Skip to content
Skip to menu

DISC InfoSec blog

InfoSec and Compliance – With 20 years of blogging experience, DISC InfoSec blog is dedicated to providing trusted insights and practical solutions for professionals and organizations navigating the evolving cybersecurity landscape. From cutting-edge threats to compliance strategies, this blog is your reliable resource for staying informed and secure. Dive into the content, connect with the community, and elevate your InfoSec expertise!

Feb 09 2021

Beware of technical “experts” bombarding you with bug reports

Category: Bug Bounty — DISC @ 10:57 pm

Beware of technical “experts” bombarding you with bug reports

We’re all appalled at scammers who take advantage of people’s fears to sell them products they don’t need, or worse still products that don’t exist and never arrive.

Worst of all, perhaps, are the scammers who offer products and services that do exactly the opposite of what they claim – making their victims pay up simply to make them even easier to defraud in future.

Well-known cyberexamples of this sort of fraud include:

Fake technical support incidents. These are the web popups or the phone calls you get out of the blue that report ‘viruses’ on your computer, and persuade you to ‘hire’ the services of an online ‘expert’ to remove them. Often these victims are lonely, vulnerable, and particularly ill-placed to deal with the financial loss. The scammers then target those individuals repeatedly and, in some cases we have heard, with ever-increasing aggression.

Subscribe to DISC InfoSec blog by Email

Feb 09 2021

Malicious Chrome sync feature can help hackers steal your data

Category: Web Security — DISC @ 4:33 pm

Malicious Chrome sync feature can help hackers steal your data

Subscribe to DISC InfoSec blog by Email

Feb 09 2021

How Venturing Into The Shady Side of The Dark Web Will Most Likely Get You Scammed or Arrested

Category: Deepfakes,Web Security — DISC @ 12:36 pm

How Venturing Into The Shady Side of The Dark Web Will Most Likely Get You Scammed or Arrested

The internet has come to be so developed, complex and ‘intelligent’ that, at present, you could say it is alive (like Skynet or The Matrix predicted?). Billions of people are online, every day, using the internet for work, entertainment, advice, you name it -it’s probably on the internet. We are now in the age of Artificial Intelligence and Big Data (or A.I for short). This period is an evolution, a transformation in the digital industry. Not only are petabytes of data being circulated on the internet (millions of terabytes); with A.I and Big Data all of this data is being put to use. This is effectively teaching the internet about user behavior, increasing the knowledge-base and making the internet into a neural-network able to ‘think’ for itself.

That’s all fine and dandy, but what about the dark side of the internet? Well, the evolution of the internet has spread so wide on countless digital channels and platforms, that the need to regulate and police the internet has risen. On such a vast network, there are countless dark organizations and cybercriminals looking to use the practicality of the internet as a communication tool for illegal activity. This can mean hacking and stealing data in the virtual realm, and it can also translate to the worst kinds of illicit activity imaginable in the physical realm.

So, let’s look at what lies beneath, in the underground world beneath the internet which is called the Deep Web. Then we’ll go even deeper down, and find out why the Dark Web is a dangerous and hostile place.

Feb 09 2021

Microsoft to notify Office 365 users of nation-state attacks

Category: APT — DISC @ 10:01 am

Microsoft to notify Office 365 users of nation-state attacks

The new security alert will notify companies when their employees are being targeted by state-sponsored attacks.

Since this Saturday, the new alert service was added to the Microsoft 365 roadmap website.

“Nation state threats are defined as cyber threat activity that originates in a particular country with the apparent intent of furthering national interests. These attacks represent some of the most advanced and persistent threat activity Microsoft tracks.” reads the announcement published by Microsoft. “The Microsoft Threat Intelligence Center follows these threats, builds comprehensive profiles of the activity, and works closely with all Microsoft security teams to implement detections and mitigations to protect our customers. We’re adding an alert to the security portal to alert customers when suspected nation-state activity is detected in the tenant.”

Feb 08 2021

Security in the Digital World

Category: Information Security — DISC @ 11:32 pm

This must-have guide features simple explanations, examples, and advice to help you be security-aware online in the digital age. Learn how to: picture\4864.jpeg

* Keep your information secure

* Put the necessary controls on your home network, protecting your family from cyber crime

* Prevent identity theft when shopping online or using contactless payment

* Keep your children safe when using the Internet.

