Datenverstoß in der Sandbox

Die letzten Tage waren gelinde gesagt interessant, der Bundestag wurde wieder einmal gehackt und niemand weiß mehr als vorher. Mit all den fake News und Berichten ist es sehr schwer zu unterscheiden, was an diesem neuen Verstoß real ist und was nicht, oder ob es wirklich ein neuer Verstoß war. Was wir beobachten, ähnelt einer […]

Data Breach in the Sandbox

The last few days have been interesting to say the least, the Bundestag got hacked once again and no one is the wiser. With all the “fake” news and reports its very hard to distinguish what is and isn’t real about this new breach or even if it was really a new breach. What we […]

Docker Bug: Firewall workaround…

Published December 2018 We wanted to put out a Bug Info for newer Docker installations that interact with MongoDB. Due to changes in how Docker does its routing it and in some cases ignores IPChains and Firewall settings in certain situations that leads to your MongoDB schema and data being accessible with a MongoDB client […]

Lojax and OPERATION KRAKEN

Published October, 2018 What’s really going on? If you are reading this, you no doubt have read most of the alerts on LoJax the latest fun tool deployed by our friends from OPERATION KRAKEN or one of its groups APT 28. Since 2015 we have been tracking various types of APTs and Nation-State based technology […]

Operation KRAKEN

Article date: September 2018 ~ See also: “Operation KRAKEN strikes again” -published 4th of January 2019 The entire world is facing one of the most comprehensive espionage and disruption campaigns in its history. Throughout our research we always found separate attacks that really had us scratching our heads because we saw so many different types […]

Operation: POWERMONGER

Article from March 2018 If you have been following this site and the private one previously you will remember the talks and posts about how easy it is to hack voting machines and also the corrilation to voter databases that where out there on the darkweb. Many folks that where “supposed” analysts claimed I didn’t know […]

Operation IHAZCOINS – Mining Bots and Crypto Wild West

Article from March 2018 Operation IHAZCOINS the new “Cyber” Espionage and Warfare Use-Case! Back in December 2017 I was asked for my predictions of what are going to be the biggest new risks / threats. One of the topics I talked about was Cyber Currency and the fact that mining rigs are low hanging fruits for […]

SpamBotGate / Trent Hunt And all That Jazz

Article from September 2017 Hello Boys and Girls, its been some time since the last post and I thought I would give everyone that reads my ramblings a freebie. As you already know we look for interesting stuff and offer reporting for our customers. Many folks claim to be in the know and sell lots […]

@ssH@t – Purging the Interwebz of Phish-Vertising

Article from August 2017 So its been a while since the last post and much has happened, besides the fact that some $Random group as seen fit to install a FinFisher similar “Stealth” interceptor on my Applz Pwn and likely taken snapshots of my awesome body (yeah that’ll break the Internet for sure…).. Anyway moving […]

The DarkSide of D3fC0n

Article from August 2017 It was an interesting week at Defcon last Thursday to Sunday. During that week we also had Blackhat and BSidesLV and all these events want pass on information to a diverse community of security and IT folks that are mixed up and come from different countries, ethnicities and also genders. In […]