I brag about how awesome infosec is. More often than not I will complain about a thing or two. Basically, no catchy lines here, just some honest thoughts and advice.

Stop Using MS Word/Excel "Restrict Editing" Option

Clarification: These methods only work for documents that are "restricted for editing". It does not work for files that are "password encrypted". Microsoft Word stores passwords hashes and salts inside the document. Method 1: Rename filename.docx file extension to Open resulting zip file in 7zip. Navigate to word folder inside the zip file. Open settings....
Read More

Let's Talk Crypto

Cryptography is big part of today's information security. Hence, it is important to know at least the basics. So, let's begin with some terms and their definitions. Cryptography: The art and science of making secret codes. Cryptanalysis: Analysis of secret codes. In other words, art and science of breaking codes. Cryptology: Combination of the two above. The art...
Read More

Investigating a DNS DDoS Attack

Update: AT&T sent me a new modem which gave me a new IP address. All is fine now :) ORIGINAL POST: Last night I began noticing extreme slowness in traffic bound to Google Play Store. Strangely enough, all other network traffic was fine. Upon further investigation, I realized that my Sophos Home UTM was dropping hundreds of...
Read More

Root DNS Servers Experienced DDoS Attack with 5 Million Queries per Second

A report from Root [DNS] Server Operations or rootops published on December 4th, 2015 stated that the Internet Domain Name System’s root name servers received a high rate of DNS queries over two separate intervals. The incidents occurred on November 30, 2015 and December 1st, 2015. The queries were “well-formed, valid DNS messages for a single domain...
Read More

Big day for exploits

Nearly 90 percent of Android devices vulnerable to endless reboot bug.- Exploits a flaw in Android media players when running .mkv files only. The vulnerability affects Android versions 4.0.1 to 5.1.1 Google has already patched the vulnerability. Revamped RIG exploit kit infects 1 million PCs (27,...
Read More

The author would love to hear your comments. Let us discuss at Twitter @hashtaginfosec.