-
Fraser G commented on the post, Week 2 Update, on the site 6 years ago
Mustafa-
Nice summary. One million file submission a day for Virus Total. Seems kind of low to be honest. Is the idea to get everyone using some sort of open standard for virus comparison to keep them from spreading? If so I can get on board with that – would need to be able to scrub any sensitive data however or have a trusted authority to do this.
-
Fraser G commented on the post, Week 3 Update, on the site 6 years ago
These are really useful, thanks Freddy!
-
Fraser G commented on the post, Week 3 Update, on the site 6 years ago
Freddy-
Does the white paper mention anything about redundancy for storing logs? On site sounds great but I would think having another copy is important. As we have learned in this program, malware and attackers will overwrite logs to hide suspicious activity.
And how about logging access to the logs? I need to read this white paper.
-
Fraser G commented on the post, Week 7 Update, on the site 6 years ago
Satwika-
Thanks for putting this up however I am not able to open it – some WRF file format that isn’t recognized.
What do you use to open these?
-
Fraser G commented on the post, Progress Report for Week Ending, February 23, on the site 6 years ago
I just tried with Webex player and didn’t have any luck with that either.
-
Fraser G commented on the post, Week 11 Update, on the site 6 years ago
In addition I would recommend checking hashes when downloading software and updates if possible!
Does anyone know of a good tool do automate this kind of thing?
-
Fraser G commented on the post, Week 11 Update, on the site 6 years ago
Interesting article and great slide deck. Worth checking out the video from his Defcon talk: https://www.youtube.com/watch?v=lZ8s1JwtNas
Thanks for sharing this.
-
Fraser G's profile was updated 6 years, 2 months ago
-
Fraser G commented on the post, Week 11 and 12 Presentations, on the site 6 years, 7 months ago
Another big data leak, this time from Delta. How are the security teams not scrambling at these orgs to find vulnerabilities and fix/patch them? It’s getting to the point where we as consumers don’t really have a choice when using some of these services,…[Read more]
-
Fraser G commented on the post, Presentations for Week 9 and 10, on the site 6 years, 7 months ago
FBI: Iranian Firm Stole Data In Massive Spear Phishing Campaign
FBI: IRANIAN FIRM STOLE DATA IN MASSIVE SPEAR PHISHING CAMPAIGN
I don’t often hear about the Iranians using cyberwarfare on the offensive. Usually its the Russians, Chinese or North Koreans or any number of others. I would like to talk to someone in…[Read more]
-
Fraser G commented on the post, Presentations 3 and 4, on the site 6 years, 7 months ago
https://thehackernews.com/2018/02/unlock-iphone-software.html
Cellbrite apparently found a way to unlock any phone currently in use, including the iPhone X. Interesting to note that they sell these services to law enforcement authorities. The FBI is still trying to drum up public support for disabling encryption…. even though they already…[Read more]
-
Fraser G commented on the post, Progress Report for Week Ending, September 29, on the site 6 years, 7 months ago
Surprise surprise, another Adobe Flash vulnerability is found. How long until this dinosaur dies?
-
Fraser G commented on the post, Week 14 Update, on the site 6 years, 8 months ago
“The “unpatchable” exploit that makes every current Nintendo Switch hackable ”
Thought this was interesting, as game console manufacturers have unique challenges for preventing privacy. The Nintendo Switch uses an Nvidia Teg…[Read more]
-
Fraser G commented on the post, Week 13 Update, on the site 6 years, 8 months ago
Piercing the Veil: Server Side Request Forgery to NIPRNet access
Interesting story of a White Hat breaking into NIPRNET, which is the Dept. of Defense’s secure (?) private network using a server side request forgery vulnerability…[Read more]
-
Fraser G commented on the post, Week 12 Update, on the site 6 years, 8 months ago
I enjoyed our experience over the past week with Google Cloud. Overall my pros and cons list includes:
Pros:
1) Great UI and UE, coming from ESXI experience it’s got way more functionality and ease of use.
2) Provisioning is super quick and easy. We had to recreate a MS Server as a host and it was up in less than 5 minutes ready to…[Read more] -
Fraser G commented on the post, Week 11 Update, on the site 6 years, 8 months ago
Interesting article and great slide deck. Worth checking out the video from his Defcon talk: https://www.youtube.com/watch?v=lZ8s1JwtNas
Thanks for sharing this.
-
Fraser G commented on the post, Week 11 Update, on the site 6 years, 8 months ago
In addition I would recommend checking hashes when downloading software and updates if possible!
Does anyone know of a good tool do automate this kind of thing?
-
Fraser G commented on the post, Week 11 Update, on the site 6 years, 8 months ago
Fake Software Update Abuses NetSupport Remote Access Tool
This article details an attack that uses remote access tools (RAT) which are spread using javascript and fake updates masquerading as legitimate sites – chrome, adobe…[Read more]
-
Fraser G commented on the post, Week 09 – Update, on the site 6 years, 9 months ago
https://cyber.schillingspartners.com/mining-mimecast-brute-forcing-your-way-to-success/
MINING MIMECAST: BRUTE FORCING YOUR WAY TO SUCCESS
This was a fascinating post written by a black hat hacker who was able to to farm sensitive information from organizations across Europe. Mimecast is a European security org that focuses on email. One of…[Read more]
-
Fraser G commented on the post, Week 7 Update, on the site 6 years, 9 months ago
https://blog.cloudflare.com/the-root-cause-of-large-ddos-ip-spoofing/
This is a nice overview of the recent large scale DDOS attacks (github) that we discussed in class. This is from Cloudflares perspective and gives extra insight into how the attack was launched and mitigated. Worth a read.
- Load More