All Posts

4 min Public Policy

Rapid7, Bugcrowd, and HackerOne file pro-researcher comments on DMCA Sec. 1201

On Mar. 3rd, Rapid7, Bugcrowd , and HackerOne submitted joint comments to the Copyright Office urging them to provide additional protections for security researchers. The Copyright Office requested public input as part of a study on Section 1201 of the Digital Millennium Copyright Act (DMCA). Our comments to the Copyright Office focused on reforming

5 min IT Ops

Brics Vs RE2/J

By Benoit Gaudin and Mark Lacomber Regular Expressions When it comes to searching unstructured data, regular expressions are a very useful and powerful tool. The power provided by popular regular expression libraries does come with a significant performance cost in some cases though, both when compiling regular expressions into automata (state explosion problem when determinising automata) and when using these automata to match input. These constraints are usually acceptable for individuals ne
3 min Release Notes

Weekly Metasploit Wrapup: March 14, 2016

Scanning for the Fortinet backdoor with Metasploit Written by wvu Metasploit now implements a scanner for the Fortinet backdoor. Curious to see how to use it? Check this out! wvu@kharak:~/metasploit-framework:master$ ./msfconsole -qL msf > use auxiliary/scanner/ssh/fortinet_backdoor msf auxiliary(fortinet_backdoor) > set rhosts 417.216.55.0/24 rhosts => 417.216.55.0/24 msf auxiliary(fortinet_backdoor) > set threads 100 threads => 100 msf auxiliary(fortinet_backdoor) > run

5 min IT Ops

A point of @Contention- cache coherence on the JVM

Java 8’s major changes- lexical closures, the stream API, e.t.c have overshadowed a slew of little gems, one of which I only discovered the other day- the @Contended annotation. False Sharing Chances are you’re reading this on a device with more than one CPU. There’s therefore also quite a good chance the you have more than one thread of execution running at the exact same time. There’s an equally good chance that some of your fancy multiprocessor CPU’s on-die memory (aka L2/3 cache) is share
3 min

Atomic Design @ Rapid7

Device-Level Design Should Not Be A Thing Large monitors, small monitors, laptops, tablets, smartphones, smartwatches, toasters, refrigerators…where will it end? Nowadays, application designers need to consider a plethora of devices as they design. While we are not considering designing Nexpose and InsightIDR for your toaster, maybe one day we will! Although, Brad Frost tells the world of design that device-level design is an outdated concept. That's news to our ears! Let's look at this more c
3 min Threat Intel

Threat Intelligence Foundations: Crawl, Walk, Analyze - Part 3

This is the third post in a three-part series on threat intelligence foundations, discussing the fundamentals of how threat intelligence can be used in security operations. Here's Part 1 and Part 2 . Intelligence Analysis in Security Operations In the first two parts of this series we talked about frameworks for understanding and approaching intelligenc
5 min Threat Intel

Threat Intelligence Foundations: Crawl, Walk, Analyze - Part 2

This is the second post in a three-part series on threat intelligence foundations, discussing the fundamentals of how threat intelligence can be used in security operations. Read Part One here . Tinker, Tailor, Soldier, Spy: Utilizing Multiple Types of Intelligence Just as there are different operational levels of intelligence—discussed in detail in the first post

4 min IT Ops

Deciphering MySQL Logs: The What, Why, and How

Logs are one of the best ways to understand what a server is doing. Thankfully, MySQL has no shortage of log activity to assist a DBA in its maintenance. It writes out its activity to 5 different logs.  This post will take a look at the existing MySQL logs and how they assist the administrator. * On Windows, - The log is written to the data directory with a .err extension even if not explicitly enabled. * Errors are automatically written to the Event Log. This behavior is standard and
4 min Threat Intel

Threat Intelligence Foundations: Crawl, Walk, Analyze - Part 1

This is the first post in a three-part series on threat intelligence foundations, discussing the fundamentals of how threat intelligence can be used in security operations. There is a consensus among many in threat intelligence that the way the community has approached threat intelligence in the past -  i.e, the “Threat Data → SIEM → Magical Security Rainbows” approach has left something to be desired, and that something is usu
5 min IT Ops

The Role of Log Files in Experiments

You have heard, no doubt, of theLean Startup .  If you need a refresher to place the name, it’s a book, but it’s also a business trend with such momentum as to have awebsite advertising it as a “movement.” And, frankly, that advertisement is hardly a stretch.  The title and the terms coined in it are on everyone’s lips in the tech industry these days because people at companies of all s
3 min InsightIDR

Launching InsightIDR: From compromise to containment, FAST.

We just launched InsightIDR, the only fully integrated detection and investigation solution that lets you identify a compromise as it occurs and complete an investigation before things get out of control. InsightIDR does three things well: detect attacks with high fidelity, accelerate investigations, and end the drudgery of security data management. I'd like to take a minute to share how we got here and why we're so excited to show you InsightIDR. Cutting through the Noise to Detect Attacks

5 min IT Ops

TypeScript Language Primer

What is TypeScript? TypeScript is an open source typed superset of JavaScript which compiles to plain JavaScript. Many people have considered JavaScript’s loose typing as a problem, but now TypeScript offers a solution to that. Specifically, TypeScript allows you to code with decorators/annotations, classes, interfaces, private properties and typing compliance. We also might say that TypeScript is ES6 with some extra options. What does TypeScript do?

6 min IoT

Smile! You're on Candid APT

Recently IP camera hacking has taken front stage in the news . Actually, hacking IP cameras is not all that new—it's been around for a number of years—but historically the focus has been related to gaining access to just the video portion of the camera. But with IP cameras being one of the many IoT technologies out there often found to be improperly secured, I figured it was time to look
8 min IT Ops

IOT made real - Using TI SensorTag data with Logentries and NodeRed

Learn how to send IoT Data from the TI CC 2650 SensorTag to Logentries (using Node-Red). This is the first of a series of IoT blogs that show you how easy it can be to integrate a range of real sensor devices with Logentries and how to use the data from those devices once it is in Logentries. This follows the earlier blog showing why a centralised logging service would be useful for IoT developers and users. This series of blogs will show ju
2 min IoT

CVE-2015-7547: Revenge of Glibc Resolvers

If you've been involved in patch frenzies for any reasonable amount of time, you might remember last year's hullabaloo around GHOST , a vulnerability in glibc's gethostbyname() function. Well, another year, another resolver bug. gethostbyname(), meet getaddrinfo() This time, it's an exploitable vulnerability in glibc's getaddrinfo(). Like GHOST, this will affect loads and loads of Linux client and server applications, and lik

Popular Topics

Tags