KALYPTO (IN)SECURITY

Research, demonstrations, and popcorn

Bricking the Apple Message App

There are three reasons an exploit may exist in code:  poorly written code, logic failure on the part of the developer, or in the case of this exploit, using something in a way that was never intended or tested.  Arguably, this last one may be considered part of the logic failure area, but I tend to keep it…

Continue Reading

NetGear Vulnerability Expanded

A vulnerability was discovered in some NetGear routers that allows remote command execution by visiting a malicious site or a legitimate site that has malicious ads served to it via AdSense or any number of other ad services. The vulnerability allows execution of Linux commands by simply appending the command to a URL.  The commands execute with…

Continue Reading

Help Save a Veteran’s Life

This week we lost another brave soul who stood up for his country.  Justin was a man that served his country with honor and always had the backs of his friends and family.  Unfortunately, the demons won.  Justin left behind a wife and daughter and I am sick of this happening.  There is more we can do. …

Continue Reading

Security and Voting

The issues around voting are enormous.  I couldn’t even pretend to know them all or understand the full impact.  Especially without being able to examine the voting machines being utilized for this election.  That being said, there are some very minor changes that could be made in order to further secure the voting process and…

Continue Reading

NSA CyberSprint Results

So, I put off writing this for personal reasons, but figure why not finally post it now.  I regularly try my hand at competitions related to hacking and Information Security in general.  I find they are a good way to see how you stack up against others and get an idea of where your weak…

Continue Reading

The NSA and The Shadow Brokers

As most everyone is well aware, there has been a breach at the National Security Agency.  At some point, data and tools from some of the most protected areas of the NSA were stolen.  On Monday (2016-08-15), a sample of the data stolen, as well as details on an auction for the full data set, was…

Continue Reading

Protesting Pro Tip

Pro Tip: If you are “protesting” by blocking traffic… you’re not protesting. You’re being an asshole and inconveniencing people. Protesting is done against the group you want to change. If you are protesting and inconveniencing people unrelated to the grievance you have, you are not protesting… you are trying to get on TV. You want…

Continue Reading

Black Market SaaS

Black Market SaaS – The world of cybercrime changed

Historically, cybercriminals committed crimes in small groups or organized through larger groups like the mob.  To use botnet, It took some skilled people writing malware, infecting a ton of computers, and then using it to steal information or throw a server offline through a DDoS (distributed denial of service) attack. Today, this is changing. Today, someone…

Continue Reading

Facebook Vulnerability… They ignored it until now.

Note:  I was not going to post on this originally since Facebook refused to fix the issue.  I like sharing things I find, but not if it is going to screw over a bunch of people.  However, others have now found the hole and are publicly demonstrating it. Back on May 7th my mother was trying…

Continue Reading

The Florida Shooting and Impact

Today, June 12th, 2016, the United States was rocked by the largest mass shooting in our history.  The shooting took place at a club in Orlando, Florida.  At least 50 people were murdered and at least 53 more were injured.  The attacker told police during a call that he was working with ISIL. Over the…

Continue Reading

1 2 3 4 5