The approach of a “lessons learned” exercise is a method of continuous improvement that is based on a singular event (COVID-19) or similarly related events.

Pwnagotchi is an A2C-based “AI” powered by bettercap and running on a Raspberry Pi Zero W that learns from its surrounding WiFi environment in order to maximize the crackable WPA key material it captures. This material is collected on disk as PCAP files containing any form of handshake supported by hashcat, including full and half WPA handshakes as well as PMKIDs.

Having been part of the penetration testing industry for over 15 years, I’ve been challenged by many clients with this very question. The fact is that they are right, a penetration test is a point-in-time assessment and new vulnerabilities are discovered every day. We hope that our patch and vulnerability management processes along with our defensive controls keep our systems secure.

Before the current reality of rapidly implementing solutions that support “social distancing” and “self-isolation,” IT organizations were overloaded; do we stand a chance today?  Failure is not an option, and we can all use some help now and then; many organizations need help right now!  SynerComm has a long history of partnering with customers to overcome these challenges.

Most enterprises are getting slammed with employees working from home. Most of us designed our remote user VPN’s for the occasional "snow day" ...right. Now we have an entire workforce, working from home full time for weeks…maybe months …oh yeah, and using a full suite of applications including voice… crazy. No really!

As the business world reacts to the current health crisis, companies are offering remote access to any role that can work from home. Taking a cue from the changing environment, cyber-criminals are already taking advantage. Here are some recommendations on continuing to practice good information security hygiene as more of the access moves outside of the physical office.

We all know the stats of the Coronavirus, although they are changing by the minute. We know what to do personally and for our families but what about for our Company? Many customers do have Business Continuity Plans or Enterprise Risk management plans, but do they include plans for a Pandemic such as this?

Palo Alto Networks firewalls have the ability to create security policies and generate logs based on users and groups, and not just IP addresses. This functionality is called User-ID. User-ID™ enables you to map IP addresses to users on your network using a variety of techniques.

From a quick assessment on what has been published thus far on the CMMC regulation and its overall goal, it appears that contractors lack of information security will no longer be tolerated by the DoD. Beginning with the introduction of the new regulation to the public in January of 2020, it is expected that new contractual requirements will include CMMC starting in June of 2020, and enforcement for current contractors starting in September of 2020.

One of the greatest, yet seemingly unknown, dangers that face any cloud-based application is the deadly combination of an SSRF vulnerability and the AWS Metadata endpoint. As this write up from Brian Krebbs explains, the breach at Capital One was caused by an SSRF vulnerability that was able to reach the AWS Metadata endpoint and extract the temporary security credentials associated with the EC2 instance's IAM Role.