Blog Articles

Hoarded NSA exploit is weaponized into ransomware worm, wreaks havoc across the globe

Under shadowy circumstances, a self-replicating virus with a ransomware payload wreaked havoc across the globe over the weekend. The virus, dubbed WannaCrypt or WCry, is based on what was believed to be a previously unknown exploit, or “zero-day,” code-name EternalBlue by the NSA. The actual operating code for EternalBlue was discovered on an NSA proxy server sometime in 2016 by the hacker group known as Shadow Brokers, and was dumped into public on the internet on April 14. Where things start to get shadowy is the fact that Microsoft released a patch for the EternalBlue exploit a month earlier, in ...
Read More

Did the Carolina Panthers’ Offense or Defense Get Them to Super Bowl 50?

Keep Pounding!! If you are a Carolina Panther football fan, you heard this phrase all the way to Super Bowl 50. Liken to most sports, “a great defense with a good offense will typically win the game.” When it comes to IT security, the same holds true. We’ve also heard “the best defense is a good offense.” This is rarely true. Take tennis for instance, if you are playing someone who has a great backhand and serve, but you defend all the player’s shots, chances are one of your returns will eventually score. The same holds true with football, basketball, ...
Read More

Patching the Holes

So what is patching, what gets patched and what difference does it make anyway??? Every computer has a compilation of software programs residing within, and those programs perform a myriad of functions. From the operating system right down to the Basic Input/Output System (BIOS) or the more current UEFI, all software needs to be potentially updated from time to time. The purpose of these patches is generally to improve the performance of the system – but in some cases, the patch is designed to fill a very specific hole. As you are aware, cyber-security is paramount due to the evil ...
Read More

4 out of 5 hackers: “I’m in and out within 12 hours…with your data”

The cyber security firm Nuix compiled a recent report, ironically called the Black Report, based on interviews with active so-called “White Hat” hackers. White Hat is used here in the context of someone that’s doing ethical work at the invitation of their client to break into a network and then show how they did it (and return the data). This makes them different from “Black Hats” because those people are willing to bend or break some rules (and laws) for a wide variety of reasons. Those reasons can include political, monetary, internet gangsta cred, or just trolling for lulz ...
Read More