Reflare Newsroom and Analysis Archive

Get IT security news to your inbox

Reflare writes to their friends each week with the latest infosec and security breach analysis

2021-03-01 - Attacks Against Infrastructure & Mortal Consequences

2021-02-12 - 3rd Party Vendors Add Hard to Calculate Information Security Risks

2020-10-07 - Docomo E-Money: The Risk of Changing Parameters

2020-09-01 - Twitter, 17-year-olds, and the difference between a hack and a cover-up

2020-07-30 - The Aftermath of the Twitter Hack

2020-06-23 - Vault 7 - Why Professional Attackers Are Not Good Defenders

2020-05-26 - How a Multi-Stage Cyber-Attack Works

2020-05-12 - COVID-19 Tracking Apps

2020-04-28 - The SBA Breach - Why Breaches Increase During Crisis

2020-04-02 - Hacking Smear Campaigns and their Effects

2020-03-23 - Covid-19 and Cyber Attacks

2020-03-10 - Hard to Verify Claims of Hacking Go Both Ways

2020-02-25 - The Fifth Third Bank Breach - Banks and Insider Threats

2020-02-10 - The Iowa Primary from an Information Security Perspective

2020-01-31 - The Inevitability of 'Shlayer'

2020-01-17 - I'm Afraid You Have 'State Actor'

2020-01-08 - The Changing Meaning of 'A Hack'

2019-12-12 - The Worst S3 Bucket Breach - So Far

2019-12-03 - The Black Market for Accounts

2019-11-21 - The Commoditization of Hacking

2019-11-08 - Voting Machines - Absolutely everything is a tradeoff decision

2019-10-30 - Putting Breach Awareness into a Historical Context

2019-10-23 - Strong Adversary Fiction

2019-10-16 - On Bad Solutions and Negative Returns

2019-10-09 - Thinking of Cyber Security in Relative Terms

2019-10-02 - The Dual Nature of Jailbreaks

2019-09-25 - The Unsolvable Problem of Insider Threats

2019-09-18 - What the Ecuadorian Data Breach Can Teach Us

2019-09-10 - China, Uyghur Smartphones and the Power of State Actors

2019-09-04 - What Twitter's CEO's Own Account Getting Hacked Tells Us About Phone Security

2019-08-28 - Cybercrime in Space - Let's focus on what matters

2019-08-13 - GDPR - How Good Intentions Can (Partially) Backfire

2019-07-30 - A Warning Tale on IT Security Reporting

2019-07-23 - What is Privacy, Really?

2019-07-16 - Talent Can't Keep Up with Security Demands

2019-07-09 - YouTube Moves to Prohibit Hacking Videos

2019-07-01 - Ransomware is Still on the Rise

2019-06-24 - NASA Breach Follow Up

2019-06-17 - Telegram Messenger Hit by DDoS Attack Originating from China

2019-06-10 - On the Australian National University Breach

2019-06-03 - A Look at the Most Attacked Ports

2019-05-27 - Why Internet Voting is Still Rare

2019-05-21 - The Cost Implications of the WhatsApp Hack

2019-05-10 - When Utilities Become Cyber Attack Casualties

2019-04-30 - Washington State Passes New Data Breach Legislation

2019-04-15 - Yahoo & The Price of Breaches

2019-04-08 - The Weakness of Academic Cyber Security

2019-04-01 - Political Parties, Risk and Degrees of Attacks

2019-03-18 - Political Parties, Risk and Degrees of Attacks

2019-03-12 - Can Security Be Forced Upon Companies

2019-03-04 - Inside a Common Data Breach

2019-02-25 - Australian Parties Hacked - Pass the Blame

2019-02-18 - Russia Envisions a More Closed Internet

2019-02-11 - UK Authorities Raid DDoS Providers and Customers

2019-02-01 - Japan Intends to Preventively Hack Citizens' IoT Devices

2019-01-25 - The Risks Application Face From Central Package Repositories

2019-01-18 - A case-study on the quality of infosec reporting

2019-01-11 - The Median Cyber-Attacker isn't Even Remotely as Skilled as the Public Thinks

2018-12-21 - The NASA Hack and Areas of Expertise

2018-12-14 - Australia, Cryptography and the Dangers of Analogies

2018-12-07 - Global 4G Outages Caused by Ericsson Backend

2018-11-30 - Uber Fined for 2016 Data-Breach

2018-11-23 - The Daniel's Hosting Hack and Darkweb Security

2018-11-16 - MiSafe Child Tracking Watches and the Paradox of Buying Security

2018-11-09 - The HSBC Breach and Data Classes

2018-11-02 - An Update on the British Airways Breach and the Difficulty of Estimating Breach Numbers

