Profile cover photo
Profile photo
Kevin Creechan (RawInfoSec)

Running MacOS High Sierra?

Drop what you're doing and change the root password ASAP.

sudo passwd -u root

Post has attachment
Here comes #BadRabbit. Yet another piece of robust malware using Flash as an entry point.

We've recommended removing Flash for a couple of years now. Here are some instructions on removal from various operating systems and browsers.

You're going to hear about a WiFi vulnerability in the WPA2 protocol. It's a pretty serious bug.

RawInfoSec have always treated any Wifi network as an untrusted network as it's relatively weak in many other areas. This new vulnerability really doesn't change anything for us, we still treat any business wifi networks as an untrusted segment and treat it accordingly to mitigate the associated risks.

Contact RawInfoSec today to find out how your business can safely utilize the convenience of WiFi without the risk.

Post has attachment
Turn off Bluetooth and wait for an update.

News about IOS being immune are false. If you're not running IOS 10 you are vulnerable.

Post has attachment
Another reminder why you don't use consumer grade (i.e. anything found at Bestbuy) equipment for your network!

WannaCry 2.0 is out in the wild, with the killswitch removed.

Don't stop patching, incredibly important to complete.

Major ransomware attack sweeping the globe today. Thousands infected already.

Disconnect any backup or external storage systems. Make sure you have updated ALL systems before reconnecting. We're looking at the NSA SMB exploit being the core exploit used, patches released in March... no excuse for this level of success in an attack.

Update: C2 is down. For now. Expect it to have safeguard though, continue mitigation.

Post has attachment
Have any HP machines? Might want to disable the audio drivers keylogging capabilities.

Post has attachment

Post has attachment
New(ish) attack on Gmail users.

Received an email from one of your contacts saying they've shared a document with you? If clicked, the web-app will try to obtain oauth permission to your gmail account.

Don't click.
Wait while more posts are being loaded