Lares Top 5 Penetration Test Findings For 1H 2019 – Analyzed the similarities between the most frequently observed methods to facilitate access in the first half of 2019 (1H2019).
Jupyter Descending – An analysis of remotely accessible and unprotected Jupyter notebook servers.
The 2015 Internet of Things In The Enterprise Report – A worldwide data-driven security assessment of Internet of Things (IoT) devices and infrastructure found in businesses.
Hello Barbie, Hello Security Issues – Detailed research into the security and privacy vulnerabilities surrounding the Hello Barbie connected toy from Mattel, Inc.
XCodeGhost ‘Materializes’ on App Store – Analysis of the C2 domains from the perspective of the OpenDNS Global Network Infrastructure.
Five Things To Know About The Tesla Motors Compromise – Deep dive analysis into the teslamotors.com website redirection to a server hosted in Amsterdam.
Investigating A Malicious Attachment Without Reversing – An example of using some free tools and DNS logs to expedite the analysis process.
Google Search Page In Vietnam Hijacked – Analysis of Lizard Squad hijack and redirection of google.com.vn domain.
Fessleak before It Was Cool – Analysis of malicious activity surrounding the Fessleak threat actor Michael Zont.
Visualizing 2014 Attack Data – Sample of some of the most publicized and prominent events that affected the Internet at large in 2014.
Internet of Things (IoT) meets the Internet of Holidays (IoH) – Findings through the lens of the Internet of Things (IoT) connected devices, home automation products, toys, and wearable devices leading up to the 2014 Holiday season.
Point of Sale Breach Timeline – Analysis of point of sale (PoS) breaches that have occurred over the years.
Gameover ZeuS Switches From P2P to DGA – Detailed analysis of Malcovery findings related to Gameover ZeuS post Operation Tovar.
Xerox Printer Beacons And The Importance of Documentation – Detailed analysis of Xerox printer DNS beacons to the public Internet.
If Syria Falls Off The Internet, Does Anyone Notice? – Analysis of a major disruption in DNS queries for the Syria (SY) country code top-level domain (ccTLD).
Determining Cloud Service Provider property values using real estate economic models and the exposed attack surface area of neighboring guest instances – Paper detailing how the economic models used to derive real estate property values can be adjusted and applied to Cloud Service Providers (CSP) pricing to help determine more accurate valuation of guest instances and the region in which they operate.
Security and the Cloud 2012 – Results of the survey of 201 IT professionals regarding their concerns and insights on cloud use and security.