Your Appliances Are On The Attack


Friday, October 21st was a rough day for many on the internet. This was the day a massive DDoS attack took place against Dyn DNS; taking sites like Twitter, Amazon, New York Times, and many others off line.  With our favorite social media tools down OSINT was slim, so we had to find other ways […]

Spear phishing attacks breach Podesta, Powell, and the DNC


  Recent headlines have thrown social engineering tactics back into the spotlight and with the election, it’s no wonder that the candidates are the primary targets of attacks. In recent months Robert Podesta, Colin Powell and the Democratic National Convention have had emails dumped to WikiLeaks by persons unknown. While many of these are attributed […]

Hello Barbie. The doll that REALLY listens


It’s nothing new that when we’re on the Internet, somewhere, a small portion of our semi-personal or personal data is being cached. We’re a society used to being watched in some form or another while online. And sad to say, most people just accept this. However, what about when that steps over the line from […]

What comes after the huffing and puffing?


In the midst of all the recent articles about information breaches, a trend is emerging. We seem to be hearing more lately that prevention of breaches, while not to be ignored, should not be the sole focus of digital or physical security programs. More news articles, tweets from the infosec community, and even commercial products […]

Friends Don’t Send Friends Malware on Facebook


Yes, the kittens are cute and who wouldn’t want to see another photo of the latest celebrity embarrassing themselves? But can we all just agree that as cool as the latest trending video is on Facebook, it’s probably not worth getting infected over? We’re sure you’ve heard about the malware infecting 110,000 Facebook users. Yes, […]

What damage does social engineering really cause anyway?


Sometimes in the tech field, we can get so caught up in “what’s new” that we lose sight of the importance of “what’s practical.” The coolest new digital hacks are interesting but when it comes to information security, longevity and popularity of attacks relevant to your industry are what awareness campaigns are built on. The […]

Let’s Go Vishing


Vishing, or eliciting information over the phone, is a common social attack vector. It’s proven to be one of the most successful methods of gaining information needed to breach an organization, even when used by an inexperienced attacker. When you can’t hack your way through your pentest, when you can’t break in with your red-team, […]