What is Cyber Warfare?

What with the current news around the events in Iran, the security level has been raised across most of the western world. With the heightened security levels, we can also expect cyber attacks from nation state actors based in Iran and the middle east on western infrastructure. This blog has been in my backlog for... Continue Reading →

A Review of 2019

What a difference 365 days makes. 2019 has been an eventful year for cyber security professionals with a number of new threats emerging as well as an escalation in ransomware and level of data breaches as well as all the normal threat vectors. IoT has also featured heavily in the cyber security landscape. But first... Continue Reading →

Open Redirects & Malware Installers

This week I noticed a report on how malware could be downloaded and installed using an Open Redirect from Cisco. Lets first define what an Open Redirect is. An open redirect is when a legitimate site allows unauthorized users to create URLs on that site to redirect visitors to other sites. For example, Google has... Continue Reading →

Domain Typo Squatting

I would like you to take a look at the following web address: What do you see? Do you see microsoft.com? You would be very wrong if you did. Zoom in on the above picture. This address is actually RNICROSOFT.COM and not the address you first thought of. UNDER NO CIRCUMSTANCES GO TO ANY ON... Continue Reading →

Malware 101 – A Pocket Guide

This post is a general round up of the various types of malware that is in circulation today. Typical types of malware are: BackdoorsFile-less MalwareKey Loggers Ransom Ware Root Kits Trojan HorsesViruses WipersWorms. This can also include social engineering methods, which are often used to get the first foothold in installing some form of malware.... Continue Reading →

Malware as a Service (MaaS)

In the era of cloud computing, where we see all forms of online services provided for a subscription, it is probably not surprising that we see dark net services providing malware as a service. While not necessarily something most of us would want to subscribe to, there are dark web sites that provide forms of... Continue Reading →

Precautions to Take with USB Devices

Today we totally rely on USB based devices to run our lives. Our phones charge using a USB cable, we connect flash drives through a USB connection to our PC's and phones. We even attach WiFi dongles and ethernet adaptors using USB. USB is also evolving into faster data transfer speeds to the point now... Continue Reading →

Link Tracking in Popular Browsers

Updated 20 April 2019 and 22 April 2019. Updates embedded in the original post and some areas reworded/trimmed to aid clarity. Several major web browsers (specifically Chrome, Safari and Edge) are all enabling a tracking feature by default and removing the means to disable it. This is the hyperlink auditing, or ping, feature in HTML5... Continue Reading →

ASUS Updater Issue

It has been broadly reported in the technical press that the ASUS automatic updating software for its PC's has been infiltrated by malware and has been widely distributed to ASUS PC's and Laptops. I personally think this is a storm in a tea cup, as the details of this imply that only 600 PC's would... Continue Reading →

Removing Malicious Apps from Android

Over the past few weeks cyber researchers have discovered a number of apps in the Android Play Store that were infected with a form of Adware that had the nasty capability of hiding itself from the app list. The AdWare, which security firm Check Point calls “SimBad,” creates a backdoor and allows its creator to... Continue Reading →

Coinhive Takedown

Coinhive, the Crypto mining service that offered web developers a JavaScript library to mine the Monero cryptocurrency, has announced that it is to shutter the service on 8 March 2019. The site quotes its reason for the shutdown as: "The drop in hash rate (over 50%) after the last Monero hard fork hit us hard.... Continue Reading →

Create a website or blog at WordPress.com

Up ↑