KALYPTO (IN)SECURITY

Research, demonstrations, and popcorn

Pi – 3/14 @ 1:59:26 AM

Pi is a number that has enamored people for hundreds of years.  While it is much older and was known far longer, it recently (within the last 250-ish years) became super popular.  Here are some facts to think about on Pi Day: Pi as a calculation has been known for over four-thousand years. Babylonians and…

Continue Reading

Vault 7: An attack on The United States of America

On Tuesday March 7th, 2016, WikiLeaks posted a trove of stolen files and data sourced from inside the Central Intelligence Agency.  This information was posted to the WikiLeaks website with a press release claiming the need for transparency to protect users.  This is just the first release in a long line they have setup for…

Continue Reading

Arris Modem Vulnerability – Updated 3/14

Arris is one of the single largest providers of cable internet modems in the United States and around the world.  I was playing around with this a bit tonight while bored and came up with a simple way to cause someone to reboot their modem just by visiting a page. The controls for configuration changes on Arris modems…

Continue Reading

Let’s get some self-respect back

I see a lot of arguments between people who have no clue about the truth behind the topics and points being argued. I miss the old days of the internet being solely for cat videos and pictures of what people ate for dinner. I always thought that was stupid… but it sure beat watching people…

Continue Reading

How to enable Authentication on your MongoDB instance

This is a quick post on enabling authentication on your MongoDB instance, but the first thing you should do is bring the MongoDB inside your network if possible.  If it is not exposed externally, there is a far lower chance of intrusion. The second thing is to create an administrator account that will be used for…

Continue Reading

MRIT – MongoDB Ransom Investigation Tool released on GitHub

I have written a simple multithreaded application used to Shodan exports for open MongoDB instances and report on ransom demands.  This tool is on GitHub and is released for free use.  The only caveat is that you may not modify it to cause harm. I will keep the list of known ransom demand schemas updated as I…

Continue Reading

STOP AND GO SECURE YOUR DATA… NOW!

After doing some research into MongoDB for the company I currently work for, I started looking around at some servers online.  What I found was amazing.  Database servers almost never need to be exposed on the perimeter of a network, but there are thousands upon thousands out there exposed.  I have seen excuses ranging from “We have our…

Continue Reading

Do your MongoDB admins know what they are doing?

Note:  This was originally posted to LinkedIn, but I have moved it over here to go along with the update I posted about the explosion of malicious ransom demands. MongoDB by default does not have very good security configured out of the box. Unfortunately, the technology is new enough and different enough that people tend…

Continue Reading

MongoDB Ransomware Explosion

Recently I posted an article on LinkedIn about MongoDB security… well, it turns out that this has exploded into a big issue.  Over the last two weeks malicious hackers have been going crazy with extortion schemes.  Hackers are connecting to unsecured MongoDB instances, encrypting the data and then demanding payment before they will release the…

Continue Reading

Have a Happy New Year and Don’t Drive Drunk

I would like to wish everyone a happy and safe New Year’s Eve.  I hope you all get to go out and spend time with family and friends to ring in the new year with cheer.  After the year we have had, we can all only hope that 2017 turns out better than 2016.  I have…

Continue Reading

1 2 3 5