CRASHOVERRIDE guidance from NCCIC is confusing at best

After reviewing the awesome Dragos Inc report on CRASHOVERRIDE, Rendition analysts received a similar alert from US Cert and NCCIC.  After reviewing the guidance from NCCIC, we were less than thrilled.  The second recommendation from NCCIC (take measures to avoid watering hole attacks) is impossible by its very definition.  A watering hole attack first compromises […]

CONTINUE READING →
WanaCrypt0r malware webcast and slides

Last night, I ran a special webcast for the SANS Institute on the outbreak of the WanaCrypt0r malware.  One thing I love about SANS is that we always look out for our students.  If huge security news breaks during the day at one of our major conferences, we designate an instructor to do impromptu night sessions. […]

CONTINUE READING →
Call to Microsoft to release information about MS17-010

After delaying the release of Windows updates, Microsoft mysteriously released a patch for a group of vulnerabilities addressed by MS17-010 after canceling Patch Tuesday in February.  This patch was released immediately before the release of a set of Windows exploits by the Shadow Brokers hacking group.  Although Shadow Brokers purports to have stolen these exploits […]

CONTINUE READING →
Corporate Business Impact of Newest Shadow Brokers Dump

Yesterday, the Shadow Brokers released the password for the encrypted zip file they seeded last year (link). This release gives threat intelligence teams unprecedented insight into the capabilities of the Equation Group Hackers.  The dump appears to contain only Linux and Unix tools and exploits, so organizations running only Windows don’t need to react to […]

CONTINUE READING →
In Your Face – Securing Digital Displays

On Monday, a large publicly visible art exhibit in Spain that normally shows projections of modern art displayed pornography for 45 minutes.  Per this story (in Spanish), the taxi drivers who viewed the porn while waiting for riders at a nearby train station were thrilled (pun definitely intended), but most people were understandably not happy.  The […]

CONTINUE READING →
RECENT POSTS

Stay Connected

Want to stay up to date on the latest Rendition and cybersecurity news? Sign up for our newsletter! We'll never sell or give away your information.

    Privacy Policy | Terms of Service | Contact Us
    © 2022 Rendition Infosec. All rights reserved. View Rendition Infosec LLC profile on Ariba Discovery
    Your cart
    subtotal:
    $0.00

    This will be copy area - something to the effect of estimated ship time if applicable

    checkout

    CONFIDENTIAL

    Rendition's advanced courses contain the latest in information security knowledge. Please contact us for more information.

    This page has proprietary information in it, please contact us for more information.