Research / Infosec Culture (4)

How to Ask for Honest User Feedback on Your IT Security Training Program

How to Ask for Honest User Feedback on Your IT Security Training Program

Both tech and non-tech staff understand how important IT security is, and they will happily tell you what they think of your training initiatives if you ask them. Are you ready to hear it? And even if you are, what are you going to do next?

Read Story

The Changing Image of Cyber Warfare

The evolution of cyber attacks has raised the profile of cyber warfare. For example, one cyber attack against state-owned Saudi Aramco almost destroyed the company’s entire computer system. The attack was rated as being capable of causing $150 billion in damage, which would rank it eq …

Read Story

Pegasus and the Digital Arms Trade

Pegasus and the Digital Arms Trade

A high-profile divorce case has shown that the elite can indeed deploy government-level espionage spyware tools for their own personal use, and it's more common than you think. So, how did we get here?

Read Story

Electoral Interference, Restrictions and Anonymity

Electoral Interference, Restrictions and Anonymity

The lack of international consensus on what exactly the Restrictive Internet Censorship and Freedom of Information laws should not have created a high-stakes game of political 'cat and mouse'. First Published 19th October 2016 Someone might be without their 'How to Frontside Smith Gri …

Read Story

Mobile App Hype and Criminal Activity

Mobile App Hype and Criminal Activity

While Pokemon Go promised to bring in more players, hackers counted on the excitement generated by the launch to spread malware among users until the location services were fully available worldwide. First Published 13th July 2016 | Latest Refresh 13th September 2021 I choose you, vag …

Read Story

A Post-Hack Crisis, Escalation of Rhetoric and Where to Place Blame

A Post-Hack Crisis, The Escalation of Rhetoric and Where to Place Blame

Widespread accusations towards the Russian government services and the apparent lack of a “smoking gun” after the 2016 US election raises the question of whether the United States brought on a second post-hack crisis of their own creation.

Read Story

When Securing Your Company Data, Please Remember the Promiscuous

Please Remember the Horny Men of 2015

Security is never stagnant. At best, it’s a game of cat and mouse where you try to outsmart the other party — with new security threats arising when you least expect them. However, there are some valuable lessons from the past that many have yet to learn.

Read Story

Government Eavesdropping and Onsite Backdoors

Peek-a-boo!

In the name of ‘national security’, there continues to be repeated calls for tech organisations to build backdoors into their systems to enable government access. The overarching concern is that corporations use of backdoors will undermine and weaken encryption methods, and there are …

Read Story

Vault 7 - Why Professional Attackers Are Not Good Defenders

The skillset required to be good at offence is entirely different from the skillset required to be good at defence – in large part because the offence is focused on executing a single attack (i.e., compromising a system), while the defence is focused on preventing all attacks (i.e., d …

Read Story

I'm Afraid You Have 'State Actor'

When it comes to cyberattacks, the threat of a nation-state adversary infiltrating your network is among the most serious threats you can face. But just how frequently does this actually happen? First Published 17th January 2020 Just because you feel it doesn't mean they are there. 4 …

Read Story

Subscribe by email