KALYPTO (IN)SECURITY

Research, demonstrations, and popcorn

Do your MongoDB admins know what they are doing?

Note:  This was originally posted to LinkedIn, but I have moved it over here to go along with the update I posted about the explosion of malicious ransom demands. MongoDB by default does not have very good security configured out of the box. Unfortunately, the technology is new enough and different enough that people tend…

Continue Reading

MongoDB Ransomware Explosion

Recently I posted an article on LinkedIn about MongoDB security… well, it turns out that this has exploded into a big issue.  Over the last two weeks malicious hackers have been going crazy with extortion schemes.  Hackers are connecting to unsecured MongoDB instances, encrypting the data and then demanding payment before they will release the…

Continue Reading

Bricking the Apple Message App

There are three reasons an exploit may exist in code:  poorly written code, logic failure on the part of the developer, or in the case of this exploit, using something in a way that was never intended or tested.  Arguably, this last one may be considered part of the logic failure area, but I tend to keep it…

Continue Reading

NetGear Vulnerability Expanded

A vulnerability was discovered in some NetGear routers that allows remote command execution by visiting a malicious site or a legitimate site that has malicious ads served to it via AdSense or any number of other ad services. The vulnerability allows execution of Linux commands by simply appending the command to a URL.  The commands execute with…

Continue Reading

Security and Voting

The issues around voting are enormous.  I couldn’t even pretend to know them all or understand the full impact.  Especially without being able to examine the voting machines being utilized for this election.  That being said, there are some very minor changes that could be made in order to further secure the voting process and…

Continue Reading

The NSA and The Shadow Brokers

As most everyone is well aware, there has been a breach at the National Security Agency.  At some point, data and tools from some of the most protected areas of the NSA were stolen.  On Monday (2016-08-15), a sample of the data stolen, as well as details on an auction for the full data set, was…

Continue Reading

Black Market SaaS

Black Market SaaS – The world of cybercrime changed

Historically, cybercriminals committed crimes in small groups or organized through larger groups like the mob.  To use botnet, It took some skilled people writing malware, infecting a ton of computers, and then using it to steal information or throw a server offline through a DDoS (distributed denial of service) attack. Today, this is changing. Today, someone…

Continue Reading

Update on Buffalo Wild Wings

Note: Just in case they get an attitude, the image above is satirical and in no way represents the views, ideas, or promotion of my blog by the Buffalo Wild Wings company.  Well… someone else will have to let me know if they ever fix the security hole in their wifi/kiosks.  Buffalo Wild Wings officially…

Continue Reading

Finding an IP Behind a Reverse Proxy: How to look like a fool and influence people…

I have posted before about checking a specific IP for a website.  I wanted to go a little more into detail on how to use it and how to know when you are getting a false positive. There are a few ways you can query a specific IP for a website.  You can use DNS…

Continue Reading

Paris, ISIL, and Anonymous

On Friday a group of radical Islamists attacked Paris.  This was a very low-tech, high-coordination attack.  The group attacked six locations simultaneously and killed over 120 people.  I can’t give an exact number because everywhere you look, you will see different numbers.  You will also see those numbers increase as some of the critical condition…

Continue Reading

1 2 3