In support of the Digital Leaders ‘Cyber Resilience Week’ Richard will be speaking at two events: Monday 11th September 2017 – The DeMontfort University in Leicester – http://digileaders.com/events/securing-business-digital-age Thursday 14th September 2017 – Chelsea Football Club – http://digileaders.com/events/securing-business-digital-age-2 The days will be …
The Making of a Drop Box
A drop box is a small computer designed to be connected to a corporate network, once connected it should enable attackers remote access to the network through a variety of methods. We have seen similar devices used in the wild …
Malicious Packets
Recently we had quite an interesting engagement and we have been allowed to share some of the details! Objective: Gain physical entry to a building for the purpose of impromptu network penetration test and wireless testing. Company Arena: Global Offices, Finance, …
Exploiting Chrome Attacks to Educate Staff
Social engineering attacks can normally be quite deceptive and hard to understand, the attack should be a little like magic in the way a victim should be left questioning how you did it after it’s all over. Although as an industry …
Opening Up Fraudulent Invoices
We often talk about the unknown ‘attackers’ out to get us in the context of cyber security, but the majority of these types are not confrontational people – they barely deserve the term attacker. They hide in the shadows with …
A Special Partnership With The London Digital Security Centre
When you look at the past few years our business has really started with an idea and developed into something meaningful. It was designed to make a difference to the security industry and post-startup we have began to see the …
UK Parliament Cyber Attack
At the end of last week, news organisations started reporting of a ‘sustained and determined attack’ against the mailboxes of the 650 members of parliament and staff. In the initial release of information it is quite clear the login portal was …
Gibraltar Cyber Security Summit
We attended the Gibraltar Cyber Security Summit this week. It’s an initiative to bring together policing departments, local authority and cyber crime related experts. Speakers from the AFP, FBI, NCA, GCHQ and others took to the stage to transfer essential …
Google Ignored Warnings About Phishing Risks.
On Wednesday the 3rd May 2017 a Phishing campaign propagated across the internet affecting Google users. It was like nothing we’ve seen in recent years. Now the issue has been resolved and the risk mitigated it’s time for some reflection. …
Online AntiSocial Media
When we look at online social media, it has been adopted in one flavour or another by nearly all of us. The way we project our persona online has slowly replaced the media of yesteryear. Expression is nothing new; throughout …
Phishing Robots
So it turns out us humans aren’t the only ones with a few flaws when it comes to an inbound phishing email! Often uttered from the crowds at every infosec event is the dreaded cliché statement, “Well, humans are the weakest links …
Naughty Name Servers
It’s always DNS. If something has broken online the first step is normally checking what the DNS is doing. Similar when we try to discover all we can about an organisation in the recon stages of any assessment it’s also …
The ‘can you hear me’ scam
Last week you might have heard in the press about a phone scam that’s is supposedly sweeping the nation. The dreaded, super sneaky ‘Can you hear me’ scam. Fraudsters will ring you and ask the question “Can you hear me?”. …
Will they send a SMS or won’t they?
Recently I stumbled across a publication from HMRC, it stated the forms of communications they would use to contact the tax paying public. Example messages were displayed in an attempt to ‘whitelist’ communications. Basically, if you receive correspondence that looks …
Lawyers Must Recognise the Value of their Data
Whilst content in our 9 – 5 employment, slightly resentful that our personal activities aren’t getting the attention they deserve, it’s easy to forget about the true value of things around us – especially their inherent value to other walks …
Project ‘Sender ID’
Over 100 Billion SMS messages are sent per year in the U.K., whilst this figure continues to fall due to mobile device users opting to use alternative communication mediums such as WhatsApp, Facebook Messenger and Signal – we are still …
2017 and Beyond
It’s been 2 years to the day since The AntiSocial Engineer was founded; The seasonal timing and also the fact we seem to be doing enough right to pay the bills have made us sit down and question where we …
How to nearly buy Google.com for £8
As an English speaker, I mainly stick to Latin characters and some symbols that cover my day to day needs. I demand payment in £, I add a few &@! to my passwords and I am known to include the …
iMessage Preview Problems
In recent Apple iMessage updates, the way links are handled within an SMS message have changed significantly and this adaptation poses quite a concern for us. Early 2016 we were the first company in the UK to offer SMShing services, …
TalkTalk, one year later.
For nearly a year we have had a tale we’ve told to friends and business associates. The tale involves TalkTalk and how one day we found the data breach, alerted them and sparked the controversy that we all know to this …