To begin this post on the dangers of Cobalt Strike, it is necessary to clarify some terms. First of all, 'pentest' is short for penetration test. It is an authorized, simulated cyberattack on a network for the purpose of finding vulnerabilities that may exist in that network. Those who perform this service are called, 'pentesters'. … Continue reading Cobalt Strike: From Pentesting to the Hacker’s Toolkit
Although the Taliban has tried to re-brand itself as a kinder, gentler organization, no one has really been buying it. The prevailing opinion is that they will wear this disguise until they get money from the West, then, all bets are off. It has already been reported that the Taliban have a "priority list" of … Continue reading How Much Data Does the Taliban Have on Afghans Who Helped Coalition Forces?
The title of this post alone should give you some pause; but there's more. According to the European Air Traffic Management Computer Emergency Response Team (EATM-CERT) the majority, 61%, of this increase is on airlines themselves. The graph below shows the sectors of the aviation industry and the number of cyber attacks witnessed over the … Continue reading Cyber Attacks on Aviation Up 530%
The social media landscape in Afghanistan has transformed quite remarkably since the Taliban originally seized power in 1996. Back then, the Taliban were about the only people in the country using mobile phones. They found them useful in organizing attacks. Most Afghans, however, were in no position to afford a smartphone. Besides, mobile networks were … Continue reading Social Media vs. the Taliban vs. ISIS vs. Humanity
Most Android banking malware uses overlays to fool users into clicking on something they don't really want to click on. Often, this strategy sends victims to a fake banking login page where the attackers will gather login credentials. These they will quickly use to hack into the target's bank account. But this is not what … Continue reading Vultur Android Malware Targeting Your Bank Account and Crypto Wallet
First of all, what's a wiper attack? Basically, it is what it says it is: a cyber attack with the simple goal of wiping out the data in a network. Yes, such attacks could be easily tweaked into ransomware attacks, but money isn't the goal of these attacks. Destruction is. Causing trouble is. In short, … Continue reading The Escalating Iran-Israel Wiper Attack War
I think everyone can agree that ransomware is dangerous enough as it is. It has taken down numerous companies, hospitals, cities, and government agencies. It has also brought down important segments of infrastructure as evidenced in the Colonial Pipeline attack. So, how can it get any worse? To find the answer to this question, it's … Continue reading Ransomware Takes a Dangerous New Turn
Almost everyone has heard of the Colonial Pipeline attack and most people have heard something about the SolarWinds exploit. These were both termed 'supply chain attacks' because the criminals were able to jump from the main company to attack smaller companies associated with it. The attacks involved infecting an actual update that was distributed to … Continue reading Why Did the REvil Ransomware Group Give Up Its Decryption Key?
QR codes are everywhere and are now being included in so-called vaccine passports. Since important information will be included in these codes, it is necessary to find out if, or how, these codes could be hacked, either by those who want to produce fake passports or those who could benefit from stealing the information they … Continue reading Hacking Vaccine Passport QR Codes
Recently, IBM announced that it had developed the world's first chip with 2 nanometer (nm) nanosheet technology. My first reaction upon hearing this news was; huh? What's 2nm nanosheet technology and why should I be happy about it? I made a wild guess that this chip was probably fast, otherwise, why bother announcing it. But … Continue reading What’s So Special about IBM’s New Nanometer Chip?