Author: Walker Rowe

By: Walker Rowe, June 02, 2017 (06:10 AM)

Jupyter and Zeppelin: The Most Dangerous Web Interfaces

Data scientists and big data programmers are familiar with Jupyter (formerly iPython) and Zeppelin. These are excellent programming tools because you can write code in a wide variety of languages and execute it right on a web page.  And it connects easily to Spark and Hadoop environments.  But fro...

Continue Reading
By: Walker Rowe, June 02, 2017 (05:59 AM)

OKTA and SAML Security Critical Vulnerability

Okta says they have updated the Okta SAML Toolkit for Java to fix what they call a critical vulnerability.  But they do not give any technical details saying, “Okta maintains a responsible disclosure policy, and as such, will only divulge specific details about this vulnerability...

Continue Reading
By: Walker Rowe, May 05, 2017 (08:04 AM)

Gmail Hacked? Not Exactly

Google sent out a tweet yesterday saying that millions of its users have been tricked by a phishing email campaign into giving a third-party app access to the user’s Google data.The phishing campaign is spread using a screen that looks like a request to share a Google document, like shown belo...

Continue Reading
By: Walker Rowe, May 01, 2017 (09:27 AM)

Domain Shadowing

Domain shadowing is when a hacker gets access to your domain registration account, like at GoDaddy, and creates subdomains under your domain.For example amazon.com has kdp.amazon.com and other subdomains. kdp would be considered a shadow if a Amazon does not know that that domain has been create...

Continue Reading
By: Walker Rowe, May 01, 2017 (09:21 AM)

Wikileaks Marble Framework CIA String Obfuscator Code Explained

WikiLeaks has just published the third batch of CIA documents. While they say this is source code, it is not the actual spyware that we have been waiting for. Instead this is code the CIA uses to obfuscate their programs so they cannot be traced back to the CIA. So it’s just one piece of the large...

Continue Reading
By: Walker Rowe, April 24, 2017 (09:45 AM)

Using Threat Intelligence Feeds and Machine Learning to Flag Malicious Traffic

Threat intelligence feeds are data gathered from attacks around the world and either sold or given away for free. The idea is to take logs from your firewalls and the match those with the list of blacklisted IP addresses, domains, the email address of who registered a domain, etc. to determine what ...

Continue Reading
By: Walker Rowe, April 17, 2017 (09:25 AM)

Looks Like The NSA Owns SWIFT

The anonymous leaker or leakers, Shadowbrokers, has dumped 300 MB of NSA source code and documentation onto the internet and published it at github. This is a large haul of zero-day exploits placed there with no advance ...

Continue Reading
By: Walker Rowe, April 05, 2017 (08:31 AM)

Using ElasticSearch for CyberSecurity

ELK (ElasticSearch, LogStash, and Kibana) is the most popular log processing tool and certainly the easiest to set up. They scale linearly and can automatically parse multiple file formats, thus saving you the time of writing some complex regular expression. There are 120 parsers, which can be found...

Continue Reading
By: Walker Rowe, April 03, 2017 (06:17 AM)

Securing Big Data Databases

Last year tens of thousand of MongoDB databases were emptied and left with nothing but a ransom note. These were configured with public IP addresses and no authentication. Hackers were able to find them easily using Continue Reading

By: Walker Rowe, March 31, 2017 (06:43 AM)

Turkish Hackers say they can Hack 250 Million iCloud Accounts

The actress Jennifer Lawrence had her nude photos published on the internet when hackers guessed the challenge response questions to her iCloud account. There are two lessons here: (1) don’t take photos of yourself in the nude and (2) always use two-factor authentication. (TFA only works on iOS 9 ...

Continue Reading

Be Informed. Stay One Step Ahead.

Sign up for our newsletter and stay up to date with the latest industry news, trends, and technologies