Welcome!

Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Hurricane Labs

Hurricane Labs Beacon Podcast Episode Number: .026 – Con Air Edition Hosts: Matt Yonchak (@mattyonchak), Patrick Sayler (@psayler), Steve McMaster (@iamthemcmaster), Tom Kopchak Security Jargon Decoded - Common security terms explained - Goat machine? Really? Buying Facebook Likes - Purchases groups of fake profiles - The more people liking a page, the more reputable it seems Blog Why Wall Street Hates Open Source The shift to IT utility: It’s not about the cloud Beacon Chrome Surpasses IE Marketshare NY Considering Ban on Anonymous Comments Online Google Autonomous Cars Approved for California Google Purchases Motorola Mobility Rant More Firewall Outrage Hack of the Week Yahoo! Axis App of the Week AppleTV iOS5 Tetherless Jailbreak ... (more)

Encrypt My Information, Please

By: Leigh Goldie For the last few months, security breaches have been on the rise (or let’s just say have been receiving more news coverage). We have seen countless stories of large, popular websites being compromised by unknown, or later identified, hackers. The quest, it seems, is to determine how easy it is to access the personal information of customers from any popular company. The hackers are proud of their accomplishments, as they have gained access to tens of millions of users account information. But it seems they have a message for corporations – encrypt your customers... (more)

Network Access Control (from the hacker, not the vendor)

Last week was the Information Security Summit at Tri-C Corporate College East. It was my first time at the Summit, so I went in looking to learn something new. Looking over the 'pre-con' training that they had to offer, I noticed an inexpensive course on NAC (Network Access Control). This was of relevant interest to me because of the fact not long ago one of my tasks as a penetration tester was to break into a NAC "secured" network. What me and my fellow tester found was a mis-configured, hard to understand and easy to subvert device that wouldn't have caught us if we walked in w... (more)

Where Security and Current Events Meet

Yesterday we started getting floods of malware alerts for machines on many different networks that we manage going out to a site that was identified a while ago for MS08-067 type activity. So we did our due diligence and notified our clients that we were seeing this traffic attempting to leave their network. As of now the alerts are still coming in. If you've watched the news at all over the past couple of days you've heard about the events in Austin, TX involving a plane being intentionally flown into an IRS building there. Thankfully only the pilot was killed and our thoughts g... (more)

Nothing New Under the Sun

I recently wrote a couple of to-be-published articles basically laying out all the reasons why we as security professionals should not be running away from so-called "new" technology. Essentially I am asking that we take the time to really understand what's so new about this stuff. SmartPhones, the "cloud", etc these are all repackaged versions of old technology. We're terrified of them because we think we don't understand them. The sad part is, we don't. We seem to be under the impression that all new technology is bad and inherently insecure, it isn't. It's not any more insecu... (more)