Posts

It’s been three years since the introduction of rowhammer, a technique of bypassing memory isolation protection mechanisms to flip bits in memory. This attack occurs when a hacker gains code execution privileges on a local system and then rapidly writes and rewrites memory to force capacitor errors in DRAM. This corruption of memory contents can…

By now, most people have heard about Spectre, a security vulnerability present in just about all modern-day processors, namely AMD and Intel.  If you wish to understand this vulnerability in more detail, you can do so at https://spectreattack.com/spectre.pdf. But these vulnerabilities have been fixed, right? Well, yes, there are indeed OS, browser, and firmware updates that…

Did you know all 50 states have mandatory security breach notification laws? Even beyond industry and federal regulations, companies need to be prepared to answer state-level entities if they’ve been breached. Thanks to the National Conference of State Legislators, we have a hyperlinked list of the breach notification laws by state: view here. Categories:

GDPR compliance is a bear. Let’s face it. However, like anything else in life, if you whittle it down into more manageable chunks, it doesn’t have to be nearly as daunting. Cyberstone helps companies with the cybersecurity requirements under Article 32 which include: GDPR Requirement Cyberstone Service “ensure a level of security appropriate to the…

At midnight on July 13th, one of the largest clinical labs in the Unites States, LabCorp, fell victim to a Samsam ransomware attack conducted via brute force RDP attack. Thanks to LabCorp’s Security Operations Center (SOC), a data breach was prevented, and the ransomware was contained within 50 minutes. LabCorp’s SOC immediately intervened, alerting Incident…

“Compared with what we ought to be, we are only half awake. We are making use of only a small part of our possible mental and physical resources.” The author of this quote is the founding father of modern psychology, William James. Cyberstone employees found the quote in Dale Carnegie’s transcendental book How to Win…

Over last two decades, companies have protected data in transit with VPNs, HTTPS, and TLS. Those same companies have also protected data at rest with various file-level and whole-disk encryption technologies. For data in transit, your browser or VPN software contacts a web or VPN server, they negotiate a common set of capabilities such as…

Once in a while, a new technology built by the people, for the people emerges under the shadows of the tech giants. The technology we’re talking about today is a relatively new web browser called Brave. It’s creator is none other than the inventor of JavaScript, Brendan Eich. Brendan is an Internet Hall of Famer,…

Everybody knows about cryptocurrencies. It’s not news that hackers are trading stolen private information for Bitcoin. But what are we to make of the underlying technology that enables these transactions? Blockchain technology is at the heart of cryptocurrency but its application doesn’t stop there. Before we launch into how else blockchain can be used, here’s…

On Monday, the Department of Justice issued a notice that 74 individuals have been arrested in connection with phishing schemes primarily aimed at intercepting and hijacking wire transfers. Of the 74 arrests, 42 were U.S. citizens, 29 from Nigeria, and 3 in Canada, Mauritius and Poland. The arrests also included the seizure of about $2.4…