KALYPTO (IN)SECURITY

Research, demonstrations, and popcorn

The NSA and The Shadow Brokers

As most everyone is well aware, there has been a breach at the National Security Agency.  At some point, data and tools from some of the most protected areas of the NSA were stolen.  On Monday (2016-08-15), a sample of the data stolen, as well as details on an auction for the full data set, was…

Continue Reading

Vulnerability Found: Russian District of Tambov Government Site

The Russian District of Tambov’s government run website is vulnerable to a PostgreSQL injection.  The site is not fixed as I have tried sending several notices to the site owners, but every email I have sent bounced back and every “Contact Us” form I have submitted timed out without sending. As per usual, the actual…

Continue Reading

Regarding the Sony Hack…

Okay, I have to be careful how I write this and how much to say.  I don’t mean to make that sound exaggeratedly clandestine, but by the very nature of information security, it makes sense not to disclose everything that is not public already. But… let’s get this show on the road. Sony was not…

Continue Reading

Vulnerability Found: Radixx International

The information I release for this vulnerability will be limited since the issue has not been patched.  I contacted Radixx twice over a month ago requesting someone get in touch with me so I can discuss the vulnerability with them, but they have not responded so far. Vulnerability Type: Unsecured Access Implications:  Unauthorized access to…

Continue Reading