Estimated difficulty: 💜💜💜🤍🤍 Oh no, it’s another one from the MOBster series coming to get you! Hide… Run… Read with intrigue! This post is covering, M2: Insecure Data Storage, the second listing from the OWASP Top 10 Mobile Risks list. The last post in the MOBster series covered M1: Improper Platform Usage. Insecure data storage …
Estimated difficulty: 💜🤍🤍🤍🤍 First thing’s first! Let’s talk definitions. So, what actually is risk management? To put it simply, it is the management of the risk within an organisation (doh!). The risk management process involves identifying security risks and creating and implementing plans to mitigate them. Defining Risk Risk is defined as a potential event …
Read more “Risky Business: A Down-Low on Risk Management Basics”
Estimated difficulty: 💜🤍🤍🤍🤍 This week is special, it’s the last post before Christmas and we might as well channel our inner Sophia and add in a little Christmas song to get us into the Christmas spirit. And since we are now feeling festive, let’s dive into Google Dorking, Christmas style! Google Dorking was my first …
Estimated difficulty: 💚💚💚 Hey Securiteenies! And welcome to another blog written just for you. Following on from Sarah’s “Castle on a Cloud” post about the basics of the internet – are you ready to learn a little bit about web hacking? First of all let’s recap… The Internet vs. the World Wide Web As Sarah …
Read more “Web(uilt) This City on Rock and Roll: An Intro to Web Hacking”
Estimated difficulty: 💜💜💜💜🤍
Happy Friday, everyone! This week, I’m introducing something I’ve been interested in for a while – chaos engineering. If you haven’t heard of chaos engineering before, don’t worry – a lot of people haven’t, and it’s still quite new as a discipline.
Estimated difficulty: 💚💚🤍 It’s a wonder what is up in those clouds, clouds can mean many different things in this day and age. Clouds live in the sky, there is something called cloud computing and more importantly, (for this article) clouds can represent the internet – especially in a network diagram! But what actually is …
Estimated difficulty: 💜🤍🤍🤍🤍 Happy Friday and happy (continued) cybersecurity awareness month! For those of you that don’t know, October is renowned for being cybersecurity awareness month – a month dedicated by security professionals to raise awareness in cybersecurity, specifically to the everyday user of technology that may not be security-savvy. Following on from Morgan’s last …
Read more “I Spy With My Little Eye: A Guide to Social Media OpSec”
Estimated difficulty: 💜🤍🤍🤍🤍
Welcome to Friday, and Cybersecurity Awareness Month. In October, security professionals spend the month raising awareness about cybersecurity and posting tips on social media about online safety.
Estimated difficulty: 💜💜💜💜🤍 Welcome back to the MOBster series! The last post I published, covered the different aspects of an APK file – otherwise known as an app. This post I want to take some of these principles a step further and look at the possible effects of a misconfigured app! Following the guidelines of …
Read more “What’s that coming over the hill? Is it a MOBster, is it a MOBster!?”
Estimated difficulty: 💜💜💜💜🤍 Recently I have been approached by many folks on how to get started with automotive hacking. After completing my dissertation in automotive hacking (and achieving a whopping 90% – yippee!) I decided to write this blog post as an introduction into the one of the many ways you can hack a car …
Read more “Hax and Furious: An Introduction to CAN Bus Hacking with ICSim”