A brief discussion of this report from Sky News on some Iranian cyber research reports. https://news.sky.com/story/irans-secret-cyber-files-on-how-cargo-ships-and-petrol-stations-could-be-attacked-12364871 This reports are clearly first stage fact-finding and brainstorming, the very earliest stage of capability development. They reveal only initial cursory preliminary analysis of potential vulnerabilities to exploit for cyber effects operations. Comprehensive actual hands-on testing of the target […]
Regarding the Kaseya Attack, Some Answers
Another spectacular raid by Russian ransom where gangs prompted a series of interesting questions by Catalin. I thought it would be worthwhile to address them. Here is the thread with the questions. I have inlined them below with my responses. Some questions in regards to the Kaseya incident: -How did REvil learn of the VSA […]
Not all exploits are “grey in the dark”
Capabilities are not interchangeable, nor are they all equal. This seems obvious, and yet not everyone agrees (apparently). In this article about the six 0day exploits patched on June 7 2021, we have the following line: Kevin Breen, director of cyber threat research at Immersive Labs, said elevation of privilege flaws are just as valuable […]
- 1
- 2
- 3
- …
- 21
- Next Page »