January 2019 - Digital Interruption

Post Exploitation on Linux – Release the Orc

This blog is an extension of my Arcane Arts of Linux talk at Steelcon 2018, as well as a quick discussion about a post exploitation tool I’ve been writing and playing with for the last few months, called Orc. Part of the inspiration for this post is that over recent years, there’s been a lot of conversation about red-team techniques for Windows, significant tool development and tool evolution, and generally quite a lot of progress. Linux, on the other hand, doesn’t receive nearly as much attention. There are a lot […]

Skimmers and Magecart Attacks

Magecart attacks have taken up a considerable portion of the news cycle over the past year where card data has been harvested from notable enterprises like British Airways, Newegg and Ticketmaster. While the mainstream news has moved on and become silent due to current targets not being quite as significant as BA, the attackers are still operating. In this blog post, we want to talk about a couple of mechanisms you should be using to reduce your attack surface and keep your customers safe A little background is always good: […]

Introducing Ali

I’m excited to join the growing Digital Interruption team as Head of Defensive Security! Part of what drew me to DI is the promise of doing security differently – from the transparent, clear pricing model to the focus on continuous security, baking it into the SDLC, supported by policy guidance. My background is very much the attacking side of security – I’ve spoken at multiple conferences about tool development and finding vulnerabilities in obscure systems. When it comes to a legacy mainframe, an unusual embedded device, or really anything that […]