CYBERSEC Weaponizing CoAP For DDoS Attacks In his latest article Security Researcher Francseco Cipollone covers a little history of DoS and DDoS attacks and explains how the IoT CoAP protocol can be weaponized for DDoS attacks.
CYBERSEC JetBlue Vulnerability - How Not To CISO In this article security researchers Dylan English and Benjamin Scotsman reveal a vulnerability at a major US airline and castigate their airlines CISO.
TECHNICAL How To Upload Any File To Amazon's Free Unlimited Photo Storage Space Have you ever wondered how to use Amazon Photos unlimited space for your own personal files? Wonder no longer, Alessandro Innocenzi has it all figured out and Amazon says it's fine.
TECHNICAL Metasploit Community CTF 2018 "Remembering Aaron Swartz" came second at this year's metasploit CTF. Most of us played for the first time and it was a unique experience.
TECHNICAL Access Control - Cloud vs Traditional (Part 2) The second in a series of articles from Security Chief Francesco Cipollone of NSC42 that deep dives into the subject of access control, authentication and compliance.
INFOSEC A Short History Of Internet Access & Internet Service Providers (ISP's) Many of us remember the days before the internet, even if it now seems like a distant and forgotten dream. Learn about the history of the internet and the ISP market in this short history.
CYBERSEC Black Hat 2018: USA Report An overview over the world's leading Las Vegas information security event in its 21st year given by Francesco Cipollone with his personal impressions and thoughts.
INFOSEC Make Hacking Great Again Stop gate keeping, start helping each other for good! Charles Shirer with an important piece on the current state of the hacking community and how we can improve it.
CYBERSEC Artificial Intelligence & OSINT : Part 1 In this article from Nidal Morrison we take a closer look at how AI can be leveraged in OSINT as a way of reducing workflows and speeding up detections in investigations.
INFOSEC Hack-The-Box Starter Pack Have you been marveling at those hacky hack people chiseling away at HTB challenges and wondered if you can hack the box too? Step right up!
CYBERSEC Dumping On Dummies Join security researcher Keiose in her exploration into the notion that there is insufficient testing in kinetic based weapons systems across the US military.
TECHNICAL Access Control : Cloud vs Tradition A closer look at access control systems and the difference between cloud bases access controls and the more traditional on-prem versions.
CYBERSEC Predicting 2018's Bah Humbug Christmas infosec predictions, the hopelessly generic forecasts, the bland Christmas-themed attacks and outdated predictions recycled from three Christmases ago.
TECHNICAL My Journey To The Google Hall Of Fame This is the story of the how Abartan Dhakal managed to get into the Google Hall of Fame, along a path strewn with failure and invalid vulnerabilities.
CYBERSEC Social Engineering 0x01 ~ An Introduction to Hacking People The most vulnerable thing about your workplace is the people in it. We, as humans, do not have things like security hot-fixes or patches, yet we have some of the biggest flaws ever seen.
INFOSEC How Not to CISO - Tools Before Capabilities Tools are stepping stones in maturity and capability within an organization. In this article we take a look at how not to approach investing in infosec tools.
CYBERSEC How To Handle A Data Breach Crisis ‘Crisis’ is not a word that sensible people like and is best avoided altogether. Let's imagine that a cybersecurity crisis ambushes you when you least expect it.
CYBERSEC Secure Password Handling in Depth Infosec never gets bored of talking about passwords. In this article we deep dive into the consensus around web application password handling.
TECHNICAL Using Serverless Frameworks - Part 1 Serverless has become a movement in application development because it allows developers to focus on code and leave infrastructure to the providers.
CYBERSEC Getting Started With Objection + Frida How to get started assessing iOS apps on a nailed device using Objection. which enables us to assess an iOS app in an environment using Frida.
CYBERSEC Quantum Computing 101 - Part One Quantum Physics studies the behavior of matter & energy at the molecular, atomic & nuclear levels and it will have a huge impact on secure computing.
TECHNICAL False Flags In Threat Attribution The entire concept of threat attribution is tremendously flawed argues security researcher Matt Telfer. In this article we take a closer look at false flags.
INFOSEC The Browser Is A Bitch We love browsers, they are our window to the world, we love browsers so much that we have fought wars over them, but sadly the browser is not your friend.
INFOSEC Lets Talk About Ciphers Ciphers have been used since ancient times for sending encrypted messages which could not be read if they were intercepted by a third party.
TECHNICAL Flaring The Blue Team - When You Confuse Them You Lose Them In this article, we take a closer look at a flaring script for report-uri, one that we will use to confuse and distract the blue team by sending them random false positives. #flaring
