The Evolving Arms Race of IT Security Countermeasures
by Reflare Research Team on Mar 3, 2023 5:25:00 PM
The attack technique appears to circumvent so-called ASLR protection mechanisms by triaging the exact memory location of a running process from differences in function response times.
How to Define the Right Cyber Security Training Objectives and Outcomes
by Reflare Research Team on Feb 19, 2023 6:51:00 PM
Identifying the right talent development areas for your organisation's infosec needs is all about asking the right questions... and listening carefully to the answers.
Do Not Fear The AI - Embrace It
by Reflare Research Team on Feb 3, 2023 7:52:00 PM
As it stands, AI cannot completely replace a competent cybersecurity professional. However, AI can play a positive (yet limited) role in improving our effectiveness, regardless of how society is starting to believe the ultimate disruptor has arrived.
Hard to Verify Claims of Hacking Go Both Ways
by Reflare Research Team on Feb 1, 2023 6:26:00 PM
Cyber espionage tends to morph into an issue of national pride. Anyone in the cyber security sector will tell you that there are a lot of attacks out there which go unreported for fear of receiving reputational retaliation by issuing unprovable blame. First Published 10th March 2020 | …
Ships, Update Cycles, and the Reliance on Guidance Systems
by Reflare Research Team on Jan 29, 2023 2:54:00 PM
Multiple parties are looking into ways of disrupting GPS, and especially GPS-related systems. However, this attack is notable because it demonstrates how cyber attacks can leverage wireless communication systems that were not designed with security in mind. First Published 8th June 20 …
How to Review and Improve Your Cybersecurity Training Processes
by Reflare Research Team on Jan 17, 2023 7:11:00 PM
Continuously improving your IT security training program is a very noble cause. However, most training leaders do not have sufficient processes in place (beyond what's in their own heads) to drive meaningful and coherent change.
Attacks Against Infrastructure & Mortal Consequences
by Reflare Research Team on Jan 15, 2023 6:45:00 PM
The world is heading towards a dangerous crossroads in cyber security. A future in which, more and more, critical physical systems - whether machinery or utilities - have a direct impact on human life. First Published 1st March 2021 | Latest Refresh 15th January 2023 It seems hackers …
Why TPPs Matter and Attributions Do Not
by Reflare Research Team on Jan 12, 2023 7:13:00 PM
Attribution is hard, and even when done successfully, it's often wrong. Instead, understanding the tactics, techniques, and procedures (TTPs) of threat actors can help you look for indicators of compromise, and help you prepare for future attacks.
The Pros and Cons of Password Managers
by Reflare Research Team on Jan 10, 2023 7:50:00 PM
Some people feel uncomfortable with the idea of entrusting all their passwords to a third-party software program. Simultaneously, others feel the convenience of generating, storing, and encrypting strong passwords, reduces the risk of their credentials being stolen. But regardless of …
The Leyman's Guide to Fuzzing
by Reflare Research Team on Dec 1, 2022 7:48:00 PM
Fuzzing can (among other things) be used to expose software bugs, test browser security, and perform static program analysis. However, as the types of fuzzers continue to expand, so do their use cases.