Research

Securus, Tracking and Why Information Companies Don't Necessarily Understand Information Security

Securus, Tracking and Why Information Companies Don't Necessarily Understand Information Security

Suppose a company hired to focus on monitoring calls from inmates (and only inmates) is selling the location data of regular citizens to law enforcement as well. Doesn't this company seem like the last place you'd trust your personal or business security? First Published 18th May 2018 …

Read Story

Voice Assistants Re-Heating Old Security Issues

Security concerns for voice assistants have long existed (when was the last time you watched an AI movie and thought “oh, I’ve got nothing to worry about here”). However, as voice assistants become more prevalent in our world, we should be ready for the scale of security challenges th …

Read Story

Hacked Hotel Keys - Current and Historical

In a hotel room, the door lock forms the last line of defence against unauthorised access to a guest’s belongings. However, the F-Secure story of the “Hacked Hotel Keys” is way more complex and interesting. First Published 27th April 2018 I've got the key. I've got the secret. 4 min r …

Read Story

Russia, Telegram and the Trouble with Censoring the Internet

Russia, Telegram and the Trouble with Censoring the Internet

If you ask two web security experts how to block content on the Internet, you will get three opinions: One of them will recommend Whitelisting, another Blacklisting. The best practice is generally a combination of both, but does it actually work? First Published 20th April 2018 Knowle …

Read Story

A Look at the Vevo Hack

A Look at the Vevo Hack

Unidentified attackers appear to have gained access to an account used to manage Vevo YouTube channels. However, it is reasonable to assert that the attackers weren't prepared for their attack to succeed in the first place. First Published 13th April 2018 Sympathy for the record indus …

Read Story

Delta, Sears and 3rd Party Risks

Delta, Sears and 3rd Party Risks

The attack allowed hackers to access thousands of customer support chat transcripts, internal documents and support system configuration files, as well as logs of their external communications. First Published 6th April 2018 "All your data are belong to us." 4 min read | Reflare Resea …

Read Story

MyFitnessPal & The Value of Health Data

MyFitnessPal & The Value of Health Data

MyFitnessPal experienced a significant data breach putting the account information of 150 million users at risk. Although not as sexy as some targets, MyFitnessPal is one of the world's largest health databases, which raises questions about the value of our biodata. First Published 30 …

Read Story

On the Grey Zones of Privacy

On the Grey Zones of Privacy

Facebook apps operate on the principle that you explicitly agree to each access requested. The app requests certain permissions, and you then consent to the information exchange. But what happens when consent reaches into the details of your contacts? First Published 23rd March 2018 E …

Read Story

US-CERT Releases Alert on Russian Activity

US-CERT Releases Alert on Russian Activity

A DHS and FBI joint technical alert describes cyber-enabled capabilities and actions related to the Russian Government compromising US-based networks and endpoints, as well as distributing malware, conducting spear phishing operations, and deploying network reconnaissance tools. First …

Read Story

How Small Issues Escalate - An Update on the German Governmental Hack

How Small Issues Escalate - An Update on the German Governmental Hack

A cached version of the installation of the ILIAS e-learning system might have allowed hackers access to sensitive information and allowed them to impersonate staff members and perform actions on their behalf. First Published 9th March 2018 From little things, big things wachsen. 4 mi …

Read Story

Subscribe by email