Category: hacks

Living off the land – EFS Ransomware

Attackers have responded to improved security against malware in Windows environments by “living off the land” (LOTL) – using the tools already present in the…

Continue Reading

Aging reports – new ammo for attackers

Another reminder that attackers are getting more sophisticated and taking the time to learn about their victims and their business processes before launching their phishing…

Continue Reading

Juice Jacking – meh!

Lately, I have been seeing a number of posts and articles warning us all not to use publicly available USB charging points due to the…

Continue Reading

Snail mail hacking

Some of the most effective hacks don’t require the attacker to touch your computer. This article from Flashpoint provides some insight into how criminals are…

Continue Reading

The NYPD (and the rest of us) need some new barricades

Not all security barricades are made of wood. Some are made of bits. According to the New York Post, the New York Police Department ran…

Continue Reading

Deepfakes – Welcome to the post truth society

I recently watched the New York Times’ Weekly episode “Deepfakes – Believe at Your Own Risk” and while I have been concerned about the implications…

Continue Reading

Orvis data leak and the need to monitor ‘paste’ sites

Fishing retailer Orvis had a serious (and embarrassing) data breach recently. Independent security researchers found a posting on text snippet site Pastebin with what appeared…

Continue Reading

Something about (Japanese) foxes and hen houses

Not strictly a security story, but interesting and alarming… Japanese authorities have decided that: It is permissible to make contributions to politicians using cryptocurrencies like…

Continue Reading

Attack on encrypted PDFs exfiltrates clear text data

Here’s a quite clever hack… German security researchers have found a way to exfiltrate the contents of encrypted PDF files without breaking their encryption. Because…

Continue Reading

An example of a clear and concise incident report

This incident report from the Australian National University is definitely worth a read, both as an interesting look into the mechanics of a systems compromise…

Continue Reading