Government Eavesdropping and Onsite Backdoors
by Reflare Research Team on May 4, 2021 5:27:00 PM
In the name of ‘national security’, there continues to be repeated calls for tech organisations to build backdoors into their systems to enable government access. The overarching concern is that corporations use of backdoors will undermine and weaken encryption methods, and there are …
3rd Party Vendors Add Hard to Calculate Information Security Risks
by Reflare Research Team on Feb 12, 2021 6:44:00 PM
The Solarwinds breach is a classic case that shows how hard it can be to evaluate information security risks. There are many external and internal factors that can come into play. What you don’t see might hurt you the most. First Published 12th February 2021 "And the award for the Mos …
Docomo E-Money: The Risk of Changing Parameters
by Reflare Research Team on Oct 7, 2020 6:42:00 PM
The risk of changing a set of parameters is to assume that the attackers will not try to understand the method behind the change. The Docomo E-Money attack is an excellent example with obvious consequences. First Published 7th October 2020 Connecting the dots… securely. 4 min read | R …
Twitter, 17-year-olds, and the difference between a hack and a cover-up
by Reflare Research Team on Sep 1, 2020 6:40:00 PM
Graham was able to enter a hole in a website that should have been patched. Twitter’s architecture is based on open-source software which makes it easier to find bugs and then exploit them, to which he did exactly that. First Published 1st September 2020 Ask and you shall receive. 4 m …
The Aftermath of the Twitter Hack
by Reflare Research Team on Jul 30, 2020 6:38:00 PM
The hacker's actions are reminiscent of many other incidents involving social media sites and cryptocurrency, but for Twitter users, the reputational risks can be significant. First Published 30th July 2020 Scam at scale. 4 min read | Reflare Research Team As dozens of high-profile Tw …
Vault 7 - Why Professional Attackers Are Not Good Defenders
by Reflare Research Team on Jun 23, 2020 6:36:00 PM
The skillset required to be good at offence is entirely different from the skillset required to be good at defence – in large part because the offence is focused on executing a single attack (i.e., compromising a system), while the defence is focused on preventing all attacks (i.e., d …
How a Multi-Stage Cyber-Attack Works
by Reflare Research Team on May 26, 2020 6:35:00 PM
Multi-stage, or hit-and-run attacks, are a common way that cyber criminals approach their victims. And, increasingly, complex organisations are the targets. First Published 26th May 2020 Well-designed attacks come in waves. 4 min read | Reflare Research Team Many sophisticated cyber-a …
The SBA Breach - Why Breaches Increase During Crisis
by Reflare Research Team on Apr 28, 2020 6:32:00 PM
The EIDL system had been breached for approximately five and a half hours. During this time, hackers gained access to sensitive business-related information. First Published 28th April 2020 Covid is a convenient distraction that attackers are taking advantage of. 4 min read | Reflare …
Hacking Smear Campaigns and their Effects
by Reflare Research Team on Apr 2, 2020 6:30:00 PM
With its user growth down 80% and accelerating and its stock price taking a nosedive, Houseparty issued a statement offering $1m for proof that recent hacking and/or breach allegations against it were part of an organised smear campaign. First Published 2nd April 2020 Fast rise, fast …
Covid-19 and Cyber Attacks
by Reflare Research Team on Mar 23, 2020 6:29:00 PM
To an extent, the Covid-19 virus has already served its purpose – to spread fear and paranoia in people. The attackers are using the opportunity to test out different ways of circumventing cyber security measures. First Published 23rd March 2020 Covid - the beautiful distraction. 4 mi …