Latest Blog Posts

New ransomware as a service

I just got done reading an interesting article on ransmomware as a service. It got me thinking about just how creative criminals can be. I mean these guys not only created a program that can sneak onto your computer (usually with help from you by the way), find your precious files and encrypt them. Then…

How long will it take you to get hacked?

Today another company had a data breach, this time Maine General Health Center details on how the hack happened haven’t been released and it almost doesn’t matter. Well it definitely matters to them, of course, and to the patients affected. Luckily though it sounds like the amount of data is limited and doesn’t include Social Security…

Brute force attacking Basic Authentication with Burpsuite

Not that many sites nowadays probably still use Basic Authentication for their web sites, but some old sites or those “non-standard” web interfaces might. My Sony security camera at work does, for example, which is why I wrote this. Basic Authorization is, well, primitive. It uses Base64 encoding, which masks the password in a wireshark…

Extrahop

I had a chance last week to sit in on a demo of Extrahop Networks. The best way to think of it as “Splunk for network traffic”. If you are familiar with splunk it takes all sort of unstructured machine data and lets you report on it, see trends, create alerts and basically make sense…

TwitterFacebookGoogleLinkedInEmail