• 1
  • 2
  1. How to Break Into Security
  2. AnalyzePDF - Bringing the Dirt Up to the Surface
    What is that thing they call a PDF? The Portable Document Format (PDF) is an old format ... it was created by Adobe back in 1993 as an open standard but wasn't officially released as an open standard (SIO 32000-1) until 2008 - right @nullandnull ?  I can't take credit for the nickname that I call it today, Payload Delivery Format, but I think it's clever and applicable enough to mention.  I did a lot of painful reading through the PDF specifications in the past and if you happen to do the same I'm sure you'll also have a lot of "hm, that's interesting" thoughts as well as many "wtf, why?" thoughts.
  3. Siphoning Data
  4. Major Bash Vulnerability Affects Linux, UNIX, Mac OS X
    As a heads-up, a critical Bash Vulnerability (CVE-2014-6271) was posted to the OSS Security Mailing List yesterday.  This is being reported as affecting every version of Bash (Linux, Unix, & Mac OS X).  It is advised to update Bash as soon as a patch is available on affected systems.  RedHat has already released patches.   Links: http://seclists.org/oss-sec/2014/q3/650 https://threatpost.com/major-bash-vulnerability-affects-linux-unix-mac-os-x/108521 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271 https://access.redhat.com/security/cve/CVE-2014-6271
  5. threat_note Announcement | Beta Release
    As some of you may have seen, I've been working on a new tool for security researchers to add, store and retrieve indicators pertaining to their research and analysis. Well, I'm excited to announce it's finally onGitHub and ready to be used by analysts. Please note, it's heavily in beta release right now, and there's countless things wrong with it. I'm hoping by announcing it and hosting it, others can start contributing to it and improving in areas where I lacked. This is my first adventure into web development, so I'm sure there's plenty of things that suck.
Cyber Defense and Response

Computer Defense & Response

Defense Point Security has expertise and a proven track record performing all areas of Computer Network Defense (CND). DPS understands the cyber security challenges faced by our customers, particularly pertaining to the ever-changing and persistent threat landscape that has continually increased over the past several years.
Security Engineering & Architecture

Security Engineering & Architecture

Whether a new solution is being designed or existing tools are to be utilized, DPS excels in performing integration of best of breed technologies to allow our customers to realize rapid returns upon their IT investments.
Information Security

Information Security

Our security professionals have successfully implemented FISMA requirements by reaffirming oversight compliance directed by Federally mandated laws, regulations, and directives that govern development and guidance of federal information system security practices.
Cyber Operations

Cyber Operations

The best defense isn’t a good offense, it’s a great one. Our highly trained and experienced team conducts offensive operations across a variety of networks and systems, providing ground truth about an environment’s security.
Managed Services

Managed Services

As Cyber Security grows more critical and complex to manage and operate, Defense Point Security, LLC (DPS) has created the DPS SHIELD: a suite of comprehensive Managed Security Services (MSS) customized to protect customer data and systems.
Research and Development

Research and Development

We choose to lead from the front and refuse to become complacent in the constantly evolving cyber security industry. Being in touch with, and delivering, state of the art security services and solutions to our customers pushes DPS to actively participate in the leading edges of security research and development.