Security in the Digital World

Feb 08 2021

Holistic InfoSec For Web Developers

Category: Information Security,Web Security — DISC @ 11:22 pm

Holistic InfoSec For Web Developers: Physical and People (Fascicle 0) by [Kim Carter, Russ McRee, Leanne Carter, Simon Bennetts]

This book begins by taking the reader to the 30,000′ view, so you can start to see the entire security landscape. I then attempt to explain a very simple threat modelling approach that I believe Bruce Schneier created, called the Sensible Security Model (SSM). We take the learnings from the first chapter and apply them to lower levels. I detail how to setup a security focussed distribution with all the tools and configuration options required for working through the book. We then walk through the Process and Practises that the attacker often execute, and we take the learnings from that and train the defenders on how they can bring the finding of defects from the most expensive place to the cheapest place, within your Sprint cycles.

The rest of the book focusses on the specific area on the cover of this book.

My intention with “Holistic Info-Sec for Web Developers” is in many ways to help you answer your own questions and show you that creating systems and arming people to withstand the types of attacks commonly encountered today is not our of reach of mere mortals. That by simply lifting the lower hanging fruit for an attacker often means they will move on to an easier target. Unless they are specifically targeting you. In which case you should find many of the risks and countermeasures I address, affective for increasing the difficulty for your attacker, and thus dramatically increasing your chances of defence and counter-attack.

Fascicle 0 focusses on:

1. The chosen threat modelling approach
2. Setting up your tool-belt
3. The process of penetration testing
4. A collection of processes and practises formulated from penetration testing, useful for augmenting each and every Scrum Sprint
5. Physical and People security

Holistic InfoSec For Web Developers: Physical and People

Tags: InfoSec for Web Developer

Feb 08 2021

SonicWall Zero-Day

Category: Firewall,next generation firewall — DISC @ 4:01 pm

SonicWall Zero-Day

Feb 08 2021

Google launches Open Source Vulnerabilities (OSV) database

Category: Security vulnerabilities — DISC @ 3:57 pm

Google launches Open Source Vulnerabilities (OSV) database

Google last week announced the OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects.

The database aims at helping both open source maintainers and consumers of open source projects.

The archive could allow users and maintainers of open-source software to find the vulnerabilities that affect them, providing detailed info about versions and commits impacted by the issues. Maintainers of open source software could benefit of OSV’s automation to reduce the burden of triage.

“We are excited to launch OSV (Open Source Vulnerabilities), our first step towards improving vulnerability triage for developers and consumers of open source software.” reads the post published by Google. “The goal of OSV is to provide precise data on where a vulnerability was introduced and where it got fixed, thereby helping consumers of open source software accurately identify if they are impacted and then make security fixes as quickly as possible.”

At the time of the launch, the database only includes vulnerabilities from OSS-Fuzz (mostly C/C++), but Google plans to add more data sources soon (e.g. npm Registry and PyPI).

OSV already includes information on thousands of vulnerabilities from more than 380 critical open source projects integrated with Google’s OSS-Fuzz fuzzing service.

“OSV is a vulnerability database for open source projects. It exposes an API that lets users of these projects query whether or not their versions are impacted.” reads the description of the project.

“For each vulnerability, we perform bisects to figure out the exact commit that introduces the bug, as well the exact commit that fixes it. This is cross referenced against upstream repositories to figure out the affected tags and commit ranges.”

The OSV database exposes a simple API to query for vulnerabilities, maintainers and users could provide a git commit hash or a version number to receive the list of vulnerabilities that are present for that version.

Feb 07 2021

COMB breach: 3.2B email and password pairs leaked online

Category: Email Security,Security Breach — DISC @ 11:48 pm

COMB breach: 3.2B email and password pairs leaked online

Feb 07 2021

Experts found critical flaws in Realtek Wi-Fi Module

Category: Wi-Fi Security — DISC @ 12:25 am

Experts found critical flaws in Realtek Wi-Fi Module

Critical flaws in the Realtek RTL8195A Wi-Fi module could have been exploited to gain root access and take over devices’ wireless communications.

Researchers from Israeli IoT security firm Vdoo found six vulnerabilities in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take control of a device’s wireless communications.

The Realtek RTL8195AM is a highly integrated single-chip with a low-power-consumption mechanism ideal for IoT (Internet of Things) applications in multiple industries.

The module implements an “Ameba” API to allow developers to communicate with the device via Wi-Fi, HTTP, and MQTT, which is a lightweight messaging protocol for small sensors and mobile devices.

Realtek supplies their own “Ameba” API to be used with the device, which allows any developer to communicate easily via Wi-Fi, HTTP, mDNS, MQTT and more.

“As part of the module’s Wi-Fi functionality, the module supports the WEP, WPA and WPA2 authentication modes.” reads the analysis published by the experts.

“In our security assessment, we have discovered that the WPA2 handshake mechanism is vulnerable to various stack overflow and read out-of-bounds issues.”

