Reflare Research Team

Posts by Reflare Research Team

Ships, Update Cycles, and the Reliance on Guidance Systems

Multiple parties are looking into ways of disrupting GPS, and especially GPS-related systems. However, this attack is notable because it demonstrates how cyber attacks can leverage wireless communication systems that were not designed with security in mind. First Published 8th June 20 …

Read Story

How to Review and Improve Your Cybersecurity Training Processes

How to Review and Improve Your Cybersecurity Training Processes

Continuously improving your IT security training program is a very noble cause. However, most training leaders do not have sufficient processes in place (beyond what's in their own heads) to drive meaningful and coherent change.

Read Story

Attacks Against Infrastructure & Mortal Consequences

The world is heading towards a dangerous crossroads in cyber security. A future in which, more and more, critical physical systems - whether machinery or utilities - have a direct impact on human life. First Published 1st March 2021 | Latest Refresh 15th January 2023 It seems hackers …

Read Story

Why TPPs Matter and Attributions Do Not

Attribution is hard, and even when done successfully, it's often wrong. Instead, understanding the tactics, techniques, and procedures (TTPs) of threat actors can help you look for indicators of compromise, and help you prepare for future attacks.

Read Story

The Pros and Cons of Password Managers

The Pros and Cons of Password Managers

Some people feel uncomfortable with the idea of entrusting all their passwords to a third-party software program. Simultaneously, others feel the convenience of generating, storing, and encrypting strong passwords, reduces the risk of their credentials being stolen. But regardless of …

Read Story

The Leyman's Guide to Fuzzing

Fuzzing can (among other things) be used to expose software bugs, test browser security, and perform static program analysis. However, as the types of fuzzers continue to expand, so do their use cases.

Read Story

How to Condense Your Cyber Security Training Scope

The range of IT securities capabilities you can train for is limitless, and some domain areas are more valuable than others. Therefore, the right question is not "What training do you want", but "What training is good for you".

Read Story

On Drones and Physical Security

On Drones and Physical Security

As commercial and non-commercial drones become more commonplace, so do their dubious applications. We profile several crimes enabled by drones, and how security professionals must now consider the physical implications of defending against such an attack.

Read Story

A Warning Tale on IT Security Reporting

Well-intentioned media organisations push hard to break stories in real-time, but at what cost? Inaccurate reporting, insufficient context, and no quality control often lead to misinformation and outright confusion.

Read Story

The Fifth Third Bank Breach - Banks and Insider Threats

We’re starting to see a pattern emerge in the reporting that financial institutions use when they’re breached. Fifth Third Bank, one of the top 20 banks in the US, is yet another high-profile organisation to have suffered a major security incident. First Published 25th February 2020 | …

Read Story

Subscribe by email