View Post

Cybersecurity Knowledge Gap

In Uncategorized by Jeff Pelliccio

New reporting suggests the state of online security in the United States reveals a significant gap in cybersecurity knowledge and prevention and we as a nation are not taking appropriate steps in protecting ourselves from a growing number of cyber threats. Many consumers claim a lack of confidence with social media tracking and selling their personal data yet a staggering …

View Post

BleedingBit Exposes Bluetooth Vulnerability

In Uncategorized by Jeff Pelliccio

A new Bluetooth vulnerability ‘BleedingBit’ is causing trouble for Aruba, Cisco and Meraki Wi- Fi access point vendors using vulnerable Bluetooth Low Energy (BLE) IT chips made by Texas Instruments. The Vulnerability could allow hackers to control over a wireless network and this is bad news for the three leading access point vendors that make up just under 70% of …

View Post

Polarized America Invites Midterm Election Interference

In Uncategorized by Jeff Pelliccio

On October 7th 2016 the Office of the Director of National Intelligence (ODNI) and the Department of Homeland Security (DHS) jointly stated to the intelligence community that an attack occurred on March 19th, 2016 when an administrative assistant to John Podesta, Hillary Clinton’s then-campaign manager clicked a link to a credential harvesting site in a spear-phishing message that impersonated Gmail; …

View Post

Kaspersky Discovers Bad Rabbit

In Uncategorized by Jeff Pelliccio

In October 2017 researchers at Kaspersky discovered a piece of ransomware which they dubbed “Bad Rabbit”. The ransomware was discovered affecting users mostly in Russia, Ukraine, Turkey, and Germany. The ransomware was distributed via a drive-by-download while visiting a legitimate website with the help of a malware dropper. In summary, the malware is distributed when the user browses legitimate news …

View Post

Muddy Water Suspected For Espionage

In Uncategorized by Jeff Pelliccio

Muddy Water is a suspected Iranian advanced persistent threat group who targets primarily the Middle East and South East Asia for espionage purposes whose targets also include India, Pakistan and the United States. Over the last year the group has been quite active, however their tactics have not changed across their cyber campaign which allows us to track them effectively. …

View Post

0 Day Microsoft Windows Exploit

In Uncategorized by Jeff Pelliccio

Recently a security researcher, going by the handle of SandboxEscaper, released the source code for a 0 day affecting the Advanced Local Procedure Call (ALPC) function that allows a threat actor to gain Local Privilege Escalation (LPE) on the victim machine. This vulnerability affects Microsoft Windows 7 through 10. An overview of the source shows of the exploit shows that …

View Post

The Cybersecurity Initiative

In Uncategorized by Jeff Pelliccio

Winning the cybersecurity battle continues to be today’s most difficult technological challenge affecting everyone from large-scale corporate businesses to small entrepreneurial start-ups to even protecting our children online. Hackers and criminals don’t sleep. Maybe they work in shifts, either way, how can a typical nine to five, fill in the blank business, open Monday through Friday, expect to keep up …

View Post

Ticketmaster UK Breach Via JavaScript Chat App

In Uncategorized by Jeff Pelliccio

Whether you are online purchasing tickets for a high profile event or using a familiar mobile application of your favorite food vendor, cyberbreaches are hitting closer to home and are becoming a commonplace occurrence. Businesses, especially those who interface with consumers and other third parties, should be keeping a watchful eye on these global security breach headlines so to better understand and …

View Post

KillDisk Attacks SWIFT Bank Network

In Uncategorized by Jeff Pelliccio

The KillDisk wiper attack against Banco de Chile last month appears to be a larger ploy to compromise endpoint servers processing transactions on the SWIFT bank network (a vast messaging network used by financial institutions to send and receive money). Investigators surmise ten million dollars were stolen and funneled off to accounts in Hong Kong. The initial attack was carried out …