KRACK or Key Reinstallation Attack is a vulnerability in the WPA2 wireless security protocol. The majority of wi-fi network implementations at this time are vulnerable to this attack as it exploits the protocol itself and not any specific brand or solution. As a whole, KRACK is focused around clients more than it is on APs, however, both need to be appropriately updated to avoid the vulnerabilities that make up KRACK. Do not change to different encryption schemes as opposed to maintaining an already stable implementation of WPA2, as it is still more secure than WEP or WPA despite this vulnerability.

If you haven’t heard already, Equifax one of the “big-three” U.S. credit bureaus has announced a data breach that may have affected 143 million Americans, including consumer Social Security numbers, birth dates, addresses and some driver’s license numbers. For a good rundown of what has transpired so far, Krebs on Security has a solid in-depth article on it here. Every time there is a breach in the news, most other outlets swarm to a few different types of articles. Some popular directions are attribution, defense advice, or sensationalist journalism.

What is ANGRYPUPPY?

ANGRYPUPPY is a tool for the Cobalt Strike framework (@armitagehacker), designed to automatically parse and execute BloodHound attack paths. ANGRYPUPPY was partly inspired by the GoFetch (https://github.com/GoFetchAD/GoFetch) and DeathStar (https://github.com/byt3bl33d3r/DeathStar) projects, which also automate BloodHound attack path execution. ANGRYPUPPY uses Cobalt Strike’s built-in lateral movement capabilities, and the credential-stealing capabilities of its agent, beacon.

Is Your Collection Agency Business Secure From a Cyberattack?

Essential Infrastructure in Peril 

Critical infrastructure industries are a required foundation for a functional society. Without these sectors, vital services and products are unavailable. Health care, finance and manufacturing are three examples of markets that fall under this designation. The huge shortage of personnel with cybersecurity skills puts this essential infrastructure in peril. The demand for these experts is higher than the supply, making it difficult for organizations to appropriately protect themselves from cybercriminals. In the United States, only 66.7 percent of employer demand is met. It's even worse in other countries, with Israel only filling 28.4 percent of demand. 

We often hear from prospective clients that they have a third party perform external penetration testing every year, and it never finds anything serious, so if the attackers can’t get in from the outside, why bother testing anything else? At first, the logic seems sound – Using a castle as an analogy for the network: You’ve built a castle with really strong walls. – If nothing can breach the walls, then the squishy villagers, the rulers, and the royal jewels inside are safe and secure. This thinking follows the traditional 90’s style of network architecture, where the only route into the corporate network was through the border firewall, through the modem – the one hardline into the office.

 It happens all the time. A new penetration test work order comes into my inbox, and the customer is asking us to test only a handful of external IP addresses. A quick WHOIS request shows me that the customer owns an entire class C of public IP space, and that they didn’t even include their public webserver in the scope. In an ideal world, I’d get in touch with our Project Manager. We’d get in touch with the customer, and we talk about the scope, the customer would say it was a simple mistake, and give us a full list of IP addresses they control.

Adobe, MySpace, LinkedIn, and many other large organizations have had major password breaches in the last few years. Breaches where attackers have exfiltrated usernames, email addresses, passwords, and in some cases, plaintext password hints and other data from the company’s database. The initial response is always, "Log into that service, and change your password before the hackers get in and take over that account!" The sad truth is that it’s rarely that account that matters – it’s the other accounts where you (or your users) used the same password and email address that you’re (or they’re) already using on the compromised account with another service.

In March 2015, the PCI Council released their Information Supplement for Penetration Testing Guidance.  This is a fantastic move as previous guidelines were centered on the completion of penetration tests and left the methodology for completing those up to the auditor.  With this guidance in place, we now have a clear definition to what qualifies as a penetration test in the eyes of the Council.  There isn’t a need to rehash the document for you here, and I encourage everyone to read it.  I would like to focus on a few key highlights that I’m happy to see added.

In light of new PCI-DSS requirements stating that SSLv3 no longer meets the specification for “strong cryptography” prescribed by PCI standards, we wanted to give you a brief history of how the industry got here and why SSLv3 is no longer considered secure.