Reflare Research Team

Posts by Reflare Research Team

Government Eavesdropping and Onsite Backdoors

Peek-a-boo!

In the name of ‘national security’, there continues to be repeated calls for tech organisations to build backdoors into their systems to enable government access. The overarching concern is that corporations use of backdoors will undermine and weaken encryption methods, and there are …

Read Story

3rd Party Vendors Add Hard to Calculate Information Security Risks

The Solarwinds breach is a classic case that shows how hard it can be to evaluate information security risks. There are many external and internal factors that can come into play. What you don’t see might hurt you the most. First Published 12th February 2021 "And the award for the Mos …

Read Story

Docomo E-Money: The Risk of Changing Parameters

The risk of changing a set of parameters is to assume that the attackers will not try to understand the method behind the change. The Docomo E-Money attack is an excellent example with obvious consequences. First Published 7th October 2020 Connecting the dots… securely. 4 min read | R …

Read Story

Twitter, 17-year-olds, and the difference between a hack and a cover-up

Graham was able to enter a hole in a website that should have been patched. Twitter’s architecture is based on open-source software which makes it easier to find bugs and then exploit them, to which he did exactly that. First Published 1st September 2020 Ask and you shall receive. 4 m …

Read Story

The Aftermath of the Twitter Hack

The hacker's actions are reminiscent of many other incidents involving social media sites and cryptocurrency, but for Twitter users, the reputational risks can be significant. First Published 30th July 2020 Scam at scale. 4 min read | Reflare Research Team As dozens of high-profile Tw …

Read Story

Vault 7 - Why Professional Attackers Are Not Good Defenders

The skillset required to be good at offence is entirely different from the skillset required to be good at defence – in large part because the offence is focused on executing a single attack (i.e., compromising a system), while the defence is focused on preventing all attacks (i.e., d …

Read Story

How a Multi-Stage Cyber-Attack Works

Multi-stage, or hit-and-run attacks, are a common way that cyber criminals approach their victims. And, increasingly, complex organisations are the targets. First Published 26th May 2020 Well-designed attacks come in waves. 4 min read | Reflare Research Team Many sophisticated cyber-a …

Read Story

The SBA Breach - Why Breaches Increase During Crisis

The EIDL system had been breached for approximately five and a half hours. During this time, hackers gained access to sensitive business-related information. First Published 28th April 2020 Covid is a convenient distraction that attackers are taking advantage of. 4 min read | Reflare …

Read Story

Hacking Smear Campaigns and their Effects

With its user growth down 80% and accelerating and its stock price taking a nosedive, Houseparty issued a statement offering $1m for proof that recent hacking and/or breach allegations against it were part of an organised smear campaign. First Published 2nd April 2020 Fast rise, fast …

Read Story

Covid-19 and Cyber Attacks

To an extent, the Covid-19 virus has already served its purpose – to spread fear and paranoia in people. The attackers are using the opportunity to test out different ways of circumventing cyber security measures. First Published 23rd March 2020 Covid - the beautiful distraction. 4 mi …

Read Story

Subscribe by email