About epadmin

This author has not yet filled in any details.
So far epadmin has created 10 blog entries.

Malicious Ads remain a large threat to Organizations

2018-05-15T18:43:23+00:00Categories: Threat Intel|

So far, 2018 is shaping up to be a year in which malicious advertising is growing and spreading throughout the web. Threats are becoming more and more sophisticated, with home and corporate web surfers being tricked into clicking on innocent looking ads and unknowingly installing malware on their computers, or triggering other kinds of attacks. Many people and companies haven’t [...]

Vulnerabilities in Windows Graphics component allows for Remote Code Execution (CVE-2018-1010)

2018-04-11T23:02:53+00:00Categories: News and Updates|

Microsoft has released a critical security update patching five critical Vulnerabilities in the Font Library of the Microsoft Graphics component. The vulnerabilities affect all currently supported versions of Windows. Microsoft was able to develop and release patches before the vulnerabilities were publicly disclosed, and has released a notice addressing the following CVE's: CVE-2018-1010 CVE-2018-1012 CVE-2018-1013 CVE-2018-1015 CVE-2018-1016 The vulnerabilities exist [...]

Critical Remote Code Execution vulnerability in Cisco IOS, Cisco IOS-XE (CVE-2018-0171)

2018-04-06T15:32:36+00:00Categories: News and Updates|Tags: , |

A critical remote code execution vulnerability has been discovered in Cisco's Smart Install Client code. Remote attackers can leverage this vulnerability to execute arbitrary code without any authentication. This can also be used to create Denial of Service conditions. The vulnerability was initially presented at GeekPWN 2017 Hong-Kong May 13th, 2017, and was patched by [...]

Critical CPU Vulnerabilities Meltdown and Spectre Allow Access to Sensitive Data

2018-04-06T15:33:00+00:00Categories: News and Updates|

Spectre CVE-2017-5753 -- CVE-2017-5715 Meltdown CVE-2017-5754 What are Meltdown and Spectre? Meltdown and Spectre are a set of critical vulnerabilities found in the design of processors dating back to 1995. Both vulnerabilities were discovered independently and announced together to allow vendors to develop and distribute patches. Meltdown, the more serious of the two, allows an attacker [...]

ElevatedPrompt on Risk it podcast with Brayden York

2017-04-24T17:01:12+00:00Categories: News and Updates|

ElevatedPrompt's CEO, Jason Ng, is featured in this week's Risk it podcast with Brayden York. Discussion on cybersecurity and risk. http://www.baseportfolio.com/riskitpodcast/15-cyber-breaches-and-proactive-protection-with-jason-ng Cybersecurity awareness and visibility is a vital part of keeping your organizations secure. Find out how ElevatedPrompt can help your organization today.

DDoS Pearl Bot Unravelling with EPSTACK

2017-03-16T22:55:09+00:00Categories: Threat Intel|Tags: , , , |

Threat hunting provides us with threat intelligence data on potential attacks and allows us to stay ahead of the cat and mouse game of cybersecurity. By understanding emerging threats, we are better able to protect our critical assets. elevatedprompt utilizes a multi-layer approach to proactive cyber defence, and by leveraging of our log management and threat intelligence platform – EPSTACK, we are [...]

Secure SSH with 2-Factor Authentication

2017-04-17T15:38:16+00:00Categories: How To's|Tags: , |

Disclaimer: This article applies to Debian based Linux and Ubuntu variants Does not work if the user’s home drive is encrypted Getting started: I will be demonstrating how to use the Google authenticator PAM module for 2 factor. Google uses a time-based OPT algorithm and it does not phone home to work. You will need an Android or iOS device [...]

SSH Tunneling & Secure Browsing: Part III

2017-03-16T22:55:43+00:00Categories: How To's|Tags: , |

This time I will go over setting up SSH client in Linux, setting up key pairs and how to implement keys for authentication in Linux. Setting up tunneling in Linux is as easy as typing in: ssh -D 8080[:127.0.0.1] [email protected][:port] example: ssh -D 8080 [email protected]:443 In the above example my server is listening for SSH requests on port 443 instead of [...]

SSH Tunneling & Secure Browsing: Part II

2017-04-17T15:34:57+00:00Categories: How To's|Tags: , |

If you have completed Part I, you should have a running SSH server ready to tunnel all your needs. If you are on a PC running Microsoft’s Windows operating system like me, download PuTTY 0.62-installer.exe from http://the.earth.li/~sgtatham/putty/latest/x86/putty-0.62-installer.exe and install it. PuTTY will be our SSH client and we are going to cover: Password Authentication Asymmetric Key based authentication (RSA) The [...]

SSH Tunneling & Secure Browsing: Part I

2017-03-16T22:58:12+00:00Categories: How To's|Tags: , |

Checking your Facebook page from Starbucks? Checked your banking information from the Hotel WiFi? Or are you going to Defcon this year?  Public internet is not secure and there is a need for secure browsing. There are many ways to achieve this and Obfuscate the traffic for eavesdroppers and protect ourselves against Man In The Middle (MITM) attack. After trying a [...]

Come by our booth March 13 & 14, 2017 at BSides Vancouver, a two-day, high-caliber gathering for information security professionals, hackers, coders and the greater tech community. link to https://bsidesvancouver.com/