WinRAR Vulnerability: A Vintage Threat

For users with might consider themselves of a certain ‘vintage’, they will almost certainly have come across the archiving/zipping tool WinRAR in their cyber travels. For those that don’t know, in medieval times, the ability to compress and uncompress (zip/unzip) files and folder wasn’t natively baked-in to Windows and other operating systems. If you want…

Read more

Backstory, Splunk’s Nemesis?

While ‘Bricktop’ from the film Snatch might his own idea of what “what “nemesis” means”, the dictionary defines it as “punishment or defeat that is deserved and cannot be avoided” Now I don’t know if Splunk deserve punishment but I do know their pricing is extortionate so anything that shakes up the SIEM market can…

Read more

Security Awareness Training

A large customer of Seguro was interested in raising awareness of cyber security with some of its staff members after they were targeted by phishing campaigns. We provided a tailored version of our Cyber Security Awareness Basics course for a small initial group. In terms of the impact of the training, the users have successfully…

Read more

The BA breach – where did it go wrong?

The British Airways breach that ran between August and September 2018 caused a small stir in the media but was in fact distinctly different from many of the breaches we hear about. Firstly, most data breaches are a “heist” – criminals break in to a system, identify files, databases and intellectual property of value (whether…

Read more

The Art of Sheep Dipping

We were approached by a customer with concerns around the use of flash drives in their company, both in terms of the introduction of malware and exfiltration of data. After discussion with managers, staff and security personnel, we designed a solution that encompassed a mix of technology, company policys and some re-training. The result was…

Read more

Webcam Cover Up

A question we’re frequently asked is around the threat posed by webcams. Actually its rarely phrased as a question but rather an assumption along the lines of “You don’t really need to cover webcams though do you?”. Alas at this point we take a collect breath and prepare to tell people something they’d rather not…

Read more

Hacking Phase 2: Enumeration

It never ceases to amaze us that people’s perception of hacking is very rarely close to the reality, probably in most cases down to sensationalism and the film industry. Films tend to either paints hackers as socially awkward geeks or fanatical villains (such as Raoul Silva) who write an AI or build a super computer…

Read more

Spam Bot Hall of Shame

After seeing some of the awful attempts at bot-driven comments made to link to websites (presumably to drive SEO), we decided to start keeping a log of them. We figure it may help others identify suspicious comments and – well – it was kind of fun to see how bad they are. I am extremely…

Read more