Quantcast
Channel: The State of Security » Ken Westin
Browsing all 23 articles
Browse latest View live

Low Cost Open Source Wireless Hacking – HackRF Jawbreaker

I sat down with Jared Boone a local Portland hardware hacker to discuss HackRF, an open source project he has been working on with Michael Ossmann funded by DARPA. The combination of open source...

View Article



Penetration Testing with Smartphones Part 2: Session Hi-Jacking & ARP Spoofing

In the first part of this series “Penetration Testing with Smartphones Part 1” we covered several network and vulnerability scanning applications that can be run from a smartphone. In this section we...

View Article

The Infosec Dunning–Kruger Effect: Confidence vs. Overconfidence

A key message at Tripwire moving into the next year is around true confidence. Confidence in IT security posture and information security’s position in the business. While reading Price Waterhouse...

View Article

10 Signs You’ve Been Working In Information Security Too Long

When your mom calls you ask her three security questions to verify her identity Your pet’s name consists of at least 20 characters and contains a mix of numbers, uppercase letters, and at least one...

View Article

Sneakernets Never Say Die: Power Plants Infected with USB Malware

A few days ago the State Department made public in a report that multiple power plants in the United States were affected by USB based malware during the beginning of October 2012. One of the plants...

View Article


Security Visualization: Meaning From Chaos

One thing I love about information security is its beautiful complexity, a complexity that calls upon multiple disciplines and requires both technical skills and creativity to solve real-world...

View Article

Security Visualization: AfterGlow Cloud

One of the leading thinkers in the realm of security visualization is Raffael Marty, he literally wrote the book on the topic.“Applied Security Visualization” was published in 2008 and the material is...

View Article

South Korean Attack & Malware Analysis

On March 20th an attack that brought down three major media broadcasters and at least two financial institutions computer systems in South Korea was launched.  The Red Alert team which is part of NSHC...

View Article


Mobile Antivirus: FUD, Fact and Fiction

Is mobile antivirus just a myth?  I would say it is more of a “legend,” where facts have been distorted, or exaggerated to craft a more sensationalistic story. A true “antivirus” for mobile devices is...

View Article


Twitter Y U No Offer Two-Factor Authentication?

The power 140 characters can have was felt again today.  The Associated Press had their Twitter account hacked and a fake tweet was posted, stating the White House had been attacked and that President...

View Article

Security Visualization: VideoLAN DDoS Visualized As A Game of Pong

VideoLan was the target of a recent DDoS attack with more than 200 requests per second hitting their systems at 30Gbps. VideoLAN is experiencing a major DDOS attack targeting its mirrors...

View Article

LivingSocial Hacked – 50 Million Records Compromised

It is being reported that LivingSocial has had a substantial data breach affecting 50 million customers. The known scope of the data compromised at this time includes names, email address, birth dates...

View Article

U.S. Dam Data Breach and NERC CIP Standards

United States intelligence agencies have uncovered a data breach that targeted and compromised the  U.S. Army Corps of Engineers’ National Inventory of Dams (NID) starting back in January. The database...

View Article


Game of Pwns: Syrian Electronic Army and Information Warfare

The Syrian Electronic Army has claimed another victory by defacing the Financial Times website as well as several Twitter accounts run by the news organization. The group has had a run of luck recently...

View Article

Securing WordPress: Hardening Basics

WordPress has become one of the leading blog platforms, and many small to medium sized businesses even utilize it as their content management system. WordPress is available as a one-click install with...

View Article


NSA and FBI Access to Verizon Phone Records

It is being reported by The Guardian that the NSA has been collecting phone records on millions of Verizon customer in the United States under an order by the Obama administration. The FBI was  granted...

View Article

Analysis of Korean War Anniversary Cyber Attack and Malware

In both North Korea and South Korea, several websites were defaced and brought down via a DDoS attack on the anniversary of the start of the Korean War. The Red Alert (R3d4l3rt) team in South Korea...

View Article


Carberp Botnet Lifecycle Infographic

Last week the source code for the “Carberp” botnet creation kit  was posted online and released to the masses creating a huge problem for security teams around the world. Carberp is sophisticated,...

View Article

AT&T Privacy Policy Change Risks and the De-Anonymization of Data

AT&T recently modified their privacy policy where they will be selling aggregated data of their subscribers usage information for marketing purposes. This is following in the footsteps of other...

View Article

There is a Lot More to Metadata than You Know

We have been hearing a lot about metadata the last few months thanks to the revealing of NSA surveillance tactics and partnerships. Many have stated “it’s only metadata.” however there is a lot more to...

View Article
Browsing all 23 articles
Browse latest View live




Latest Images