The Explain The Humans series takes a look at common components of psychology and makes sure your security awareness program is aligned with the way real people work, learn and interact. The series will be heavily supported by the expertise …
Trust in SMS
Before we get into this blog, can we please just take a second to fondly remember the fallen… for many of us the source of this modern world we now feel so familiar with. You might not remember the the …
Those Who Cannot Remember The Past
Information security is a fast paced industry. Everyday, people are dropping exciting projects on GitHub, data breaches keep journalists in work, universities teach the next generation of practitioners and security companies churn out invoices. It’s all frenetic, it’s a turbo …
Pyrotechnic Pretexts
We recently saw a video posted by the London Fire Brigade on Twitter and it got us thinking. I’m sure followers of the blog know just what we thought already… It’s probably best to rate the London Fire Brigade on …
Phishing danger is just a hyphen away.
Followers of the blog will know that I’m not a fan of SMS. It’s spoofable, it’s hackable, it’s from 1981. I can’t even have a meal out in peace without finding SMS weaknesses that take over some random service. So …
InfoSE – Getting Social
Hosting a meet up in 2019 was a rather easy affair. You put the word out to your friends and peers, dropped a little hype on social media and headed to M&S to grab some snacks and few bottles of …
Guest Blog: Ed Tucker
In this guest blog we speak to Ed Tucker (@teddybreath). There is more to this dark horse than CISO of the year and I reckon he has a few tips up his sleeve for organisations. Let’s give him a shake …
How We Could Chat On Your WeChat
For those of you wanting a technical debrief of what happened, this blog might not be for you. I actually want to focus on something completely different. Please take the TL;Dr and be on your merry way. This is a …
How Low Will They Go?
True to form, cybercriminals are out in force trying to exploit the recent COVID issue. According to Action-Fraud, they have already netted close to £970,000 from UK victims. Source: Why use COVID-19 in scams? In phishing simulations, we see a …
Action For Fraud Victims
According to reputable sources, around 95% of the cases reported to Action Fraud are left unsolved. It’s unsure at which step of the journey the case could get shelved – but sadly the figures don’t make for good reading. Take …
Turned Off By Ofcom
In July 2019, Ofcom introduced a new way to handle number portability for UK customers. The idea was a simple one, make it possible for people to text ‘PAC’ to 65075 and within seconds a SIM porting request is in …
Goodbye HTTP?
It’s now long a long established fact that HTTP is insecure. For those who don’t know, your data isn’t securely encrypted when sent between your device and the website. The lack of security means cybercriminals can easily take a copy …
Screeching at a Poster
You might have missed last weeks incident on Twitter. It started off as a casual bit of annoyance, but quickly escalated in to a full on witch hunt for the Police. For those of you hiding under a rock and …
Explaining Physical Social Engineering
The world of Red-teams and Social Engineering can be quite insular. As someone who founded The AntiSocial Engineer Limited, I know that was almost part of the design and philosophy at the time. We weren’t interested in doing things like …
Cocaine & Credentials
I recently had the pleasure to watch a talk at BSides Leeds by Darren Martyn. He’s a security researcher who really understands the criminal ecosystem of stolen credentials. The talk focussed on ‘scum lords’, the term he chooses for those …
Cyber Security Terminology
Get to know some useful cybersecurity terminology!
Modus Operandi
Hackers and cybercriminals are often dubbed to be same nefarious character. Hackers are skilled individuals, sometimes without releasing what good they can do with their skills. But what really motivates someone to become a cybercriminal.
Disregard For Data
We used to report data concerns to companies in the most archaic manner. We became efficient and employed tools such as Spiderfoot HX to help us scale up this discovery processes. We then tried to streamline reporting and even made …
The AntiSocial Engineer Newsletter
Hello! I am Richard, the founder of The AntiSocial Engineer Limited and I wanted to introduce the new AntiSocial Newsletter. The team and I have waited several years to release a newsletter due to the desire to really make them …
VPNs for Normal People
It’s been quite a week in the media for VPN providers. Two large companies have had breaches of security in some way or another and the industry dumpster fire has had a fresh poke and a few new logs chucked …