Facebook's 'View As' Breach
by Reflare Research Team on Oct 1, 2018 3:26:00 PM
In extreme cases, an attacker could use this access to take over the accounts of the people they are spying on - read their private messages, post things on their behalf, and play havoc with their digital lives. First Published 1st October 2018 Access tokens - kinda important to get r …
Formalised Offensive Cyber Strategies
by Reflare Research Team on Sep 21, 2018 3:24:00 PM
The US Department of Defense Cyber Strategy serves as DoD's next step toward re-engineering cyber operations to protect and defend its networks and systems. This is the first time the DoD has had a clear direction on how it will address its cyber needs. So tell me, where's your plan? …
Old Attackers, New Targets - The British Airways Breach
by Reflare Research Team on Sep 14, 2018 3:22:00 PM
The site was extremely well designed and did not feel at all ‘spammy’ to use – indeed, on the surface it felt reassuringly professional, with a slick revolving banner of destinations. It just clearly wasn't British Airways. First Published 14th September 2018 The world's favourite air …
Attack Realities - Browser Plugins and Risk
by Reflare Research Team on Sep 7, 2018 3:20:00 PM
The MEGA Chrome extension for file hosting included JavaScript code designed to monitor web traffic in order to steal the user’s login credentials from a large selection of sites. First Published 7th September 2018 Guilty by extension. 3 min read | Reflare Research Team On September 4 …
Audits, Attacks and False Positives
by Reflare Research Team on Aug 24, 2018 3:16:00 PM
Recently, several security companies detected phishing pages using the name of a core DNC system. These pages attempted to trick users into providing their login credentials by spoofing the legitimate login page for a Democratic Congressional Campaign Committee (DCCC) application buil …
The Difficulty of Profiling Hackers
by Reflare Research Team on Aug 20, 2018 3:14:00 PM
The public image of any given group of people tends to be created by mass media. Whether it is a tribe of Amazonian warriors or a modern terrorist leader, mass culture will project its own image on them. Hackers are no different. First Published 20th August 2018 When kids get up to no …
Reddit's Hack & The Risks of Phone-Based 2-Factor Authentication
by Reflare Research Team on Aug 6, 2018 3:11:00 PM
While it is clear that the 2FA implementation was not at fault here, there are significant risks associated with phone based 2FA that warrant serious consideration before you make this type of authentication method available to users. First Published 6th August 2018 r/LetsHackReddit 4 …
Dealing with the Increasingly Severe Cyber-Threat Landscape
by Reflare Research Team on Jul 27, 2018 3:08:00 PM
The severity of cyber attacks has increased at a rapid pace over the past several years. No longer is it just large companies that need to secure themselves from malicious actors; individual users now must consider how they can protect themselves too. First Published 27th July 2018 Th …
How Attacks are Escalated
by Reflare Research Team on Jul 20, 2018 3:06:00 PM
An attack takes place and either succeeds or fails. The reality however is more complicated. Attackers are often able to initially gain a minor foothold in the target and then over time leverage it into a more devastating attack. First Published 20th July 2018 Вверх, вверх, вверх! 3 m …
An Update to the Ticketmaster Breach
by Reflare Research Team on Jul 13, 2018 3:04:00 PM
The malicious script was inserted into the Ticketmaster website via a third-party chat widget called Chatters City created by software developer Inbenta Technologies. First Published 13th July 2018 "Buy the ticket. Take the ride." - Hunter S. Thompson. 4 min read | Reflare Research Te …