It’s that time of year again where Cupid’s arrow strikes and love is in the air. Unfortunately, with love also comes a slew of scams. People trying to take advantage of your emotions and get money out of you. This Valentine’s Day, be aware of the different scams that may be targeting you. We’ll cover how to avoid fraud, catfishing and other techniques used by scammers this Valentine’s Day. Prefer a video over a good read?
An industry with a vast amount of disciplines and specialisations is likely to make newcomers apprehensive when starting. An individual may consider the many paths they wish to walk down and become encumbered with feelings of fear and doubt in their abilities. This is a position that many cyber-security professionals are likely to find themselves in.
We’re kicking off a new series of blogs featuring some of the best live and recorded content from our consultants with Alex’s ‘The Kill Switch’ talk as seen at the Future of Cybersecurity Event. Alex talks us through a hackers methodology. Focusing on threat sources, threat actors and how to analyse said threats. He then walks through the methodology known as ‘The Kill Chain’.
First off, before we get into the technical details of attacking applications, a few housekeeping bits must be understood. This blog is aimed at technical individuals that already understand at a basic level Android development and architecture, aiming to give security testers and application developers an insight into the ways an attacker may interrogate code to achieve some form of compromise.
It was early 2003 in central Iraq, a couple of hours before dawn, 30 degree heat, and everything had a green tint through the night vision goggles. I was on an operation with a team from the US Psychological Operations forces (psyops) and an ODA (Operational Detachment Alpha) from the US Special Forces. We'd spent days gathering HUMINT (Human Intelligence) and undertaking reconnaissance on the target. The ODA team was set up for the assault, the psyops were ready to run diversionary tactics and I was on the team providing comms and perimeter security. Authorisation was given from above, the operation began, and the sky lit up with tracer rounds.
On 3rd November, Bleeping Computer reported that the BlackMatter Ransomware-as-a-Service group had posted a message alerting users that its operations were ceasing within 48 hours. The message advised affiliates to obtain their decryption keys so that they could continue to extort current victims.
It used to be that technological innovations such as the internet made the world smaller and bought us all closer together. Sadly, that augmented ability to reach others brought with it a new avenue for unwanted and unpleasant interactions. In 2021, a study by Sapio Research on behalf of Respect in Security, showed around one third of cybersecurity professionals claimed to have personal experience of harassment, either online or in the workplace.
It has been reported that the hack that took down the largest fuel pipeline in the United States and led to fuel shortages across the whole of the East Coast was the result of a single compromised password that was leaked on the Dark Web through a data breach. On April 29th 2021, hackers gained access to the network of Colonial Pipeline Co. via a Virtual Private Network (VPN) connection that allowed the hacker remote access to the corporate network.
On 15th April we were delighted to attend the Digital City Awards online ceremony where we scooped two wins, the Cyber Security Project of the Year and the major award category, The Digital City Innovation of the Year Award. This award recognises the novel product or service which has revolutionised the way things are done and made a real difference in its intended field.
The final part of this mini Red Team blog series discusses the benefits a Red Team Assessment will bring to your organisation. A security test of any sort is ultimately designed to see how your business can mitigate and learn from any issues found. Yes, compliance can come into this and passing and failing a test is a factor but creating a strong infrastructure to protect the business and customer interests is the key factor here.
