Education

Am I a criminal or am I a cybersecurity…

Whilst the common person will largely link the words “hacker/hackers” to criminal the reality is hackers are scientists/artists/creators/ComputerOperators and the choice of being a criminal or not is down to actions and consequences. So the debate about if you identify as “hacker” does that make you a criminal, well it’s nonsense isn’t it. I could call myself a pony but it won’t make me one, much like I could call myself a criminal and I could be entirely law abiding.

Read more “Am I a criminal or am I a cybersecurity crime fighter?”
Education

Is my house spying on me?

Do you ever get the feeing you are being watched? What about listening to it? Do you ever talk about a subject and then see it appear in adverts despite never using a computer to search for it?

Well don’t worry there’s lots of reasons as to why this can occur, and whilst you might want to think someone is spying on you, the truth is they probably aren’t looking for you, but they might be harvesting your data.

Read more “Is my house spying on me?”
IOT

IoT Security

The digital explosion, the consumerization of technology and the world of internet connected fridges leads to a range of security and privacy risks.

There’s lots of work that’s occurred in this space, for example there is the : Code of Practice for Consumer IoT Security

Read more “IoT Security”
Threat Intel

Active Cybercrime Groups

Ransomware this, ransomware that! The problem is, you can be tired of the subject but that doesn’t mean the threat has gone away! So what are the currently active ransomware groups posting victims?

Well here’s a list of currently active group (Both Ransomware and Marketplaces) names who have ONLINE “DARK WEB” (TOR) hidden services online and who are posting victims or are markets:

Read more “Active Cybercrime Groups”
Education

How would I apply to the role of “Head…

I was pottering about (not like a wizard, more like a cold infected zombie!) and an email hit my mailbox with the “Head of Cyber Architecture” at BA. I have no intention of applying but I thought.. I wonder if this is a good exercise to show people how I would go about the exercise? Well to even begin this I need to write down some notes. So I guess here we go… how far I get into this “fantast football” style scenario who knows, but hopefully it will show some people how I might do things! First up let’s look at the raw requirement:

Read more “How would I apply to the role of “Head of Cyber Architecture””
Threat Intel

ESXiargs Summary 09-02-2023 10:03

What do we know?

Adversary: Unknown, likely Criminal Actor/s

Initial Access Vector: Unknown/Unproven

Impact: ~3K+ Hosts have had Remote Code Execute and their ESXi logon pages changed (plus had encryption routines run to encrypt virtual machines, with varying success). A Second encryption routine has been deployed to some hosts; the threat actor is expanding/changing capabilities.

Risk: Further impact, Additional Threat Actors Exploit the vulnerability

Read more “ESXiargs Summary 09-02-2023 10:03”
Guides

Ransomware + Mega = Mega Cyber Pain

Did you ever read about ransomware actors? They often use mega upload to exfiltrate data! So I figured, why would we not detect this with MDE?

I mean sure we should probably block this with a custom indicator using Web Content Filtering and sure it would probably get blocked by Protective DNS but let’s say for whatever reason you don’t have those in place, let’s look at a really simple query to find mega connections in MDE:

Read more “Ransomware + Mega = Mega Cyber Pain”
Copyright (c) Xservus Limited