New PCI Controls and What You Should Know

February 07, 2018 | By:

It is finally here: the forward-dated controls that have been in existence since the release of version 3.2 of the PCI Data Security Standard, from April 2016. Hopefully, by now, you have had a chance to review them, but if you haven’t we are going to take a deep dive on each of the new…


FBI strengthens crackdown on darknet drug dealing, Featuring Alex Hamerstone – FoxNews.com

February 01, 2018 | By:

The only place to buy illegal drugs used to be on street corners, or through a local dealer. Police and undercover agents would set up sting operations, or force buyers to turn in their local dealer. Now, the drug dealing business has moved online – prompting law enforcement officials to navigate the dark web to crack…


Public Release of Hate_Crack – Automated Hash Cracking Techniques with HashCat

February 01, 2018 | By:

Today we are releasing hate_crack to unleash the power of hashcat to the community. Unless you’re deeply into hash cracking, you most likely aren’t aware of the several different attack modes built into hashcat, such as: Mask Attack Fingerprint Attack Combinator Attack Hybrid Attack Martin Bos covered several of these attacks in a previous post,…


Very high level of confidence’ Russia used Kaspersky software for devastating NSA leaks, Featuring David Kennedy – Yahoo Finance

January 15, 2018 | By:

Three months after U.S. officials asserted that Russian intelligence used popular antivirus company Kaspersky to steal U.S. classified information, there are indications that the alleged espionage is related to a public campaign of highly damaging NSA leaks by a mysterious group called the Shadow Brokers. “That’s a Russian intelligence operation,” a former senior intelligence official,…


Local cybersecurity company warns of flaws in the phone, tablet, computer you’re using right now, Featuring Alex Hamerstone -News 5 Cleveland

January 08, 2018 | By:

There’s a good chance the phone, tablet or computer you use has a computer chip flaw that’s opening you up to hackers. The recent announcement of more than a billion devices being susceptible sent 5 On Your Side Investigators into action. We tracked down a company in our backyard designed to help stop the bad…


Linus Torvalds Is Not Happy About Intel’s Meltdown and Spectre Mess, Featuring Alex Hamerstone – Gizmodo.com

January 08, 2018 | By:

Famed Linux developer Linus Torvalds has some pretty harsh words for Intel on the fiasco over Meltdown and Spectre, the massive security flaws in modern processors that predominantly affect Intel products. Meltdown and Spectre exploit an architectural flaw with the way processors handle speculative execution, a technique that most modern CPUs use to increase speed. Both classes of vulnerability…


Meltdown & Spectre Fixes Arrive—But Don’t Solve Everything, Featuring Alex Hamerstone – Wired.com

January 06, 2018 | By:

This week, a pair of vulnerabilities broke basic security for practically all computers. That’s not an overstatement. Revelations about Meltdown and Spectre have wreaked digital havoc and left a critical mass of confusion in their wake. Not only are they terrifically complex vulnerabilities, the fixes that do exist have come in patchwork fashion. With most computing devices…


Welcome to 2018! A Meltdown and Spectre Run-Through

January 06, 2018 | By:

Welcome to 2018! It’s only been a few days into the new year and we already have newly named bugs, thanks to the Google Project Zero, Cyberus Technology, and the Graz University of Technology. Jann Horn, Werner Haas, Thomas Prescher, Daniel Gruss, Moritz Lipp, Stefan Mangard, Michael Schwarz, Paul Kocher, Daniel Genkin, Mike Hamburg, Moritz…


More Complex Intruder Attacks with Burp!

December 21, 2017 | By:

Recently I was performing an external penetration test, and there was not a lot of attack surface but there was a firewall device present with one of those browser based SSL VPN services. Without a lot to go on other than some usernames gathered from LinkedIn, this seemed like a door worth trying to force….


Episode 2.10 Is your keyboard listening? A different type of jailbreak, Grinch Bots Stealing Christmas? Chrome, and Red Team Architecture!

December 07, 2017 | By:

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Dave Kennedy, Ben Tenjamin, Geoff Walton, Chris Prewitt, Justin Bollinger