service. The article describes how, for as little as […]
-
Vince Kelly commented on the post, Week 14 Update, on the site 6 years, 6 months ago
Atlanta spends more than $2 million to recover from ransomware attack
https://finance.yahoo.com/news/atlanta-spends-more-2-million-202000413.html
. the attackers ‘only’ asked for $51K but the city of Atlanta ended up shelling out $2.7M for what ultimately became an unmitigated disaster and cautionary tale about crisis management and the…[Read more]
-
Vince Kelly commented on the post, ICE 5.1 Telling a Story through Visualization, on the site 6 years, 7 months ago
Tech industry completes its standards for banishing passwords
https://www.engadget.com/2014/12/09/fido-alliance-publishes-specs/The FIDO Alliance (Google, Microsoft, PayPal, and others) have just published
a ‘password free’ standard that works with both single and two-factor authentication
and relies on the use of sign-in methods oth…[Read more] -
Vince Kelly commented on the post, Week 12 Update, on the site 6 years, 7 months ago
Tech industry completes its standards for banishing passwords
https://www.engadget.com/2014/12/09/fido-alliance-publishes-specs/
The FIDO Alliance (Google, Microsoft, PayPal, and others) have just published a ‘password free’ standard that works with both single and two-factor authentication and relys on the use of sign-in methods other t…[Read more]
-
Vince Kelly commented on the post, Week 10 Update, on the site 6 years, 7 months ago
Cisco’s Encrypted Traffic Analytics (ETA), which monitors network packet metadata to detect malicious traffic even if its encrypted, is now generally available.
I saw a demo of this technology a couple of m…[Read more]
- Load More