image Photo by Marcin Kempa] on Unsplash

Proactive Security and Threat Modeling

Manifestos have become a mainstay of information technology with everyone publishing a manifesto articulating the what a group of people subscribe to; generally of the form “we prefer this, over that”. __ InfoSec is no different and this week we had a Threat Modeling Manifesto — this is key as threat modeling is the cornerstone of proactive information security management so well worth a read.

Retail Targeted Attacks

Attacks during the holiday season on retail organisations have become common place; not wanting to be left out there is a new variant of Grelos out in the wild.

New Hoover, New Threat

Researchers have found a way to use the LiDAR, or Light Direction and Ranging tech found in a vacuum cleaner as a listening device. Which in itself serves as a warning about what you should and should not allow into your house.

Emotion during a cyber attack

Incident Response is as much about manging your emotion during the incident; The Register has posted some sage advice that will both help you get through the incident and save your sanity.

Security by Obfuscation?

In a typically technical article Bruce Schneier posts about indistinguishability obfuscation a term that was new to me, perhaps also to you?

Invisibilia Dei

The US DoJ has made the call to call out the identity of hacker:

Andrey Turchin, age 37, is charged with conspiracy to commit computer hacking, two counts of computer fraud and abuse (hacking), conspiracy to commit wire fraud, and access device fraud.

In gitconnected, Kevin Gabeci goes on to talk about Turchin’s organisation and MO; interesting read given the DoJ’s desire to bring the force of the US government down upon Turchin.

Threat Actor disrupting diplomatic efforts between Vatican City and China

Proofpoint posts a detailed breakdown of the resumption of activities by Advanced Persistent Threat they describe as TA416; these threat actor appears to focus on disrupting diplomatic relations between the Vatican City and nation states.

Evidence-based Trust

In an increasingly data driven world, it is no longer sufficient to base trust upon feelings or faith in a brand. What strikes me about this article is the absence of commentary about Observability being a key component of that evidence.


We’ve all done it, we’ve clicked a link, then thought better of it. Companies like GoDaddy are a big prize and it seems that this week gone by they have been caught out and ended up handing over control of sensitive domains to bad actors.

Payday Loans

The Register posted an interesting feature on vulnerabilities in affiliate networks leaving your details in the open for many years.


Checkpoint provides a timely reminder that unofficial app stores don’t afford the same protection as Google Play, etc. In fact they found multiple apps which would fraudulently subscribe the unwary user to premium rate services.

Death by Cyberattack

Seeing TCP RST in your logs?

Johannes Ullrich posts on the SANS blog about seeing TCP reset’s in your logs and how to interpret it.

Attacks against retail: Gift Card Hacks

It’s that time of year again where the Retail Industry is in the spotlight not because of that great deal on a Sonos but because cyberattacks use the surge in traffic to target retail businesses. Sophos has a great article on an attack against gift cards which pose a unique challenge for retailers.

What does 2021 have in store?

Started thinking about 2021, no me neither, however CISOs across the world are starting to make plans about how they will tackle next year, cshub spills the beans.