Welcome to Delicate template
Header
Just another WordPress site
Header

In light of the recent Target event, there has been an uptick in activity around malware that specifically targets Point of Sale systems. The most common ones that seem to be referenced are the following:

BlackPOS: Affects Windows-based Point of Sale systems. The attack essentially sits in between the card reader and the POS application. Track data (data that can be used to replicate a physical credit card) is extracted and uploaded to a remote server via FTP.Read more

Jerald Dawkins

Jerald Dawkins

Dr. Jerald Dawkins is the CEO and Founder of TRUE and has extensive experience in regulatory compliance, technical risk assessments, penetration testing, web application vulnerability analysis and secure coding. Dr. Dawkins is the author of numerous publications and presents at national and international conferences. He holds the following certifications: U.S. Goverment Secret Clearance, CISSP, QSA, NSA IAM, and CNSS 4011-4015.

More Posts

If you haven’t heard about it by now, let me clue you in: Java is a security nightmare. A few days ago, a zero-day exploit for Java 7 became widely-known. The exploit bypasses Java 7′s security sandbox and permits attackers to download and execute code without user interaction. The attack is already available in Metasploit and in the Blackhole Exploit Kit (BEK). Since it’s in BEK, users are now susceptible to this attack via so-called “drive-by” web hacks. All a user has to do is get unlucky and visit a compromised site (and there are a TON of compromised WordPress sites out there) and their machine is compromised.Read more

Brett Edgar

Brett Edgar

Brett is a Founder and the former Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

More Posts - Twitter

On Stuxnet Adaptation

March 21st, 2012 | Posted by Andrew Ridings in Malware | Terrorism - (0 Comments)

With the recent focus on Stuxnet due to the CBS 60 Minutes Special: Stuxnet: Computer worm opens new era of warfare and the 60 Minutes Overtime special Stuxnet copycats: Let the hacking begin, aired earlier this month, I was reminded of the extent our nation’s critical infrastructure is at risk from cyber attack.Read more

Andrew Ridings

Andrew Ridings

Andrew Ridings is a Security Analyst at True Digital Security with a passion for penetration testing and social engineering. Andrew received his Bachelors of Science in Information Assurance and Forensics at Oklahoma State University and holds CNSS 4011 certification.

More Posts

Well, that didn’t take long. As of Thursday, an MS12-020 PoC (the Remote Desktop Protocol vulnerability) is in the wild. Looks like one of Microsoft’s MAPP partners leaked some test code. This PoC code only causes a Blue-Screen-of-Death, so the damage is limited to a denial-of-service. It won’t be long until the bad guys figure out which values they need to modify to achieve remote code execution. When that happens and you still have RDP open to the Internet and unpatched, you lose. I suspect we’ll see a worm exploiting this within a week. This could end up being a SQL Slammer-type event…

Brett Edgar

Brett Edgar

Brett is a Founder and the former Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

More Posts - Twitter

Over the past month, TRUE NSM analysts have observed a significant increase in the number of corporate web users being attacked by the Blackhole Exploit Kit.  The rate of incidents reported involving this malware is now close to two per day.  The Blackhole exploit kit targets vulnerabilities in out-of-date Java and Adobe Reader software.  A cursory examination of a few of the deobfuscated Javascript files delivered to users by Blackhole also shows evidence that Adobe Flash is being targeted and perhaps even a few Microsoft vulnerabilities by way of the Windows Media Player ActiveX control.Read more

Brett Edgar

Brett Edgar

Brett is a Founder and the former Director of Managed Security Services at TRUE. He has been working in the system and network forensics field since graduating from the University of Tulsa with a B.S. Computer Science in 2003. He speaks hexadecimal fluently and is TRUE's resident human Ethernet transceiver. He holds CISSP, CSSLP, and CNSS 4011-4015 certificates, loves MLB and NCAA Football, and when he gets tired of hexadecimal, he goes home to hang out with his wife and kid.

More Posts - Twitter