Featured

Featured Infosec, Cybersec News & Awareness Articles. Including write-ups from our Cybersecurity Academy. Stay informed! Cybersecurity Starts With You!

Zero-day

Critical zero-day bug, first since Heartbleed, identified in OpenSSL

Just your average information security researcher from Delaware US.

OpenSSL has a new “critical” bug. But it’s a secret—until next month. Organizations have five days to prepare for what the OpenSSL Project on Oct. 26 described as a “critical” vulnerability in versions 3.0 and above of the nearly ubiquitously used cryptographic library for encrypting communications on the Internet. On Tuesday, Nov. 1, the project will …

Critical zero-day bug, first since Heartbleed, identified in OpenSSL Read More »

vulnerability

VMware bug with 9.8 severity rating exploited to install witch’s brew of malware

Just your average information security researcher from Delaware US.

Hackers have been exploiting a now-patched vulnerability in VMware Workspace ONE Access in campaigns to install various ransomware and cryptocurrency miners, a researcher at security firm Fortinet said on Thursday. CVE-2022-22954 is a remote code-execution vulnerability in VMware Workspace ONE Access that carries a severity rating of 9.8 out of a possible 10. VMware disclosed and …

VMware bug with 9.8 severity rating exploited to install witch’s brew of malware Read More »

cve-2022-38970

ieGeek Security Vulnerabilities still prevalent in 2022 IG20

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

Amazon’s “highly rated”, “recommended” ieGeek brand continues to present a number of security vulnerabilities. ieGeek Security Vulnerabilities On the 19th of Aug 2022 I set out to purchase a CCTV Camera from Amazon, I read over the reviews of the ieGeek IG20, and it seemed great, the value too. For just £29.99 I’d get myself …

ieGeek Security Vulnerabilities still prevalent in 2022 IG20 Read More »

Research: Preventative Approach Could Block 90% of Cyber-attacks

Hacking Campaign Steals 10,000 Login Credentials From 130 Different Organizations

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

A phishing campaign targeted Okta users at multiple companies, successfully swiping passwords from staffers and then using them to steal company secrets. Researchers say that a mysterious “threat actor” (a fancy term for a hacker or hacker group) has managed to steal nearly 10,000 login credentials from the employees of 130 organizations, in the latest …

Hacking Campaign Steals 10,000 Login Credentials From 130 Different Organizations Read More »

DDoS

Google mitigates largest DDoS Attack in History – Peaked at 46 Million RPS

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

Disclosed this week, was the 3rd HTTPS attack this year to get to 10s of millions of RPS, after two lower-volume assaults were mitigated by Cloudflare. The very first of them peaked at 15.3 million RPS, Cloudflare revealed in April, while the 2nd reached  26 million RPS, the web security company introduced in June. What makes these assaults stick out from the crowd …

Google mitigates largest DDoS Attack in History – Peaked at 46 Million RPS Read More »

Security researcher contacted me

A Security Researcher Contacted Me – What should I do?

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

Businesses say that they take the security of customer data seriously but, when presented with a vulnerability, are often more concerned about their own reputation than the security of their customers. Handle disclosure correctly and you can do both: protect your customers and protect your reputation. Do it wrong and you damage both. By far …

A Security Researcher Contacted Me – What should I do? Read More »

google chrome

Google Chrome extensions can be easily fingerprinted to track you online

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

A researcher has created a website that uses your installed Google Chrome extensions to generate a fingerprint of your device that can be used to track you online. To track users on the web, it is possible to create fingerprints, or tracking hashes, based on various characteristics of a device connecting to a website. These …

Google Chrome extensions can be easily fingerprinted to track you online Read More »

Doxing attacks

Doxing Attacks: From Hacker Tool to Societal Problem

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

The malicious attack known as doxing has gone far beyond hacker tools, with the threat now extending to most social media platforms and making nearly anyone a target. Today, doxing continues to be an intimidating prospect for digital users and is a mainstream data security problem. Online users can have a great deal of anonymity, but the growth of …

Doxing Attacks: From Hacker Tool to Societal Problem Read More »

hardening vps security

HARDEN YOUR VPS: Steps to Hardening your VPS Security

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
RiSec.n0tst3
Connect

A VPS server is a great hosting option if you want more control over your server without dishing out large amounts of cash for a dedicated server. There are two operating system options to choose from. You can either go with a Windows-based server or a Linux-based server. In this article, we will cover Windows Virtual Private Server security. After …

HARDEN YOUR VPS: Steps to Hardening your VPS Security Read More »