Hello World! So, this is going to be a fun one. Lots to cover as we jump into what social engineering is and why it works. Let us get started by listing the names that we give to these types of attacks. There are many terms used somewhat interchangeably, they include but are not limitedContinue reading “Con games: How do they do it?”
Category Archives: Cyber Security
Hertzbleed (CVE-2022-23823 and CVE-2022-24436)
Hello World! On June 14th 2022, a new family of side-channel attacks, frequency based, were disclosed to the public. The method is quite technical and above my level of understanding in places, additionally there isn’t anything the majority of people need to do. BUT! There is a way this has potential to affect many peopleContinue reading “Hertzbleed (CVE-2022-23823 and CVE-2022-24436)”
TryHackMe h4cked – A Guide.
This is an easy room on TryHackMe, consisting of an analysis of a simple attack and using the attackers’ own methods to break back into the machine. You won’t find any flags here, or in any of my posts. If you already know what to do and are using this for easy answers, then youContinue reading “TryHackMe h4cked – A Guide.”
1 Year! – Learning together.
Hello World! It’s been over a month since my last post, it’s been busy. A constant desire to learn new things is something that can be hard to manage. Without a main goal it can be hard to choose the path you want to take, and this industry is truly endless. Off the back ofContinue reading “1 Year! – Learning together.”
MITRE ATT&CKcon 3.0
Hello World! A very brief post, over the last couple days I attended ATT&CKcon 3.0. It was full of brilliant talks and interesting people. A talk from educators in the social sciences sector and their students from high school to postgrads. Demonstrating a social engineering attack and mapping it to the matrix, that was oneContinue reading “MITRE ATT&CKcon 3.0”
Multi-factor authentication: What’s all the fuss?
Hello World! Here it is, what all the cool kids are talking about… even a passwordless future. The things these security keys can do in the way of certificates and biometrics are evolving with increasing pace. They will very likely become a primary authentication method soon. But that’s not now… I’ll start by giving theContinue reading “Multi-factor authentication: What’s all the fuss?”
Hello World! Building on my misconfiguration of security keys, I had to use a backup code for the first time ever today. I cannot stress enough the importance of these codes for your accounts that have multi-factor authentication. Write them down and keep them in a safe place, they could really save your skin. EspeciallyContinue reading “Backup codes!”
That wasn’t supposed to happen…
Hello World! I’ve successfully broken a YubiKey and locked myself from the accounts, it’s not completely broken it just needs to be reset but what a pain in the backside. This is why I have my backup key, meaning this is nothing but an inconvenience to me. I was trying to setup my YubiKey withContinue reading “That wasn’t supposed to happen…”
KeePass and the argument for password managers.
[Update 11th May 2022: I am going to be making changes soon to improve readability of this post, I understand it’s a little more complex than what I am aiming for.] Passwords: So, let’s start off with the most important question, what makes a good password? Passwords should be at least 14 characters in length.Continue reading “KeePass and the argument for password managers.”
Coming Soon – Home/Internet security guides.
Hello World! Coming soon will be guides on improving your security, soon I will take a look at protecting your accounts from takeover. Aiming these guides at the home user who is curious, I want these guides to feel friendly and to explain things from my perspective, how I do things. I don’t want itContinue reading “Coming Soon – Home/Internet security guides.”