The HSBC Breach and Data Classes
by Reflare Research Team on Nov 9, 2018 3:37:00 PM
Personal data such as customers' names, addresses, social security numbers, date of birth, and account numbers along with other non-financial information is believed to have been accessed during the breach period. First Published 9th November 2018 The world's local bank make news head …
An Update on the British Airways Breach and the Difficulty of Estimating Breach Numbers
by Reflare Research Team on Nov 2, 2018 3:35:00 PM
“How many people were affected by the British Airways data breach?” That has been the million-dollar question for some time, but providing decent estimates in moments of crisis is hard. First Published 2nd November 2018 BA addresses the fallout. 4 min read | Reflare Research Team A st …
Cathay Pacific and Reading Between the Lines of Breach Reports
by Reflare Research Team on Oct 26, 2018 3:33:00 PM
Cathay Pacific Airways, a Hong Kong-based airline revealed that it was recently the victim of a cyber-attack that exposed the personal data of its users. "What are the details" you ask? Well, that's an interesting question. First Published 26th October 2018 Airlines are clearly a popu …
Updates on Supply Chain Level Backdoors and Magecart
by Reflare Research Team on Oct 12, 2018 3:29:00 PM
It appears that the supply chain level backdoor has been thought of as a viable business model for quite some time. And now people (and governments) are asking the pointy questions. First Published 12th October 2018 For a nostalgic feel, Supermicro's latest quantum prototype comes in …
The Risk of Hardware Backdoors
by Reflare Research Team on Oct 8, 2018 3:28:00 PM
If the Bloomberg report is true, this means that American companies aren’t the only victims of hardware tampering. This is a real threat that’s been growing for years, and multinational companies are at risk. First Published 8th October 2018 These aren't the droids you're looking for. …
Facebook's 'View As' Breach
by Reflare Research Team on Oct 1, 2018 3:26:00 PM
In extreme cases, an attacker could use this access to take over the accounts of the people they are spying on - read their private messages, post things on their behalf, and play havoc with their digital lives. First Published 1st October 2018 Access tokens - kinda important to get r …
Formalised Offensive Cyber Strategies
by Reflare Research Team on Sep 21, 2018 3:24:00 PM
The US Department of Defense Cyber Strategy serves as DoD's next step toward re-engineering cyber operations to protect and defend its networks and systems. This is the first time the DoD has had a clear direction on how it will address its cyber needs. So tell me, where's your plan? …
Old Attackers, New Targets - The British Airways Breach
by Reflare Research Team on Sep 14, 2018 3:22:00 PM
The site was extremely well designed and did not feel at all ‘spammy’ to use – indeed, on the surface it felt reassuringly professional, with a slick revolving banner of destinations. It just clearly wasn't British Airways. First Published 14th September 2018 The world's favourite air …
Attack Realities - Browser Plugins and Risk
by Reflare Research Team on Sep 7, 2018 3:20:00 PM
The MEGA Chrome extension for file hosting included JavaScript code designed to monitor web traffic in order to steal the user’s login credentials from a large selection of sites. First Published 7th September 2018 Guilty by extension. 3 min read | Reflare Research Team On September 4 …
Audits, Attacks and False Positives
by Reflare Research Team on Aug 24, 2018 3:16:00 PM
Recently, several security companies detected phishing pages using the name of a core DNC system. These pages attempted to trick users into providing their login credentials by spoofing the legitimate login page for a Democratic Congressional Campaign Committee (DCCC) application buil …