Telecom Tidbits
Jared's Network and Security Blog
  • Home
  • Telecom Corner
  • About
  • Contact
  • Donate
  • Site Index
  • Links

Top Attacking Countries: October 2017

November 15, 2017 Jared Hall General No Comments

The top three countries countries are Russia, United States, and China. Russia remains at #1. China moved back up to #3. September 2017’s report can be found here.

More

Exploiting Virtual Machines with RAM Row-Hammer Attacks

November 15, 2017 Jared Hall General No Comments

A “Row-hammer” attack exploits a physical problem that exists in RAM where an attacker can actually cause bit-flips in DRAM memory.  This has already been exploited and attacks successfully gained kernel privileges.  Researchers have taken this a step further and, by exploiting a Host kernel feature known as “memory de-duplication”, can flip bits in a controller […]

More

BOLO: IcedID Banking Trojan/Emotet Trojan

November 14, 2017 Jared Hall BOLOs No Comments

A unique banking trojan called IcedID is hitting businesses throughout the US and Canada. In most implementations, IcedID is being bundled with another Trojan called Emotet and delivered via spam Email of infected Word documents. What makes IcedID unusual is that it propagates through a business network.  It sets up a Command and Control channel […]

More

The Cyber Kill-Chain: Revisited

November 12, 2017 Jared Hall General No Comments

The Nay Sayers Trolling through articles released this week, I came across a review of Lockheed Martin’s “Cyber Kill Chain” that was written by CSO Online: https://www.csoonline.com/article/2134037/cyber-attacks-espionage/strategic-planning-erm-the-practicality-of-the-cyber-kill-chain-approach-to-security.html on 11/7/2017.    I found the article to be somewhat disingenuous.  The CSO Online article was more of a rehash of a Dark Reading article: https://www.darkreading.com/attacks-breaches/deconstructing-the-cyber-kill-chain/a/d-id/1317542? written on 11/18/2014.  “We’re not afraid to […]

More

Office 365: Lackluster Anti-Spam/Malware Performance

November 10, 2017 Jared Hall General No Comments

I came across this article in Dark Reading: https://www.darkreading.com/cloud/office-365-missed-34000-phishing-emails-last-month/d/d-id/1330282? As indicated in the post, this is based on the standard Exchange Online Protection (EOP) services offered by Microsoft, not Advanced Threat Protection (ATP). I currently run two manage much smaller Email systems for two ESPs.  I’ve always worried about anti-spam measures, trying to be effective, without too […]

More

Oh Brother (printers): Denial-Of-Service

November 9, 2017 Jared Hall General No Comments

Brother printers that are connected to a network are vulnerable to a Denial-Of-Service (DOS) attack through the printer’s embedded web server (called “Debut”). Of course, the attacker must have the ability to access the printer’s Web Server. No Brother printer should be exposed to the Internet.  You should also put Brother printers on their own […]

More

Divorce eSecurity: Practical Electronic Security

November 8, 2017 Jared Hall General, Internet Security No Comments

Author: Jared Hall Revision: 1.1 URL: https://www.jaredsec.com/2017/11/08/divorce-esecurity/ Original Date: 11/11/2010 Revision Date: 11/07/2017 Introduction Separation or divorce is never a good thing.  In the case of contested divorces, where the split of assets is complex, the same passion which once brought you and your partner together is often negatively directed to tear each other apart. This […]

More

John Kelly’s Cell Phone Hack

November 2, 2017 Jared Hall Humor, Spy vs. Spy No Comments

Politico ran a story on the personal cell phone belonging to White House Chief of Staff, John Kelly.  It turns out that it was hacked sometime in December of 2016.  He’d been using and fiddling with it up until September 2017, when he finally gave it to staffers to figure out why he couldn’t get […]

More

Humor: Problem Solving Flowsheet

November 2, 2017 Jared Hall Humor No Comments

This is an “off-color” comic that any engineer or technician is familiar with.  This was popular back in the 80’s and is still funny today.  I remember seeing a variant of this circulating around DSTE (Digital Subscriber Terminal Equipment) and Crypto maintenance techs back in my old Air Force days. Alas, many a unit could […]

More

WordPress Update

November 2, 2017 Jared Hall General No Comments

There is an issue with $wpdb->prepare() that can lead to unsafe queries and SQL Injection attacks.  This does not occur with WordPress core, but can affect add-on plugins and themes. If you do not have Automatic Updates enabled, please download the new release as soon as possible.  The WordPress bulleting is here: https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/

More

«‹ 2 3 4 5 ›»

Tools & Downloads

Download Center

Categories

Good Reads (PDF)

Recent Posts

  • A Pathetic Defense of Julian Assange
  • Damned if you do. Damned if you don’t.
  • ProtonMail? Not Worth an Electron!
  • Give it a REST: Serious WordPress Bugs
  • Hardening the Apache Webserver

Donate

$
Select Payment Method
Personal Info

Donation Total: $20.00

↑

  • Home
  • Telecom Corner
  • About
  • Contact
  • Donate
  • Site Index
  • Links
Temporal Based Intelligence © 2017