Insights

  Last week, a toolkit was released, that based solely on results from Shodan, would automatically engage vulnerable devices around the world with exploit code.  A short time ago, right after the release of MIRAI, a fellow team member had developed some code that would scour the Internet, find devices using default credentials and automatically reset them.  We had a long discussion about the legality of using such code. His modification of the MIRAI botnet would scan the Internet for devices using default credentials and reset those credentials or shut down the device, all together. Essentially, it's the loose interpretation of walking around a neighborhood, breaking into homes, for the sole purpose of locking the windows. In that context, it's absolutely illegal. In theory, the intentions were in the right place. So, should a tool like AutoSploit be illegal?  I'm not entirely certain.  What I am certain of, is this…

Continuing a topic that we've discussed, ad nauseam.  Dealing with attacks and threats in 2018 will be much of a continuation of 2017.  We can expect that need to address both the continual advancement and innovation of attackers ways to compromise devices and exfiltrate data, but also the need to cover the "basics" of network security. With the systemic and ongoing resource and skills deficiencies, this issue isn't likely to be resolved in the near term. In order to get ahead of the curve, we have to approach these problems from a more deliberate course and action. In short, it's now a requirement to understand that we can't secure, "all the things".  We have to focus on what truly matters, develop actionable and automated processes of getting to that data, and letting that which truly doesn't matter... slide. With the focus adjusted to what is actually attainable, the following skills and…

Spectre and Meltdown are the names given to variations on a vulnerability that affects nearly every computer chip manufactured in the last 20 or so years. Unfortunately, the flaws can only be described as catastrophic in nature.In the first days of 2018, published research revealed that flaws arise from features built into chips that help them run faster, and while software patches are available, they have had impacts on system performance. In fact, it seems that the cure has been far more devastating than the actual vulnerability.Supporting this argument, SolarWinds has created other visualizations of its cloud post Meltdown/Spectre and most of the results are ugly. Throughput was down as much as 40 per cent on its Kafka rig, while CPUs spiked by around 25 per cent on Cassandra. In large environments, such as AWS, this is significant.Spectre and Meltdown are the names given to different variants of the underlying…