Security Research

Show
How Cybercriminals are using Blockchain DNS: From the Market to the Bazar
June 12, 2018

Since the takedowns of AlphaBay and Hansa in 2017, the cybercriminal community has been incorporating alternative technologies to improve both …

read more

Market.ms: Heir to the AlphaBay and Hansa throne?

June 4, 2018

It’s almost one year since the AlphaBay and Hansa dark web marketplace takedowns, also known as Operation Bayonet. Looking back, …

read more

Keys to the Kingdom: Exposed Security Assessments

April 24, 2018

Organizations employ external consultants and suppliers to perform assessments and penetration tests that help to bolster their overall internal security. …

read more

Trust vs Access: A Tale of Two Vulnerability Classes

October 20, 2017

It’s been a big week in cyberspace, with high profile crypto vulnerabilities KRACK (affecting WPA2) and ROCA (affecting RSA keys generated by Infineon hardware) …

read more

Key Reinstallation Attacks (KRACK): The Impact So Far

October 16, 2017

Today, a series of high-severity vulnerabilities affecting the WiFi Protected Access II (WPA2) protocol were disclosed. Security researchers have developed …

read more

Keep Your Eyes on the Prize: Attack Vectors are Important But Don’t Ignore Attacker Goals

June 23, 2017

Reporting on intrusions or attacks often dwells on the method that the attackers used to breach the defenses of a …

read more

All You Can Delete MongoDB Buffet

January 12, 2017

A number of extortion actors were detected accessing unauthenticated MongoDB installations and replacing their contents with a ransom note, usually …

read more

A Model of Success: Anticipating Your Attackers’ Moves

December 1, 2016

In a previous blog, we discussed the role of planning in offensive operations and the power that effective planning affords …

read more

Plumbing the Depths: the Telnet protocol

October 3, 2016

On October 1, 2016 Krebs on Security reported that the source code for the Internet of Things (IoT) botnet malware …

read more

Overexposure – photos as the missing link

August 3, 2016

You have heard it all before ­– recycling passwords for multiple services can be catastrophic. One service being breached and …

read more

Recycling, bad for your environment!

June 27, 2016

The news is constantly flooded with yet another breach of a high profile vendor. Perhaps the biggest and most publicized …

read more