The US DoJ recently released guidance on running vulnerability disclosure programs (aka bug bounties). The document is nothing earth shattering, but does provide some free advice to organizations considering such programs. Rendition’s advice to organizations considering a bug bounty program? Think VERY carefully about how it will impact your monitoring and detection strategies. People looking […]
Archive | Uncategorized
Is Kaspersky “inappropriately removing” files?
UncategorizedIn a Reuters article yesterday, former FBI employees commented on the case investigating Kaspersky and reported a serious allegation against the Russian antivirus giant. According to the article: Two former employees and a person briefed on the FBI case told Reuters that Kaspersky software has at times inappropriately inspected and removed files from users’ machines […]
Rendition InfoSec Establishes New Headquarters In Augusta Georgia
UncategorizedNew office to enable network security industry leader to better serve growing client base in the region and capitalize on emerging global market opportunities. Augusta, Georgia – July 12, 2017 – Rendition Infosec, the nation’s leading provider of network security solutions and consultation, today announced the establishment of the company’s new corporate headquarters in Augusta, Georgia, […]
Why a Kaspersky code audit doesn’t really ensure security
UncategorizedWhile Rendition Infosec commends Eugene Kaspersky’s move of transparency for a code audit, this won’t really ensure security. Eugene Kaspersky has also offered to testify in front of Congress, but it seems doubtful that his testimony would sway many people on this. What about a code audit? And a code audit is not really the […]
The problems of PUA (Potentially Unwanted Alerts)
UncategorizedRecently we had a client call us about a problem on their network. Rendition Infosec runs a 24×7 security monitoring service and had a client call about an antivirus alert for PUA (potentially unwanted application). This class of alert is often difficult to tune out since attackers and administrators often use the same software tools. […]
Five Secret Tips For Incident Response Preparation – Rendition InfoSec Founder Jake Williams Presenting At Interop ITX 2017
UncategorizedAugusta, Georgia – May 10, 2017 – Rendition Infosec, the nation’s leading provider of information security solutions and consultation, today announced that company founder Jake Williams will be presenting at Interop ITX taking place at the MGM Grand in Las Vegas, Nevada May 15 – 19, 2017. As a major part of Interop’s Security Track, […]
Observations from the latest DOUBLEPULSAR scans
DOUBLEPULSAR Malware UncategorizedRendition Infosec completed a new scan overnight for DOUBLEPULSAR scans and the number of infections continues to rise, though only slightly. For liability reasons, Rendition is not performing the vulnerability scan to determine vulnerable hosts. Rendition only communicates with hosts to determine if DOUBLEPULSAR is present on a machine. At this time, Rendition is only scanning for the […]
DOUBLEPULSAR Infections On The Rise
DOUBLEPULSAR Shadow Brokers UncategorizedAs you have probably heard, a group known as the Shadow Brokers released a large cache of Windows tools and exploits. One of the exploits installs a kernel mode implant known as DOUBLEPULSAR. There have been several good articles written on DOUBLEPULSAR already, so I won’t detail repeat that work here. Several of the Windows […]
Business impact of Shadow Brokers release of Windows exploits
UncategorizedOn April 14, 2017 the Shadow Brokers released another cache of files. This cache of files apparently contains the Windows tools and exploits hinted at in the January 8, 2017 directory listing of files, very few of which were released. Early reports indicated that the Windows files contained multiple zero day exploits. However, this was […]
Implications of the SHA-1 collision
UncategorizedLast week, Rendition Infosec founder Jake Williams educated the community about the implications of the recent announcement that Google has created the first SHA-1 collision. After the announcement, many in the community blew the news completely out of proportion. Noting that there was more misinformation than correct information about the collision, Mr. Williams created a no-FUD […]