Author: Jim Broome

Harvesting Cb Response Data Leaks for fun and profit

Carbon Black’s Cb Response product is one of the more popular endpoint detection and response (EDR) tools available in an ever-growing marketspace. However, as a function of how the tool is architected, it is also a prolific data leaker. This threat report blog will help security organizations understand how our vulnerability assessment experts harvested data… Read more »

Finding Gaps Within Your Endpoint Protection Solution

With CIA Hacking Methods Leaked, Should You Worry?

The news that WikiLeaks released hundreds of documents revealing the CIA’s methods for hacking into smartphones and other Internet-connected devices has received global attention. So, what does the average person need to do to protect themselves if they are an Apple, Android or smart home gadget user? Some vendors have been proactive in publicly disclosing… Read more »

Passwords, The Need to Do Better

With today’s announcement of the FriendFinder Network website hack and the announcement that over 412 Million passwords were cracked, there is and will be a lot of discussion about the need for better protection of passwords at rest. While this is true, we caution that one of the most common issues that get lost in this discussion… Read more »

Information Security Challenges for 2017

So, as we come to the end of 2016, it is time to start looking ahead to the security challenges our customers will face in 2017. 2016 was full of security events from the hacking successes that made the news during the election year, to the deluge of ransomware that everyone is facing, to the… Read more »

2016 – A Year for Change

It is that time of the year again, when we force ourselves to stop for a moment and reflect on the events and technologies that we have encountered over the past year then adjust our service offerings to better meet the needs of our clients and the information security industry as a whole. In our… Read more »

SuperSerial-Active – Java Deserialization Active Identification Burp Extender

Definitively Identifying Java Deserialization Vulnerabilities [Part 1 of this blog series can be found here: Deserialization Passive Detection] To help our customers and readers definitively identify Java Deserialization vulnerabilities, we have created an additional Burp Suite Extender called “SuperSerial-Active” to complement our previous release of “SuperSerial-Passive” (https://github.com/DirectDefense/SuperSerial). Unlike the previous extender, which only passively identifies potential instances… Read more »

SuperSerial – Java Deserialization Burp Extension

Locating your Java Deserializaiton Issues [UPDATE: Part 2 of this blog series can be found here: Deserialization Active Identification] The weekend started off with a bang for some when Foxglove Security posted a blog pertaining to Java Deserialization issues. For application security folks, we just have to shake our heads once more. It comes as no surprise that… Read more »