Research

The Fifth Third Bank Breach - Banks and Insider Threats

We’re starting to see a pattern emerge in the reporting that financial institutions use when they’re breached. Fifth Third Bank, one of the top 20 banks in the US, is yet another high-profile organisation to have suffered a major security incident. First Published 25th February 2020 | …

Read Story

Stop 3rd Party Security Vendor Backdoor Leaks Before They Bite

Several major networking equipment providers were found to have backdoors in their firmware that exposed private keys and even allowed remote code execution. If you’re not yet worried, then you’re not paying attention.

Read Story

The Black Market for Accounts

While black markets have existed since the early days of the internet, recent technological changes have made them a much more lucrative and popular option than before. The value of credentials for services like Disney+, Netflix and AWS will continue trending upward as long as there’s …

Read Story

InterContinental Hotels Group Card Data Hack

InterContinental Hotels Group Card Data Hack

If reports were correct, this was one of the hospitality industry's largest data breaches to date. With nearly 1,200 hotels affected, the breach was large enough to reach out and touch a significant portion of the 61 million IHG stays per year. First Published 20th April 2017 | Latest …

Read Story

Cybercrime in an Interconnected World

Cybercrime in an Interconnected World

Cybercriminals are not confined to one region or culture, but operate throughout the interconnected world to capitalise on evolving opportunities to steal customer data and transfer funds. Published 25th May 2016 | Latest Refresh 13th September 2022 A web that reaches from a pocket in …

Read Story

Proof of Attack vs Proof of Attacker

Proof of Attack vs Proof of Attacker

When a system is said to be under attack, compromised or a breach is suspected and/or detected, given the physical and technical challenges, is it even possible to prove who did it? First Published 15th December 2016 | Latest Refresh 13th September 2022 Sufficient due process to separ …

Read Story

The FriendFinder Hack and the Value of Customer Data

The FriendFinder Hack and the Value of Customer Data

FriendFinder was the victim of a cyber attack leading to a data leak, including usernames and passwords for 412 million accounts. The hack is one thing, but the blackmail! Oh, the blackmail. First Published 16th November 2016 | Latest Refresh 13th September 2022 Stephen, 31, persists …

Read Story

The Accessible Guide to Penetration Testing

The Accessible Guide to Penetration Testing

For years, penetration testing was viewed primarily as an activity for large and complex companies. Now that it is significantly more accessible, smart (and less sophisticated) businesses are baking it into their business-as-usual activities even as early as the point of their creatio …

Read Story

Cybersecurity Recruitment, Education, and Neurodiversity

Cybersecurity Recruitment, Education, and Neurodiversity

Companies are screaming for new cybersecurity professionals to join their teams. However, they are going out of the way to make their recruitment as difficult as possible.

Read Story

The Blind(ish) Eye of Local Government Cybersecurity

The level of understanding many state and local agencies possess about their cybersecurity capabilities is disturbing. We asked why they knew so little, and the answers we received made us cringe with despair. First Published 31st January 2022 | Latest Refresh 1st September 2022 "Ever …

Read Story

Hackable Medical Implants and Somebody Else's Fault

Hackable Medical Implants and Somebody Else's Fault

Those of you into (anti)lifehacking might have already heard about the exploitable risks with implantable cardiac devices. This is no longer a "once in a blue moon" kind of attack, but something that the medical implant industry really needs to get on top of. First Published 10th Augu …

Read Story

Subscribe by email