Category: Exploits & Attacks

May 13th, 2017 by John

Microsoft released patches for legacy systems affected by WannaCrypt attacks.

Customer Guidance for WannaCrypt attacks

Posted in Exploits & Attacks, Infosec

April 20th, 2017 by John

Home | The Security Cards: A Security Threat Brainstorming Kit

The University of Washington has developed a set of 42 playing cards for modeling security and privacy threats. The cards encourage you to brainstorm about potential threats along 4 dimensions:

  • HUMAN IMPACT
  • ADVERSARY’S MOTIVATIONS
  • ADVERSARY’S RESOURCES
  • ADVERSARY’S METHODS

You may print the cards yourself or request them from the university.

Posted in Cool-Stuff, Exploits & Attacks, Infosec

April 19th, 2017 by John

In an interesting turn, Hajime is a vigilante-style project intended to disrupt Mirai and similar IoT botnets.

Posted in Criminal, Exploits & Attacks, IoT

April 19th, 2017 by John

The Shadow Brokers Leaked Exploits Explained | Rapid7 Community and Blog

The Shadow Brokers released nation-state NSA exploits and Rapid7 researchers explain what this means in a concise article, worth a read.

Posted in Criminal, Exploits & Attacks

April 19th, 2017 by John

Posted in Criminal, Exploits & Attacks

April 14th, 2017 by John

Think about it. We’ve been sending spacecraft into orbit and beyond for 50 years. Information security was not a primary concern. Many of these systems are IoT devices, in practice, and they won’t all have strong authentication processes or be updatable, so what is the impact if someone hacks a NASA probe? NASA chief has big concerns.

Posted in Exploits & Attacks, IoT