Security firms have long been a target for nation-states and hackers, as illegally accessing their tools and/or confidential reports can provide sensitive insights into corporate and government client information on an international scale.

But it still shocked both the cyber security industry and the business world as a whole when FireEye, a $3.5 billion company with high profile clients such as Equifax, Sony and various government agencies, recently revealed that it was hacked by, according to their press release, “a nation with top-tier offensive capabilities.”

Evidence apparently points to Russia’s intelligence agencies (possibly Cozy Bear) who may have seized an…

“‘… As phishing becomes more profitable, hackers are becoming increasingly sophisticated in the methods they use to steal passwords’, according to Tanmay Ganacharya, a principal director in Microsoft’s Security Research team.’”

We’re getting pretty used to seeing press releases like this on an ongoing, almost daily, basis. So it appears on the surface that cyber security teams are playing a losing game of catch-up as hacker shenanigans (particularly Ransomware of late) escalate.

The good news is hackers are not necessarily becoming more tech savvy. While with any tech (or crime in general, for that matter), there are standouts on both…

Google. Amazon. Facebook. Apple. Known as “The Big Four” or “The Emperors of Data” in the computer industry, albeit not always affectionately. Recently these tech giants were hauled in front of the US congress, under investigation to determine whether they have abused their power and dominance in the online marketplace and become, in essence, monopolists.

While being grilled, Jeff Bezos, CEO of Amazon, admitted that “Amazon may have improperly used third-party seller data to inform its own product decision”, stating specifically, “I can’t guarantee you that policy has never been violated.”

Facebook CEO Mark Zuckerberg was confronted about internal company…

By now, we’ve all heard of the existence of hackers and hacker groups. While most of us can only actually “name” a few (if any) of them, we are nonetheless bombarded by reports of their nefarious activities and fear whom they may strike next on an almost daily basis.

But what are their motivations? Are they simply disgruntled teenagers that switched focus from britches to breaches? Is it for political reasons? Environmental causes? Creating chaos for the sake of creating chaos? Or just good ole’ fashioned economics? Well, there is no simple answer. It can be all, some or none…

When Microsoft purchased Github a lot of users thought it was a harbinger of bad things to come in the coding universe. Then again, some believe it will improve GitHub because of the money that Microsoft can throw at it and, if done properly, this could actually make it a better platform (they have already introduced many new features, including a mobile app). The one thing that can’t be debated is that as soon as Microsoft purchased GitHub, they shifted its monetization scheme dramatically.

So what’s in a name?

“GIT”, created in 2005, is a program that stores and organizes open source code (as well…

The world of spies and cyber intelligence is shrouded in mystery. But have you ever wondered what it actually takes to build and run a cyber intelligence company?

In an exclusive interview with The Many Hats Club, Cal Leeming, founder of ZeroGuard, reveals how they monitor the internet and analyse trillions of unique signals, in their effort to make the internet a safer place.

Adhering to the mission mantra of “collect all the data, analyze all the things”, Cal walks us through their epic journey of building intelligence capabilities from scratch. …

UPDATE 17th April 2020: PasteBin have announced they are looking into ways to give security researchers access. But they have not mentioned if this will require payment. https://twitter.com/pastebin/status/1250847990131986432

It’s no secret that the InfoSec community relies on a variety of intelligence sources to monitor potential threats and identify threat actors. One of these sources being PasteBin, a quick and easy platform for sharing blobs of text, a favourite among both techies and criminals.

Even a quick Google Cache search with the term “site:pastebin.com password” yields some interesting results, which can be converted into signals, such as IOCs or passive intelligence.

…

With new tech comes renewed optimism and new claims — some substantiated, most hype. Such is the case with the emergence of 5G technology. For example, according to an article by netimperative, upwards of 10,000 jobs were lost in the retail sector in the UK alone, with online shopping being pegged as the main cause. Thus, “British executives hope 5G will allow retailers to use AR/VR to enhance the customer experience, while improving stock efficiencies and eliminating queues at the checkouts”, which will hopefully in turn bring consumers back to the brick and mortar shops.

Unfortunately, this wishful optimism that…