Category: hacks

A security use case for ChatGPT: Email Scam Robo Judge

I have been noodling around with ChatGPT recently and have found a nice little use case that I hope someone with more coding skills and…

Continue Reading

Leaking company secrets via generative AIs like ChatGPT

For a third party, knowing what people from company X are asking of ChatGPT (or any other generative AI) could be quite interesting and profitable…

Continue Reading

Hunting for secrets on GitHub

We need to work with system designers and developers to make them understand that using a secure credential vault with programmatic access is not an optional luxury – it is a basic security requirement. Credentials do not belong in code, even if that code is stored in a safe inside a vault inside a volcano.

Continue Reading

LinkedIn and LOLBINs

Yet another example of how LinkedIn can be abused by the bad guys… a phishing campaign which used job titles scraped from user profiles to…

Continue Reading

It could happen to anyone…

The headline is eye catching: a data breach at a highly respected security training organization when an employee falls for a phishing email. It is…

Continue Reading

The elusive USB drive attack

Stories of hackers attacking companies by dropping malware infected USB flash drives in the firm’s parking lot are a standard infosec cautionary tale – don’t…

Continue Reading

Living off the land – EFS Ransomware

Attackers have responded to improved security against malware in Windows environments by “living off the land” (LOTL) – using the tools already present in the…

Continue Reading

Aging reports – new ammo for attackers

Another reminder that attackers are getting more sophisticated and taking the time to learn about their victims and their business processes before launching their phishing…

Continue Reading

Juice Jacking – meh!

Lately, I have been seeing a number of posts and articles warning us all not to use publicly available USB charging points due to the…

Continue Reading

Snail mail hacking

Some of the most effective hacks don’t require the attacker to touch your computer. This article from Flashpoint provides some insight into how criminals are…

Continue Reading