The Importance of Data Security and Insider Threat Programs in Mergers and Acquisitions

Mergers and acquisitions have become an important part of many organizations’ growth strategy. In most large transactions, countless hours are spent on due diligence, whether that due diligence is related to the financial health of the company, compliance with applicable regulations, or a variety of risk factors. Refreshingly, cybersecurity has emerged as a risk factor that is getting significant attention as part of the due diligence process. However, there is…

Why Identifying and Protecting Critical Information Assets Should be a Foundational Element of your Security Program

The digital world has become a scary place, one which many people fear, and one in which few organizations feel they are adequately protected. Every day, there is more news about breaches, new threats, zero day attacks, adversarial groups, and a barrage of new technologies that claim to solve all of these problems. Some of the technologies are very good, logical extensions to the security platforms we already have in…

Addressing the IT Skills Gap Part 1: Understanding the Current State

By Jeremy Wittkop, InteliSecure CTO People, process, and technology. Where do we turn when it is the people side of the equation we most need to address? An increasing number of organizations are asking this question as the shortage of cybersecurity talent continues to become more dire. There are more threats evolving every day and it seems there are legions of cyberattackers ranging from divisions of cyber militaries on the…

SNMPPLUX

InteliSecure continually develops new tools and scripts to improve the effectiveness of the team. One such tool called SNMPPLUX is an offshoot of a larger development project (ORR). SNMPPLUX is a USM compliant SNMPv1, SNMPv2c and SNMPv3 authentication scanner powered by pysnmp, re, sys, getopt, array, time and multiprocessing python modules. As well as providing SNMPv1 and v2c community dictionary attacks is will also provide username and password dictionary attacks…

Finding and Exploiting Same Origin Method Execution vulnerabilities

Recently it came to my attention that it was possible to abuse JSONP callbacks using a vulnerability known as SOME – Same Origin Method Execution which can be used by an attacker to widely abuse a user’s trust between the web application and the intended flow of execution. For example, using the SOME attack it is possible for an attacker to trick a user to visiting a malicious web-page which…

[IRCCloud] History and Another XSS Bug Bounty

Personally, I have been a user of IRC since 2004 on some private networks and some other well-known ones such as Freenode. However, it was always inconvenient to have to set up an IRC Bouncer, so when IRCCloud came around, I was excited to try it and see if it provided me with a method of staying connected to all the required networks without having to download a new client…

[IRCCloud] Inadequate input validation on API endpoint leading to self denial of service and increased system load

So as you do, I was just looking around, manually fuzzing some Web Sockets requests, seeing if I could get any sort of XSS, Remote IRC Command Injection or SQLi mainly – ended up that I didn’t find much there that worse worth noting. So I started seeing if their logic was all alright, so one of their requests looked similar to: {“_reqid”:1234, “cid”:5678, “to”: “#treehouse”, “msg”:”test”, “method”:”say”} I thought,…

Most businesses do not understand data breach risks

Research by HP has uncovered a lack of understanding among businesses of the risks associated with data breaches. More than 70% of US and UK executives surveyed by the Ponemon Institute said that their organisation does not understand fully the dangers of breaches, while less than half of top executives and board members are kept informed about the response process. The 2014 Executive Breach Preparedness Research Report was designed to…

Research Reveals Cost of Online Fraud to UK

This week has been Get Safe Online Week and to coincide with the event, the National Fraud Intelligence Bureau researched cyber-crime in the UK. The research found that over the last year, the ten biggest online scams cost victims over £670m – although the actual figure is thought to be significantly higher than that due to unreported crimes. A separate poll found that while over half of Britons have been…

Kmart hit by card hack attack

It’s been revealed that a data breach at US retail chain Kmart that compromised card details lasted over a month. The discount department store said that the malware was discovered last week but had been operating since early September. Based on its investigation so far, the company said that it believes credit and debit cards were exposed but that no personal information, PIN numbers, email addresses or social security numbers…