CP Sharp

04/25/2018

RTL-SDR brought cheap and ubiquitous Software Defined Radio (SDR) to the masses, opening up whole swaths of the RF spectrum which were simply unavailable to the average hacker previously. Because t…

09/19/2017

CISCO's Intelligence Group Reporting two million potentially infected as CCleanup update servers used to package malware with product.

This could eclipse the Equifax hack.

From the Report:
"By exploiting the trust relationship between software vendors and the users of their software, attackers can benefit from users' inherent trust in the files and web servers used to distribute updates. In many organizations data received from commonly software vendors rarely receives the same level of scrutiny as that which is applied to what is perceived as untrusted sources. Attackers have shown that they are willing to leverage this trust to distribute malware while remaining undetected."

A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group

05/18/2017

, not to discount the pain it's caused its victims, is akin to finding a single dead cockroach in your kitchen cupboard. A more commonly used term is "tip of the iceberg." Several variants of the malware (AdylkuzzAttack, anyone?) have already been discovered in the wild.

, the group behind the original NSA leak, announced yesterday that they've got a lot more content coming in the months ahead.

I've never been a tinfoil-hat wearing fearmonger, but was a dated vulnerability. There's a tsunami of newer exploit material that's publicly available and could be used in a similar capacity, and we haven't seen it put to use.

Oh, and remember those guys behind the Bangladesh SWIFT hack and the Sony Pictures P.R. disaster? That's the .

Where did come from? Guess who.

Researchers urge Windows admins to apply MS17-010 before the next attack using the EternalBlue NSA exploit deploys a worse payload than WannaCry ransomware.

05/17/2017

A clever look at how it's possible to, yes, steal passwords from logged in Windows users via web browsers. Even Chome, the browser best known for it's attention to security. Worth a read.

Attacks that leak authentication credentials using the SMB file sharing protocol on Windows OS are an ever-present issue, exploited in various ways but usu

03/07/2017

Wikileaks begins "largest ever" publication of classified documents from the CIA. Nicknamed "Vault 7," the documents reveal, with great precision, just how vulnerable modern devices have made anyone using them critically vulnerable to cyber warfare. Weaponized smart-things are now really a thing. Nightmares are coming true- from TV's that watch you (https://wikileaks.org/ciav7p1/cms/page_13762690.html) to remote-control-for-murder vehicles (https://wikileaks.org/ciav7p1/cms/page_13763790.html). We're no longer living in a world where naivety about the inter-connectivity of devices can be tolerated.

https://wikileaks.org/ciav7p1/

02/24/2017

Retweeted Tripwire, Inc. ():

CloudFlare Patched Parser Bug that Leaked Private Information https://t.co/4DLfvWToHh via

CloudFlare has patched an issue in its HTML parser chain that caused a buffer overflow and returned memory containing private information.

02/23/2017

Google and CWI researchers have achieved first-ever successful practical collision attack on SHA-1 Hashing Algorithm

01/15/2017

The self-driving car, a testament to the amazing era of inter-connected devices in which we live, is now a reality for many. As automakers scramble to keep up with Tesla, we expect to see widespread adoption of this feature, at great benefit to the public, personal and business use alike.

The cost? As with all new technology, local and state governments struggle to understand and regulate the software that controls these vehicles, exposing consumers to potentially life-threatening vulnerabilities as evidenced by the enterprising team at Keen Security Lab.

Leverage CP Sharp's

01/04/2017

MongoDB under attack- and what you can do to fortify your systems.

Hackers Holding Unsecured MongoDB Databases for Ransom

01/04/2017

We've seen the first major signs this year of the serious cyber threats facing our citizens. Finally, politicians and otherwise disinterested parties have begun to change their collective agendas.

The amount of control our devices possess, the data they contain and analyze, and the damage they can do in the hands of the unwieldy is staggering.

More so, the ease of which this can be done, with the right expertise.

Don't wait until it's too late- make sure your business is safe!
Contact CP Sharp for a free consultation- help us help you keep you important data safe!

This year was a busy one for security and hackers. We expect more of the same in 2017, with a few new twists.

11/24/2016

Happy Thanksgiving! https://t.co/gqsm2TFdi1 https://t.co/AnU4YltARx

Get the whole picture - and other photos from CP Sharp

11/24/2016

CP Sharp wishes our partners, clients, and friends a very happy and delightful Thanksgiving! "It is when we stop thinking about what we don't have, or what we lack, and become grateful for who we are that we can gain access to true unlimited inspiration." Frank Arrigazzi

http://www.cpsharp.net/happy-thanksgiving/