Creating a CTF

By Paul Williams Introduction I designed an Augmented Reality (AR) CTF for an event for Leigh Hackspace CIC initially aimed at children, but open on the day to people of all ages. The CTF comprised of a web application as well as physical component. The code for the web application is located on GitHub at the following URL https://github.com/leigh-hackspace/spooky_hunt. When designing a CTF, several considerations must be made, such as technical capabilities of the target audience, and the difficulty of which flags (ghosts) can be obtained. The objective of the […]

The Danger of Migrating from an International to a National Domain

Every day, more companies are joining the sanctions club by restricting access to their services and products to end-users in Iran. These sanctions were supposed to target the government of Iran but day after day it’s turned into a direct weapon against Iranian citizens who, uninvolved in politics, are being punished because of their nationality. In the latest movement, US sanction hit the Iranian regime’s tech and media industry on January 25th 2020. Fars News Agency’s website, the state-run propaganda machine of the Revolutionary Guard, has been officially prevented from […]

A brief history of password cracking

Something that gets talked about a lot on the internet is password security and password hygiene. Everyone has heard that it’s best practice to use long passwords that are unique and complex, but I want to write a short post about why those things are important, how passwords are stored by websites, and what that means for you. The first thing to mention is USE PASSWORD MANAGERS. It’s the most important thing for keeping your accounts secure! If you don’t know what they are, it’s software that helps you generate […]

Red vs Blue – A write-up of our SkillSec workshop

I often feel that blue teaming doesn’t always get the love it deserves, so we decided that this months SkillSec would be about Red vs Blue. For those that may not be familiar with these terms, Red is the “offensive” side of security (think “attack simulation”) and blue is about defending i.e. detecting and stopping the attackers. As is often said, blue can be more challenging as you have to defend every weakness whereas with Red, you only have to find one weakness. Both are important to consider. Whilst Digital […]

Securing the Mainframe

Security consultants tend to specialise fairly early in their careers, and one of the areas I chose to specialise in, and something that Digital Interruption offers our clients, is mainframe security assessments. For many of us, unless you’re over a certain age, or have a strange fixation on weird machines, you’ll likely have never interacted with a mainframe before. There are a few popular (and contradictory) myths in the infosec community about mainframes: They’re legacy They’re the same as supercomputers Nothing a cluster of cloud computers can’t beat Nobody uses […]

TEMPEST in Action

Digital Interruption is lucky enough to have a penetration testing team which consists of experienced hackers and penetration testers. This means we often have the pleasure of experimenting with attacks and demonstrating weaknesses that might otherwise only be seen as theoretical attacks. One great example of this is TEMPEST – also known as Van Eck Phreaking. In this blog post, we’ll see TEMPEST in action and try and help you understand whether this is an attack you should worry about. What is TEMPEST? First, some background. TEMPEST is an attack […]

Post Exploitation on Linux – Release the Orc

This blog is an extension of my Arcane Arts of Linux talk at Steelcon 2018, as well as a quick discussion about a post exploitation tool I’ve been writing and playing with for the last few months, called Orc. Part of the inspiration for this post is that over recent years, there’s been a lot of conversation about red-team techniques for Windows, significant tool development and tool evolution, and generally quite a lot of progress. Linux, on the other hand, doesn’t receive nearly as much attention. There are a lot […]

Skimmers and Magecart Attacks

Magecart attacks have taken up a considerable portion of the news cycle over the past year where card data has been harvested from notable enterprises like British Airways, Newegg and Ticketmaster. While the mainstream news has moved on and become silent due to current targets not being quite as significant as BA, the attackers are still operating. In this blog post, we want to talk about a couple of mechanisms you should be using to reduce your attack surface and keep your customers safe A little background is always good: […]

Introducing Ali

I’m excited to join the growing Digital Interruption team as Head of Defensive Security! Part of what drew me to DI is the promise of doing security differently – from the transparent, clear pricing model to the focus on continuous security, baking it into the SDLC, supported by policy guidance. My background is very much the attacking side of security – I’ve spoken at multiple conferences about tool development and finding vulnerabilities in obscure systems. When it comes to a legacy mainframe, an unusual embedded device, or really anything that […]

Mental Health in Tech – be part of the solution, not part of the problem

By Saskia This week I gave the introductory talk at the Techs and the City event about mental health. I have a lot of experience in this area and have deep concerns about how mental health is handled, both generally in the tech industry, but specifically in cybersecurity. The reception to all the talks was amazing, I was asked to turn mine into a blog post. This is the post. This is not just my experience but a call to action, so if you have the time please read to […]