I brag about how awesome infosec is. More often than not I will complain about a thing or two. Basically, no catchy lines here, just some honest thoughts and advice.

A Healthy Dose of Ransomware

Healthcare continue to be a prime target for ransomware. All hospitals, small and large, seem to be on a hit list. Hospitals around the U.S. are reporting ransomware incidents. In fact, HHS has stepped in with its guidelines on ransomware and claims a ransomware incident is a data breach unless the hospital can prove no data exfilteration...
Read More

Stop Using MS Word/Excel "Restrict Editing" Option

Clarification: These methods only work for documents that are "restricted for editing". It does not work for files that are "password encrypted". Microsoft Word stores passwords hashes and salts inside the document. Method 1: Rename filename.docx file extension to Open resulting zip file in 7zip. Navigate to word folder inside the zip file. Open settings....
Read More

Let's Talk Crypto

Cryptography is big part of today's information security. Hence, it is important to know at least the basics. So, let's begin with some terms and their definitions. Cryptography: The art and science of making secret codes. Cryptanalysis: Analysis of secret codes. In other words, art and science of breaking codes. Cryptology: Combination of the two above. The art...
Read More

Investigating a DNS DDoS Attack

Update: AT&T sent me a new modem which gave me a new IP address. All is fine now :) ORIGINAL POST: Last night I began noticing extreme slowness in traffic bound to Google Play Store. Strangely enough, all other network traffic was fine. Upon further investigation, I realized that my Sophos Home UTM was dropping hundreds of...
Read More

Root DNS Servers Experienced DDoS Attack with 5 Million Queries per Second

A report from Root [DNS] Server Operations or rootops published on December 4th, 2015 stated that the Internet Domain Name System’s root name servers received a high rate of DNS queries over two separate intervals. The incidents occurred on November 30, 2015 and December 1st, 2015. The queries were “well-formed, valid DNS messages for a single domain...
Read More