WiFi Security #WiFiSecurity #WiFiVulnerabilities #WiFHacks

Feb 06 2021

Hackers abuse Plex Media servers for DDoS amplification attacks

Category: DDoS — DISC @ 1:21 pm

Hackers abuse Plex Media servers for DDoS amplification attacks

Tags: Amplification attacks

Feb 06 2021

Presidential Cybersecurity and Pelotons

Category: cyber security — DISC @ 12:16 pm

Presidential Cybersecurity and Pelotons

Feb 05 2021

Analyze suspicious files and URLs to detect types of malware

Category: Malware — DISC @ 4:53 pm

Tags: Analyze Malware, Analyze suspicious files, Analyze url

Feb 05 2021

LINUX GAME HACKING GUIDE 2021

Category: Linux Security — DISC @ 3:10 pm

LINUX GAME HACKING GUIDE 2021

Tags: game hacking

Feb 05 2021

Skype ‘spoofing vulnerabilities’ are a haven for social engineering attacks

Category: Security vulnerabilities,social engineering — DISC @ 12:17 pm

Microsoft doesn’t feel the bugs are important enough to fix immediately, although one researcher disagrees

Skype spoofing vulnerabilities are a haven for social engineering attacks

Several purported security flaws in Skype have been disclosed publicly, but Microsoft claims they do not need “immediate security servicing”.

On February 2, researcher “mr.d0x,” also known as “TheCyberSecurityTutor”, publicly disclosed a “plague” of spoofing vulnerabilities in the Microsoft-owned remote chat and video app.

The researcher first began examining Skype in the second week of January and quickly found that the application’s messaging functionality does not have adequate protection against tampering.

As a result, it is possible to spoof links, file names, file sizes, and shared contacts on thick clients, web sessions, and on mobile.

Content spoofing

According to the researcher, tampering is possible by sending content you want to spoof, intercepting subsequent requests, and forwarding with modified code – such as by modifying href and key attributes, as well as by intercepting spoofed content and changing values such as OriginalName, FileSize, and file extensions.

When it comes to spoofing shared contacts, this can be achieved by sharing a contact, intercepting the request, and modifying either the display name or username which will, in turn, be reflected to the recipient.

The researcher also accidentally uncovered a means to crash a conversation on thick and web clients. If “too many” tags are added to the content value, this will render a chat session unresponsive and “fully inaccessible” for both an attacker and victim.

Source: Skype ‘spoofing vulnerabilities’ are a haven for social engineering attacks, security researcher claims

Feb 05 2021

Chrome zero-day browser bug found

Category: Web Security,Zero day — DISC @ 10:20 am

Chrome zero-day browser bug found – patch now!

Tags: Chrome zero-day

Feb 04 2021

Smart meters and hackers

Category: cyber security,Grid Vulnerabilities — DISC @ 5:08 pm

Hackproofing smart meters

Tags: Smart meters

Feb 04 2021

9 Course Ethical Hacking Bundle

Category: Hacking,Information Security,Security training — DISC @ 3:30 pm

9 Course Ethical Hacking Bundle [PC/Mac Online Code]

Learn Ethical Hacking & Cyber Security with this training bundle This ’9 Course Ethical Hacking Bundle’ from Total Training is for beginners and IT pros looking to learn how to protect sites against cyber threats. Learn about Firewalls, Social Engineering, Cyber Anonymity, Cryptography, and more.

With this 9 Course Ethical Hacking Bundle, you will get the training you need to land an entry level Cyber Security position paying upwards of six figures! There are currently over a million Cyber Security job openings globally, and demand is greatly outpacing supply – which means more opportunity, job security, and higher pay for you!

9 Course Ethical Hacking Bundle

Courses Included:
Ethical Hacking: Social Engineering
Ethical Hacking: Recon and Footprinting
Ethical Hacking: Malware Development
Ethical Hacking: Honeypots, IDS and Firewalls
Ethical Hacking: Hacking Databases
Ethical Hacking: Hacking Applications
Ethical Hacking: Cyber Anonymity
Ethical Hacking: Cryptography for Hackers
Ethical Hacking: Wireless Hacking

Tags: Ethical Hacking, InfoSec training

Feb 04 2021

Another SolarWinds Orion Hack

Category: Hacking — DISC @ 3:14 pm

Another SolarWinds Orion Hack

Tags: backdoors, china, cyberespionage, FBI, Hacking, Russia, SolarWinds hack, supply chain

Feb 04 2021

Hackers accessed Stormshield data, including source code of ANSSI certified products

Category: Data Breach,data security,Hacking — DISC @ 12:47 pm

Hackers accessed Stormshield data, including source code of ANSSI certified products

« Previous Page — Next Page »