Entries by admin

APT10 Breach Managed Service Providers

An alleged Chinese APT (Advanced Persistent Threat) known by the name APT10. This group is also known as: Red Apollo by PwC UK CVNX by BAE Systems Stone Panda by CrowdStrike POTASSIUM by Microsoft and menuPass Team by Trend Micro The group behind the attacks has targeted Canada, Brazil, France, Norway, Finland, Switzerland, South Africa, […]

RDP – ‘Really Do Patch’

With the release of security notice CVE 2019-0708 on the 14th of May 2019, a sudden increase in port 3389 scanning on our external honeypot as can be seen from the image below. So far I have seen that there are more than 1 million IP addresses exposed to the Internet that are vulnerable to […]

Dunning-Kruger Effect in the Workplace

Information Security, IT Auditing, IT Risk Management, and many of these types of functions within an organization lend itself to many traits that can be classed as psychological egoism and can have a negative impact in the work environment. One of the most dangerous users you may encounter suffers from the Dunning-Kruger Effect. Let me […]

Do you have a view of the attacks in your network?

All traffic in and out of your environment MUST be monitored for unknown traffic and reviewed by skilled staff and if required incident response initiated.  In the following image (clickable for large view) you can see that there are attacks from Indonesia on the Apache Struts exploit.  I can note here that the server being […]

Websites want me to remove my Ad-blocker

More and more sites I visit is detecting that I use an ad-blocker and asking me to either pay a daily or monthly fee to access their content, or whitelist the site in my system.  If the content is valuable which is not available free from other sites I would not mind having a small […]

Getting caught by unsubscribing from spam

By unsubscribing you confirm your email to the main spamming company and you will only get more spam Have you ever received an spam email that you have unsubscribed from before?  Today I had a very interesting encounter with a local company getting onto the bandwagon to sell training by obtaining email lists from definitely […]

Data Leakage – A covert channel

If you think you are safe having adequate NAC (Network Access Control) but not controlling local administrative access and application execution on your workstations, you should think again.  This post will go through some of the risks as well as some of the controls in an enterprise environment.  This is an example of bypassing a […]

Free Internet at Santander Totta

The banking landscape is changing at an exponential rate.  Travelling a bit and finding myself on the island of Madeira.  Off the continent of Africa, closest country is Morocco, but it is part of Portugal.  A few years ago, BANIF Bank was experiencing some financial stability and was bought out by a the Spanish Bank […]

Mentor Program

A notice to budding Information Security professionals.  With many years of experience in many aspects of Information Security, IT Auditing at business and low-level, it is always a pleasure to meet some of my peers that have dedication and zest. Any person is welcome to submit a query to get more information in obtaining information […]

Bank Re-branding – Criminal Exploitation

ABSA Bank, from whom Barclays has dis-invested, re-branded the bank with a new logo and with some fanfare.  As expected the criminals are waiting for such events to exploit bank clients during the ‘transition’ phase.  The interesting fact here is that the compromised sites with the Phishing exploit code is mostly in South Africa.  This […]