Leadership

The cost of resetting a password

If someone asked you how much the cost of a task is, I bet you would struggle to given them an accurate response, the default position of most people is to underestimate a cost of doing something (but estimation science show’s us that it tends to vary based on role e.g. project managers are risk averse, engineers think they can solve things faster than they can and executives often just want it to be cheaper for the sake of it being cheaper – Parkinsons Squeeze I think that is called)

Years ago I stared looking at total cost of ownership (TCO) and Return on Investment modelling (I mean a lot of years ago….) and I’ve created a range of models for organisations for:

  • Sales Estimation
  • Business Cases
  • Budget Planning
  • Project Planning
  • System Optimisation Analysis
Read more “The cost of resetting a password”
Threat Intel

Fortiweb – CVE-2025-58034

‘CVE-2025-58034 is an OS command injection vulnerability (CWE-78) in Fortinet FortiWeb, allowing an authenticated attacker to execute unauthorized code on the system through crafted HTTP requests or CLI commands. It affects versions including FortiWeb 8.0.0-8.0.1, 7.6.0-7.6.5, 7.4.0-7.4.10, 7.2.0-7.2.11, and 7.0.0-7.0.11. The vulnerability has a CVSSv3 score of 6.7 (medium severity) and has been observed exploited in the wild, prompting its addition to CISA’s Known Exploited Vulnerabilities catalog.’

Read more “Fortiweb – CVE-2025-58034”
AI

Can AI replace intelligence analysts?

Ok, it’s late, and well I wanted to look into cyber attacks where social engineering is a key component combined with technical hacking skills.

There’s been a growing number of these style events, so I tasked GROK to create an assessment for me, let’s see how it did! Let’s both try and answer the questions:

Can GROK replace intelligence officers and can GROK help us defend better against social engineering + technical attacks? What do you think? (please take all of this with a pinch of salt… LLMs are known to make mistakes/hallucinate/lie in a very convincing manner)….

they look nice…. but looks can as we know, be deceiving! (is the entire blog just a social engineering experiment by me?)

Read more “Can AI replace intelligence analysts?”
Education

Learn to SOC: Cryptominer Analysis

I’m totally in the middle of doing some work but this alert just came in so I have quickly dumped the data:

This came in via a Confluence exploit (not sure which CVE yet). I’ve not got time to analyse but thought I’d share this as an educational excercise for people! It’s a good excercise to see the apache tomcat logs and then decode, obtain samples and analyse the activity/imapct (as well as yoink IOCs etc.)

Read more “Learn to SOC: Cryptominer Analysis”
Copyright (c) Xservus Limited