Profile cover photo
Profile photo
Jacob Williams (Jake)
380 followers -
I hunt malware, reverse engineer code, and other such awesome things.
I hunt malware, reverse engineer code, and other such awesome things.

380 followers
About
Posts

Post has attachment
It's 10pm, do you know where your API keys are?
Yesterday, the social media archival service Timehop announced that they had suffered a breach. The service allows users to look back through their social media feeds to see what was happening last year for instance. In order to facilitate this, Timehop sto...
Add a comment...

Post has attachment
DrupalGeddon 2.1 and the state of vulnerability management
If you’re running Drupal 7.x, 8.4.x, or 8.5.x, a new patch was released Wednesday . The patch was rated Critical with a score of 20/25. The Drupal team notified users two days before the patch was released so they could be ready to patch. The patch went liv...
Add a comment...

Post has attachment
New Windows 7 and Server 2008R2 out of band patch
Microsoft usually only issues patches on the second Tuesday of every month (so-called “Patch Tuesday”). However, when there is a vulnerability that is being exploited in the wild (or is likely to be) Microsoft may issue an out of band patch. That’s exactly ...
Add a comment...

Post has attachment
Atlanta government was compromised in April 2017 - well before last week's ransomware attack
Last Thursday, the City Of Atlanta suffered outages from a ransomware attack. During the press conference ( recorded here ), city officials indicated that they were invested in cyber security. They noted that they were working with state and federal law enf...
Add a comment...

Post has attachment
Countering Russian cyber influence operations
Last Friday in SANS NewsBites , I saw an article talking about how NSA has not taken any action against the reported Russian cyber influence operations in US elections. Many laypeople have commented to me that the US can’t continue to operate in an environm...
Add a comment...

Post has attachment
Vulnerability disclosure – did we get it right with Meltdown and Spectre?
Today Rendition Infosec is releasing a blog post that we started writing more than a month ago. Why now? The dust has settled, that’s why. Prior to the dust settling on Meltdown and Spectre, we think this very important conversation would have been lost in ...
Add a comment...

Post has attachment

Post has attachment
Top three considerations when limiting local administrator rights
Ideally we would always remove administrator rights from all users. But in the real world, we unfortunately must deal with years of technical debt and poor architecture decisions that make the complete elimination of administrator rights difficult (or finan...
Add a comment...

Post has attachment
Infosec Advent Challenge #14 - syslog intrusion analysis
We've posted the 14th challenge in the "Infosec Advent" series. This one is a Linux server intrusion case. You get syslog and auth.log. Unfortunately that's all that was being forwarded. We have some Linux syslog and authentication logs download here. Downl...
Add a comment...

Post has attachment
Infosec Advent Challenge #13 - web server intrusion analysis
We've posted the 13th challenge in the "Infosec Advent" series. This one is a web server intrusion case where we will ask you to analyze the logs and let us know what you find. We have a set of web server logs that you can download here. Download and analyz...
Add a comment...
Wait while more posts are being loaded