This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Information Security

Everything I’ve learned about IT security, recent incidents and people in the space.

2 - Applications

Security properties and analyses of specific applications

Threema

Cryptanalysis uncovering 7 attacks from 3 different vectors

Attack models employed:

  • Network Attacker
  • Compromised Server
  • Compelled Access

3 - Attacks

Everything about attack vectors

Phishing & Spear Phishing

Malware

Vulnerabilities

Unsecured Networks

Application Attacks

SQL Injection

Cross-Site Scripting (XSS)

Remote Code Execution (RCE)

Cross-Site Request Forgery (CSRF)

Sub-domain Takeover

https://developer.mozilla.org/en-US/docs/Web/Security/Subdomain_takeovers

Impacts

  1. Browser can be polluted using a cookie bomb, leading to any web page at the domain being unavailable.

4 - Incidents

Interesting and recent IT security incidents

SCARLETEEL: Operation leveraging Terraform, Kubernetes, and AWS for data theft

February 28, 2023

The Sysdig Threat Research Team recently discovered a sophisticated cloud operation in a customer environment, dubbed SCARLETEEL, that resulted in stolen proprietary data.

[…]

This attack was more sophisticated than most, as it started from a compromised Kubernetes container and spread to the victim’s AWS account. The attackers also had knowledge of AWS cloud mechanics, such as Elastic Compute Cloud (EC2) roles, Lambda serverless functions, and Terraform.

Attack on German Schools in Karlsruhe

February 14, 2023

As a mitigation the IT systems of the affected schools had to be shut down completely.

VMware ‘ESXiArgs’ Ransomware Attack

February 6, 2023

Reddit Phishing Attack

February 5, 2023

https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/

6 - Media

Interesting articles, blog posts, podcast episodes etc.

7 - People

Notable people in the infosec community

General Security

Cryptography