Team PR’s Pick of the Best InfoSec blogs of 2016

Our choice of the best Information Security Blogs of 2016
We asked our seasoned Cyber Security specialists to choose their top InfoSec blogs from last year. The result is a hand-picked box of cyber security treasures for your delectation.
Backslash Powered Scanning: Hunting Unknown Vulnerability Classes
An interesting post by James Kettle of Portswigger Web Security on an alternative approach for fuzzing applications. One of the more notable techniques from last year and great for those looking to enhance their tool-set and skills: Backslash Powered Scanning: Hunting Unknown Vulnerability Classes
From zero to SYSTEM on full disk encrypted Windows system
By Nabeel Ahmed, Security Researcher, Ethical Hacker and Bug Bounty hunter. Our expert commented: “A really nice 2 part blog series on the ability of an attacker with physical access to an Active Directory integrated system (with full disk encryption) and subsequently performing a multifaceted attack to take their access to the system from nothing to a full system compromise.”
From zero to SYSTEM on full disk encrypted Windows system (Part 1)
From zero to SYSTEM on full disk encrypted Windows system (Part 2)
PoshC2 – a post exploitation tool
One of our senior consultants said that SteelCon smashed expectations and delivered an awesome conference in July. One of the best talks was by Nettitude Labs, where they looked at a post exploitation tool called PoshC2.
Read about it here: What is PoshC2? and more here: GitHub Nettitude PoshC2 – Powershell C2 Server and Implants
Hacking the Nissan Leaf
Although not strictly a blog, this YouTube video by Scott Helme was one of team PR’s favourite research pieces from last year: Hacking the Nissan Leaf – Scott Helme
You can access the slide deck for Hacking the Nissan Leaf (see 15-17 July 2016) together with other talks by Scott Helme here: Scott Helme Talks
What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.
Although this blog post hails from 2015, one of our Pentesters deemed it worthy of inclusion, saying it was probably the best he’d read in a long time (and he’s read a lot).
It’s by @breenmachine and was published by FoxGlove Security: What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.
It highlighted a critical vulnerability in Java applications that’s useful on both application and network tests. Essentially MS08-067 for Java. This cheat sheet shows the variety of products affected by the issue: /Java-Deserialization-Cheat-Sheet
All websites have something of value for attackers: reputation
Among other things, this piece by Troy Hunt debunks the assumption that websites which serve purely as brochures are of no interest to attackers and are therefore unlikely to be exploited.
Our cyber sec colleague commented: “It describes the motives behind why cyber criminals attack websites – it’s not just about the data they can acquire. Nefarious use by hackers presents risks to reputation.”
All websites have something of value for attackers: reputation
Don’t Toy With The Dark Web, Harness It
Published by Dark Reading. Our cyber specialist commented: “Sometimes we forget to lock our doors, because we’re oblivious to the dangers that may be lurking nearby.
“When thinking about information security in our online lives, the popular opinion is that danger lies in the dark corners of the web. In fact the most common trap by which criminals deceive people is by using everyday tools – just think of phishing emails.”
Don’t Toy With the Dark Web, Harness It
Bluetooth POS skimmers hitting the wild
Another of our exec team selected this post by Doug Olenick of SC Media. It helped raise awareness of POS skimmers as the tactic starts to proliferate: Bluetooth POS skimmers hitting the wild
UK’s Financial Hub London Under Massive Ransomware Attacks
This blog by Uzair Amir for Hackread looks at paying ransoms with bitcoins, raising the question: is this another breach disclosure avoidance tactic by banks? UK’s Financial Hub London Under Massive Ransomware Attacks
Free and Open Source Cyber Security Learning
This was our Systems Administrator’s pick of the year, who said that whilst it’s not a blog, it is a first class resource for those looking to move into IT or develop their skills. Cybrary provide training courses on all elements of IT, free of charge.
Our sysadmin commented that it’s his regular go-to place: Cybrary Free and Open Source Cyber Security Learning
The Difference Between Red, Blue, and Purple Teams
This was the choice of our marketing team. They liked the clarity of the writing and enjoyed the subject matter.
Confusion can reign over the differences between cyber security teams – Daniel Miessler’s blog neatly clears it up: The Difference Between Red, Blue and Purple Teams
Enumerating Domain account names using Kerberos within Metasploit
We accept we might be a little biased here, as this blog was written by one of our own cyber security experts. We like to think we hit the mark however, as it was our top post from last year and shared with thousands of readers across the globe: Kerberos: Enumerating Domain Usernames
If you’d like to appoint our team to help with any element of your information security, or just to talk through any knotty security issue, you’re welcome to contact us.