Team PR’s Pick of the Best InfoSec blogs of 2016

Team PR’s Pick of the Best InfoSec blogs of 2016

Our choice of the best Information Security Blogs of 2016

We asked our seasoned Cyber Security specialists to choose their top InfoSec blogs from last year. The result is a hand-picked box of cyber security treasures for your delectation.

Backslash Powered Scanning: Hunting Unknown Vulnerability Classes

An interesting post by James Kettle of Portswigger Web Security on an alternative approach for fuzzing applications. One of the more notable techniques from last year and great for those looking to enhance their tool-set and skills: Backslash Powered Scanning: Hunting Unknown Vulnerability Classes

From zero to SYSTEM on full disk encrypted Windows system

By Nabeel Ahmed, Security Researcher, Ethical Hacker and Bug Bounty hunter. Our expert commented: “A really nice 2 part blog series on the ability of an attacker with physical access to an Active Directory integrated system (with full disk encryption) and subsequently performing a multifaceted attack to take their access to the system from nothing to a full system compromise.”

From zero to SYSTEM on full disk encrypted Windows system (Part 1)

From zero to SYSTEM on full disk encrypted Windows system (Part 2)

PoshC2 – a post exploitation tool

One of our senior consultants said that SteelCon smashed expectations and delivered an awesome conference in July. One of the best talks was by Nettitude Labs, where they looked at a post exploitation tool called PoshC2.

Read about it here: What is PoshC2? and more here: GitHub Nettitude PoshC2 – Powershell C2 Server and Implants

Hacking the Nissan Leaf

Although not strictly a blog, this YouTube video by Scott Helme was one of team PR’s favourite research pieces from last year: Hacking the Nissan Leaf – Scott Helme

You can access the slide deck for Hacking the Nissan Leaf (see 15-17 July 2016) together with other talks by Scott Helme here: Scott Helme Talks

What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.

Although this blog post hails from 2015, one of our Pentesters deemed it worthy of inclusion, saying it was probably the best he’d read in a long time (and he’s read a lot).

It’s by @breenmachine and was published by FoxGlove Security: What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.

It highlighted a critical vulnerability in Java applications that’s useful on both application and network tests. Essentially MS08-067 for Java. This cheat sheet shows the variety of products affected by the issue: GrrrDog/Java-Deserialization-Cheat-Sheet

All websites have something of value for attackers: reputation

Among other things, this piece by Troy Hunt debunks the assumption that websites which serve purely as brochures are of no interest to attackers and are therefore unlikely to be exploited.

Our cyber sec colleague commented: “It describes the motives behind why cyber criminals attack websites – it’s not just about the data they can acquire. Nefarious use by hackers presents risks to reputation.

All websites have something of value for attackers: reputation

M-Pin: A Multi-Factor Zero Knowledge Authentication Protocol

Our Managing Director chose this piece by MIRACL Labs, where Dr Michael Scott shares interesting developments for a passwordless future: M-Pin: A Multi-Factor Zero Knowledge Authentication Protocol

Don’t Toy With The Dark Web, Harness It

Published by Dark Reading. Our cyber specialist commented: “Sometimes we forget to lock our doors, because we’re oblivious to the dangers that may be lurking nearby. 

“When thinking about information security in our online lives, the popular opinion is that danger lies in the dark corners of the web. In fact the most common trap by which criminals deceive people is by using everyday tools – just think of phishing emails.”

Don’t Toy With the Dark Web, Harness It

Bluetooth POS skimmers hitting the wild

Another of our exec team selected this post by Doug Olenick of SC Media. It helped raise awareness of POS skimmers as the tactic starts to proliferate: Bluetooth POS skimmers hitting the wild

UK’s Financial Hub London Under Massive Ransomware Attacks

This blog by Uzair Amir for Hackread looks at paying ransoms with bitcoins, raising the question: is this another breach disclosure avoidance tactic by banks? UK’s Financial Hub London Under Massive Ransomware Attacks

Free and Open Source Cyber Security Learning

This was our Systems Administrator’s pick of the year, who said that whilst it’s not a blog, it is a first class resource for those looking to move into IT or develop their skills. Cybrary provide training courses on all elements of IT, free of charge.

Our sysadmin commented that it’s his regular go-to place: Cybrary Free and Open Source Cyber Security Learning

The Difference Between Red, Blue, and Purple Teams

This was the choice of our marketing team. They liked the clarity of the writing and enjoyed the subject matter.

Confusion can reign over the differences between cyber security teams – Daniel Miessler’s blog neatly clears it up: The Difference Between Red, Blue and Purple Teams

Enumerating Domain account names using Kerberos within Metasploit

We accept we might be a little biased here, as this blog was written by one of our own cyber security experts. We like to think we hit the mark however, as it was our top post from last year and shared with thousands of readers across the globe: Kerberos: Enumerating Domain Usernames

If you’d like to appoint our team to help with any element of your information security, or just to talk through any knotty security issue, you’re welcome to contact us.

Related Content

PRCON 2011
Announcements

PRCON 2011

Whilst we are ardent supporters of maintaining a healthy balance between work and life and well awar...

Welcome to the Perspective Risk Blog
Announcements

Welcome to the Perspective Risk Blog

The Perspective Risk blog has been created to provide information security resources to the penetrat...