Research / Infosec Culture (6)

Formalised Offensive Cyber Strategies

The US Department of Defense Cyber Strategy serves as DoD's next step toward re-engineering cyber operations to protect and defend its networks and systems. This is the first time the DoD has had a clear direction on how it will address its cyber needs. So tell me, where's your plan? …

Read Story

Audits, Attacks and False Positives

Audits, Attacks and False Positives

Recently, several security companies detected phishing pages using the name of a core DNC system. These pages attempted to trick users into providing their login credentials by spoofing the legitimate login page for a Democratic Congressional Campaign Committee (DCCC) application buil …

Read Story

The Difficulty of Profiling Hackers

The Difficulty of Profiling Hackers

The public image of any given group of people tends to be created by mass media. Whether it is a tribe of Amazonian warriors or a modern terrorist leader, mass culture will project its own image on them. Hackers are no different. First Published 20th August 2018 When kids get up to no …

Read Story

Ticketmaster Hack and Shifting the Blame

Ticketmaster UK has fallen victim to a security breach. The TLDR is pretty straightforward - but the detail is where things get interesting. Mainly because of how Ticketmaster is handling it, and how the banks and payment processors are reacting. First Published 29th June 2018 When yo …

Read Story

Smartlocks and the Challenges of Specialisation

Smartlocks and the Challenges of Specialisation

These smartlocks have stirred up much conversation in the security community. While some people are pretty happy with the implementation, others feel that they shouldn’t be depended on. First Published 22nd June 2018 The key to happiness is not in the lock. 4 min read | Reflare Resear …

Read Story

The European Commission's Exemption from GDPR

The European Commission's Exemption from GDPR

A week after the EU’s new General Data Protection Regulation (GDPR) went into force, the European Commission seems to have dumped over a million visitors’ personal data on Google – without being compliant with GDPR. First Published 15th June 2018 General Data Protection Regulations fo …

Read Story

The Challenges of Acquiring and Retaining Information Security Staff

Employers need to recognise that hiring people with a single skill set into an infosec role will only work for a short time frame before there is either burnout, or the person you hired realises that this job doesn’t match their interests and aspirations. First Published 1st June 2018 …

Read Story

US-CERT Releases Alert on Russian Activity

US-CERT Releases Alert on Russian Activity

A DHS and FBI joint technical alert describes cyber-enabled capabilities and actions related to the Russian Government compromising US-based networks and endpoints, as well as distributing malware, conducting spear phishing operations, and deploying network reconnaissance tools. First …

Read Story

10% of ICO Funding Stolen by Hackers

10% of ICO Funding Stolen by Hackers

The question of investor protection and the lack of a safety net for contributors was recently brought to light when hackers managed to steal more than 10% of the Ether created in a crowd sale. First Published 26th January 2018 Investment Banker? Hacker? When it comes to going public, …

Read Story

Uber - On Paying Ransoms

Third-party cloud-based services are like a box of chocolates - you often don't know what you’re going to get. They could work perfectly, but they could also put you in a very uncomfortable position. First Published 24th November 2017 Uber, showing its hand. 4 min read | Reflare Resea …

Read Story

Subscribe by email