The intriguing case of NotPetya

On Tuesday evening another large-scale ransomware attack hit Europe – or so we thought. A few days on, the case of Petya – or NotPetya, as it has become known – is still full of interesting little details and intriguing questions that we may never know the full answers to.

Make sure you noindex sensitive files

I had an unexpected opportunity to put my cyber security skills into action this week when I stumbled across some potentially sensitive information that was publicly accessible via a search engine.

Rick Sanchez explains command injection

The brilliant Rick and Morty returned this weekend, and the third season premiere unexpectedly showcased just how devastating a successful command injection attack can be. Held prisoner in a simulation of his own memories, sometimes-great, always-mad scientist Rick Sanchez is forced to relive the moment he created his portal gun so his alien captors can […]

Finishing line: I’ve passed my GCIH exam!

The SANS Cyber Retraining Academy concludes this week, but before graduation there was time for students to take one last GIAC examination to assess our incident handling skills. I’d already passed the GIAC Security Essentials (GSEC) exam with 94 per cent a few weeks ago, but I was more nervous going into the GIAC Certified […]

Automating a brute force web attack

This week was all about hacking at the SANS Cyber Retraining Academy, as students attempted to take control of a drone before embarking on a two-day Netwars capture the flag marathon. The challenges spanned a huge range of skills – we found ourselves doing everything from setting up backdoors and stealing WordPress credentials to delivering […]

How I became a Linux person

I used to swear by macOS, but in recent years I found performance dropping and frustration growing. Luckily, my eyes were opened to what a great alternative Linux has become. Since 2009, I’ve been a pretty consistent user of macOS – or OS X, as it was called until recently. Windows was the ugly, unsecure […]