2018-10-26 - Cathay Pacific and Reading Between the Lines of Breach Reports

2018-10-19 - A Look at Politically Motivated Hacks Through the Lens of the Donald Daters App

2018-10-12 - Updates on Supply Chain Level Backdoors and Magecart

2018-10-08 - The Risk of Hardware Backdoors

2018-10-01 - Facebook's 'View As' Breach

2018-09-21 - Formalized Offensive Cyber Strategies

2018-09-14 - Old Attackers, New Targets - The British Airways Breach

2018-09-07 - Attack Realities - Browser Plugins and Risk

2018-08-31 - The Trouble with Crowd Sourced Data

2018-08-24 - Audits, Attacks and False Positives

2018-08-20 - The Difficulty of Profiling Hackers

2018-08-10 - Hackable Medical Implants and Somebody Else's Fault

2018-08-06 - Reddit's Hack & The Risks of Phone-Based 2-Factor Authentication

2018-07-27 - Dealing with the Increasingly Severe Cyber-Threat Landscape

2018-07-20 - How Attacks are Escalated

2018-07-13 - An Update to the Ticketmaster Breach

2018-07-06 - How Malware Infections Happen

2018-06-29 - Ticketmaster Hack and Shifting the Blame

2018-06-22 - Smartlocks and the Challenges of Specialization

2018-06-15 - The European Commission's Exemption from GDPR

2018-06-08 - Ships, Update Cycles and the Reliance on Guidance Systems

2018-06-01 - The Challenges of Acquiring and Retaining Information Security Staff

2018-05-25 - Cryptocurrencies, 51% and a Look at the Future of Botnets

2018-05-18 - Securus, tracking and why information companies don't necessarily understand information security

2018-05-11 - Voice Assistants Re-Heating Old Security Issues

2018-04-27 - Hacked Hotel Keys - Current and Historical

2018-04-20 - Russia, Telegram and the Trouble with Censoring the Internet

2018-04-13 - A Look at the Vevo Hack

2018-04-06 - Delta, Sears and 3rd Party Risks

2018-03-30 - MyFitnessPal & The Value of Health Data

2018-03-23 - On the Grey Zones of Privacy

2018-03-16 - US-CERT Releases Alert on Russian Activity

2018-03-09 - How Small Issues Escalate - An Update on the German Governmental Hack

2018-03-02 - Cyber-Attacks hit German Governmental Network

2018-02-16 - Attackers are Humans Too - On Stealing $24

2018-02-10 - Cryptocurrency Giveaway Scams

2018-02-02 - Coincheck and Half a Billion Dollars

2018-01-26 - 10% of ICO Funding Stolen by Hackers

2018-01-19 - Heavy Industry and Information Security

2018-01-12 - Meltdown & Spectre

2017-12-15 - ROBOT Attack - Specification vs Implementation

2017-12-08 - NiceHash Hack

2017-12-01 - The u00e2u20acu0153rootu00e2u20acu009d of Security Bugs

2017-11-24 - Uber - On Paying Ransoms

2017-11-17 - DHS Hacks one of its Airplanes

2017-11-10 - Replacing Social Security Numbers

2017-11-02 - Malaysian Data Breach

2017-10-27 - Checking Boxes vs. Proactive Security

2017-10-20 - KRACK, WPA2 & Unforeseen Behavior

2017-10-13 - North Korea and the Asymmetric Power of Hacking

2017-09-29 - Deloitte Breach

2017-09-22 - SEC Breach

2017-09-15 - Equifax and Apache Struts

2017-09-08 - Critical Vulnerability in Apache Struts Affects thousands of Enterprise Applications

2017-09-01 - Pacemakers Recalled Over Hacking Concerns

2017-08-25 - The Logic Behind Suing Hackers

2017-08-18 - More HBO Hacks

2017-08-15 - The Myth of Absolute Safety

2017-08-04 - HBO Hack and Leaks

2017-07-28 - Third Party Breach Leaks Records from Italyu00e2u20acu2122s Largest Bank

2017-07-21 - Crypto currency breaches, continued

2017-07-14 - Verizon Breach and the Importance of Security Coverage

2017-07-07 - Cyber Security Challenges Faced by the Education Industry

2017-06-30 - Petya Ransomware Outbreak

2017-06-23 - More Testimony and still no Details in Russian US Election Hacking Allegations

