Cyber Security
Weekly CSC Blog
Alert - phishing investigation
We are constantly seeing new attempts for the cyber gangs to get access to our information, payment information and credit card details. While the specific example in this scenario is a South African based courier, I have seen the same types of attacks in multiple geographies and they follow the same attack path. Jaiden has helped me run through this so we can share this with people out there t...
Credential Theft Week 3
Continuing our J2 SOC Manager’s series on credential theft, this week we touch on some things you should be doing to protect yourself. We hope that you have found the first few pieces helpful and please feel free to get in contact us if you have questions, comments or want to further clarity. After our previous pieces explored several methods that the cyber criminals will use to steal your cred...
Credential Theft Week 2
Continuing our J2 SOC Manager’s series on credential theft, this week we explore how attackers steal credentials on the local device. Future pieces will discuss other methods and prevention strategies. We hope you enjoy this series and feel free to get in contact us if you have questions, comments or want to further clarity.
Attacking passwords on the local device
The password or has...
Credential Theft Week 1
Our J2 SOC Manager has created a series of pieces around credential theft. In the coming weeks we will unpack several methods of attack. In this, the first in the series, we start with some background information and a dive into attacking passwords in network traffic. Future pieces will discuss other methods and prevention strategies. We hope you enjoy this series and feel free to get in contac...
Phishing 101 version 2.0
In a profit driven, ethically unconstrained criminal enterprise like phishing it is not surprising that threat actors have evolved to match the times. Rather than focus on techniques, this article will discuss how phishing applications have changed to match new security standards. It should be noted that only 22% of Microsoft clients have adopted two factor protection, so the traditional phishi...
PKI Compromise by Default
Certificate Authorities. They’re an invisible elephant in the room. They’re the colourless passport stampers that complement your inscrutable active directory certificate processes. The whole thing sounds very grey and bureaucratic, but threat actors and security wizards are looking at the certificate process very closely, and for good reason. Those passports can do quite a lot. In this article...
