Research

The worrying case of the Su-A-Cyder sandjack attack

Davey Winder Research Apple, Hacking, iOS, iPad, iPhone, Sandjack, Vulnerability 0

We get inside the tale of the iOS SideJacking app vulnerability that Apple knows about but hasn’t patched yet. Are you sitting comfortably? Then we’ll begin.

The Cybermatic: how automatic cybercrime became monetized

Davey Winder Cybercrime, Hacking, Research DDoS, Exploit kits, Script kiddie 0

There are some handy hackers out there, no doubt; but hacking by hand is becoming an increasingly scarce commodity with the rise of automatic cybercrime.

Is biometric bonce authentication really a thing?

Davey Winder News, Research Authentication, Biometric, passwords 0

Forgotten your password? A new form of biometric authentication technology is looking into using your skull, and not fingerprints, to log you in.

Where are all the women in cybersecurity?

Davey Winder Research Cybersecurity, Equality, Industry, Women 0

According to the Women’s Society of Cyberjutsu only 11 per cent of those working in the cybersecurity industry worldwide are women. That is, frankly, a shocking statistic.

The Poseidon misadventure: inside a targeted attack group

Davey Winder Research attack, Backdoor, Hacking, payload, Phishing 0

In the Poseidon Adventure movie, passengers aboard a cruise ship struggle to survive after a tidal wave strikes. Those enterprises hit by the Poseidon APT Group must know how that feels.

Mapping the cybersecurity threatscape for 2016

Davey Winder Research Cloud, Cybersecurity, DDoS, Malware, Ransomware, Threatscape 0

If you want to get a real-world handle on how the cybersecurity threatscape is being shaped, and therefore understand both threat evolution patterns and the best methods to mitigate against the resulting attacks, quarterly research reports are your best bet.

Research reveals Android device security lacks update inertia

Davey Winder Research Android, Patch, Smartphone, Update 0

University of Cambridge researchers found, “on average 87.7% of Android devices are exposed to at least one of 11 known critical vulnerabilities.”

Steganography: the art of concealment

Davey Winder Research Concealment, exploit, Malware, Steganography, Tor, Trojan 0

Last year security vendor AVG researchers discovered that a popular banking Trojan, a Vawtrak variant, was using steganography as a method of obfuscating update files.

Malvertising, ad blockers, revenue streams and you

Davey Winder Research exploit, Malvertising, Malware, payload, Vulnerability 0

Just as malware is malicious software, so we have malvertising, which is malicious advertising. Unlike malware though, malvertising can literally eat away at your revenue stream if you are an online content provider.

Google Nexus 6P security teardown

Davey Winder Research Android, Apple, apps, exploit, Fingerprint scanner, Mobile, Nexus 6P, Smartphone, Vulnerability 4

The Google Nexus 6P has finally started shipping in the UK, and here at IT Security Thing we have got our hands on one to do a Google Nexus 6P security teardown.