We’re giving away 100 REX licences… It’s dino-mite!

We’re giving away 100 REX licences… It’s dino-mite! We’ve had some exciting news! We found out a few weeks ago that Innovate UK want to help us fund the development of one of our security tools, REX. What is REX? REX is a vulnerability scanner, it’s designed specifically for developers and software testers to help them test the security of android applications. With REX, you can scan you Android apps as they’re being developed to detect security weaknesses early and often. This is a different approach to traditional “penetration testing” […]

Covid or Covert?

Since the government announced earlier this week that the COVID-19 Contact Tracing application is to be trialled in the Isle of Wight, there has been a lot of mixed messages and FUD (Fear Uncertainty and Doubt) on both mainstream and social media. Whilst we’re waiting for the app to be released so we can start analysis, we can review the white paper released by NCSC to understand how the application should work and what kind of privacy and security concerns may exist. Of course, this analysis is based solely on […]

When Phishing goes Viral

How attackers are using social media to create COVID-19 specific phishing campaigns. The coronavirus, or COVID-19, has affected the lives of millions of people and businesses around the globe. Changes in behaviors resulting from the changes we have had to make to live and operate have opened up new attack vectors for attackers. Change brings innovation, but also risk. By raising awareness we can find the right balance of safety and usability.   In this blog, I’ll   address some of the most common security threats facing people during lockdown.  […]

The Danger of Migrating from an International to a National Domain

Every day, more companies are joining the sanctions club by restricting access to their services and products to end-users in Iran. These sanctions were supposed to target the government of Iran but day after day it’s turned into a direct weapon against Iranian citizens who, uninvolved in politics, are being punished because of their nationality. In the latest movement, US sanction hit the Iranian regime’s tech and media industry on January 25th 2020. Fars News Agency’s website, the state-run propaganda machine of the Revolutionary Guard, has been officially prevented from […]

A brief history of password cracking

Something that gets talked about a lot on the internet is password security and password hygiene. Everyone has heard that it’s best practice to use long passwords that are unique and complex, but I want to write a short post about why those things are important, how passwords are stored by websites, and what that means for you. The first thing to mention is USE PASSWORD MANAGERS. It’s the most important thing for keeping your accounts secure! If you don’t know what they are, it’s software that helps you generate […]

Red vs Blue – A write-up of our SkillSec workshop

I often feel that blue teaming doesn’t always get the love it deserves, so we decided that this months SkillSec would be about Red vs Blue. For those that may not be familiar with these terms, Red is the “offensive” side of security (think “attack simulation”) and blue is about defending i.e. detecting and stopping the attackers. As is often said, blue can be more challenging as you have to defend every weakness whereas with Red, you only have to find one weakness. Both are important to consider. Whilst Digital […]

Securing the Mainframe

Security consultants tend to specialise fairly early in their careers, and one of the areas I chose to specialise in, and something that Digital Interruption offers our clients, is mainframe security assessments. For many of us, unless you’re over a certain age, or have a strange fixation on weird machines, you’ll likely have never interacted with a mainframe before. There are a few popular (and contradictory) myths in the infosec community about mainframes: They’re legacy They’re the same as supercomputers Nothing a cluster of cloud computers can’t beat Nobody uses […]

TEMPEST in Action

Digital Interruption is lucky enough to have a penetration testing team which consists of experienced hackers and penetration testers. This means we often have the pleasure of experimenting with attacks and demonstrating weaknesses that might otherwise only be seen as theoretical attacks. One great example of this is TEMPEST – also known as Van Eck Phreaking. In this blog post, we’ll see TEMPEST in action and try and help you understand whether this is an attack you should worry about. What is TEMPEST? First, some background. TEMPEST is an attack […]

Post Exploitation on Linux – Release the Orc

This blog is an extension of my Arcane Arts of Linux talk at Steelcon 2018, as well as a quick discussion about a post exploitation tool I’ve been writing and playing with for the last few months, called Orc. Part of the inspiration for this post is that over recent years, there’s been a lot of conversation about red-team techniques for Windows, significant tool development and tool evolution, and generally quite a lot of progress. Linux, on the other hand, doesn’t receive nearly as much attention. There are a lot […]

Skimmers and Magecart Attacks

Magecart attacks have taken up a considerable portion of the news cycle over the past year where card data has been harvested from notable enterprises like British Airways, Newegg and Ticketmaster. While the mainstream news has moved on and become silent due to current targets not being quite as significant as BA, the attackers are still operating. In this blog post, we want to talk about a couple of mechanisms you should be using to reduce your attack surface and keep your customers safe A little background is always good: […]