Recent Blog Posts
-
Ransomware 3.0: The Evolution of a Digital Plague
Ransomware isn’t going anywhere. In fact, it’s only getting worse. Cybercriminals are finding new, creative ways to exploit vulnerabilities, make money, steal data, and terrorize people, businesses and municipalities alike. During a talk I attended today hosted by Dan Lohrmann (Presidio) and Earl Duby (Auxiom), a panel of cybersecurity heavyweights comprised of guest speakers Allan…
-
Let’s Talk About Mozilla
TL;DR: If you’re one of those people who only reads the title and bylines before bouncing off – don’t waste your time, here’s a quick fix: Ditch Firefox, install LibreWolf. It’s an open-source fork of Firefox that comes pre-hardened for privacy without all the bloat of the original browser. No more fiddling with settings to…
-
Write-Up: Setting Up a Dark Web Research Environment
This guide is your blueprint for setting up a hardened, secure environment for deep/dark web research. The basic setup should cover most operating systems, while the deep dive will go over Arch Linux specifically. I won’t be holding your hand through technical terms. If you’re unfamiliar with the concepts and underlying tech discussed here, you…
-
The Honey Trap: A Scandal in the World of Browser Extensions
Honey, the free browser extension once hailed as the saviour of online shoppers, has been exposed as a scam, and the extent of its deception has sent shockwaves throughout the digital landscape. Promising to find the best coupon codes and save users money, Honey managed to become a household name, endorsed by influencers like MrBeast,…
-
Operation Trojan Shield: The FBI’s Legal Tightrope in Privacy Invasion
Operation Trojan Shield – a name that has now become synonymous with the largest global sting operation in history. Orchestrated by the FBI in collaboration with the Australian Federal Police (AFP) and other international law enforcement agencies, this operation unfolded as a masterstroke of deceit and surveillance. On its surface, Trojan Shield is hailed as…
-
The Case Against ‘Responsible Disclosure’
The debate over vulnerability disclosure is as significant as it is contentious. ‘Responsible disclosure’, a term coined by software vendors many decades ago, advocates that security researchers privately report vulnerabilities to the affected vendor, allowing the company time to fix the issue before making it public. On the surface this approach seems reasonable – it…
-
Analyzing the CrowdStrike Outage: What Went Wrong, Why It Happened, and What We Can Learn
The recent CrowdStrike outage has sent shockwaves through the global IT landscape, leading many to consider it one of the biggest failures in tech history. Affecting over 8 million machines globally, including critical systems in airports, hospitals, banks, the sheer scale and impact of this outage is staggering. But what really happened? Who’s to blame?…
-
Red Teaming Dissertation: A Comprehensive Handbook and Framework
Current research in red teaming primarily focuses on practical methodologies, as well as exploring the integration of red teaming with broader cybersecurity strategies. While existing literature provides valuable insights into various aspects of red teaming, there is a gap in the availability of comprehensive guides and frameworks for conducting successful red teaming engagements. This gap…
-
Cybersec Europe 2024
https://www.cyberseceurope.com Cybersec Europe 2024 was a major cybersecurity event held in Brussels Belgium on May 29th and 30th, 2024. The event was a platform for cybersecurity professionals to exchange information, foster collaboration, and address the growing challenges of cyber threats. The event is focused on fostering innovation in the field of cybersecurity. It’s meant for…
-
Digital Forensics with i-Force
https://i-force.be Recently, I had the opportunity to attend a highly informative digital forensics talk hosted by i-FORCE. The event featured insights from Pieter Van der Hulst and Tjebbe Van Quickenborne, both experts in the field of IT security, investigations, and incident response. This blog post is a detailed overview of the key takeaways from the…