2017-06-16 - North Korea & Why Small States Have Big Cyber Capabilities

2017-06-09 - Qatar Hack Followup

2017-06-02 - The Safety of Nuclear Submarines

2017-05-26 - Qatar, Hacking and the Never Ending Trouble with Proof

2017-05-18 - WannaCry and the Dangers of Magical Thinking

2017-05-12 - French Election Cyber Attacks and Countermeasures

2017-05-04 - Google Docs Phishing Attacks

2017-04-27 - New Hack Targeting Car Keys

2017-04-20 - InterContinental Hotels Group Card Data Hack

2017-04-13 - Hijacking of Dallas Outdoor Warning Siren System

2017-04-06 - Bail Hearing in Yahoo Hacking Case

2017-03-30 - A New Approach to Cyber Ransoms

2017-03-23 - The Changing Image of Cyber Warfare

2017-03-16 - US Indictment of 4 Alleged Russian Cyber Attackers

2017-03-09 - A Look at the Vault 7 Leaks

2017-03-02 - A Rare Glimpse Into the Mechanics of a Major Breach

2017-02-23 - Banning a Smart Doll

2017-02-16 - The Evolving Arms Race of IT Security Countermeasures

2017-02-09 - What is u00e2u20acu0153randomu00e2u20acu009d?

2017-02-02 - Further Anomalies in Russian Cybersecurity

2017-01-26 - Hacking the Radio (and other Analog Technology)

2017-01-19 - Hacking, Rationality, and the Fear of the Unknown

2017-01-12 - Escalation of Rhetoric

2016-12-15 - Proof of Attack vs Proof of Attacker

2016-12-07 - Suspected North Korean Involvement in South Korea Hacks

2016-11-30 - Attacks on San Francisco Muni and Deutsche Telekom

2016-11-24 - US Election Hacking Allegations

2016-11-16 - FriendFinder Hack

2016-11-09 - Tesco Bank Attack

2016-11-02 - Perceptions of Security

2016-10-26 - IoT Security Threats

2016-10-19 - Electoral Interference, Restrictions and Anonymity

2016-10-12 - Three Kinds of Governmental Hacking

2016-10-05 - Medical Devices and Security Issues

2016-09-28 - Cyber Security in the Mainstream

2016-09-21 - Probing the Internet's Backbone

2016-09-14 - Olympic Hacking

2016-09-07 - US Hacking Investigations and UK Password Leaks

2016-08-31 - The US Response to Cyber Attacks

2016-08-24 - NSA Hack Update & Attacks on New York Times

2016-08-17 - NSA Toolkit Leak

2016-08-10 - Oracle u00e2u20acu0153MICROSu00e2u20acu009d PoS System Hacked

2016-08-03 - Governments, Politics & Cyber Warfare Part 2

2016-07-27 - Governments, Politics & Cyber Warfare

2016-07-20 - The Security of ATMs

2016-07-13 - Mobile Games and Criminal Activity

2016-07-07 - Criminal Overlap: The Hacking Theft of Cars

2016-06-29 - Digital Polling and Public Opinion

2016-06-22 - The DAO

2016-06-15 - Government Sponsored Cyber Attacks

2016-06-08 - Zuckerberg & Password Strength

2016-06-01 - Social Media Attacks

2016-05-25 - Cybercrime in an Interconnected World

2016-05-18 - Risks of Bitcoin

2016-05-11 - Understanding the Password Black Market

2016-05-04 - Car Hacking, Foreign Hacking & Bitcoin

2016-04-27 - Cyberattacks on the Developing World

2016-04-20 - Phone Hacking

2016-04-13 - Pirates & Hackers

2016-04-06 - [RWSB] - 2016-11 Hack the Pentagon

2016-03-30 - [RWSB] - 2016-10 Brussels, Privacy & Security

2016-03-23 - [RWSB] - 2016-10 Encryption Policy & Celebrity Hacks

2016-03-16 - [RWSB] - 2016-09 - Ransomware & Soft Targets

2016-03-09 - [RWSB] - 2016-08 - Mac Ransomware

2016-03-02 - [RWSB] - 2016-08 - Ukraine Hack and Privacy

2016-02-24 - Reflare Weekly Security Briefing 2016-07 - Vulnerability in Linux & Apple vs. FBI

2016-02-17 - Reflare Weekly Security Briefing 2016-06- Activism and IoT

2016-02-10 - Reflare Weekly Security Briefing 2016-05 - Security in Politics #3

2016-02-03 - Reflare Weekly Security Briefing 2016-05 - Security in Politics #2

2016-01-27 - Reflare Weekly Security Briefing 2016-04 - Security in Politics

2016-01-20 - Reflare Weekly Security Briefing 2016-03 - Vendor Security Breaches

2016-01-15 - Reflare - Weekly Security Briefing 2016-02

2016-01-06 - Reflare - Weekly Security Briefing 2016-01

2015-12-16 - Reflare - Weekly Security Briefing 2015-51

2015-12-09 - Reflare - Weekly Security Briefing 2015-50