Mindblown: a blog about philosophy.
-
Facebook helps you determine whether emails really came from its servers
There are many good reasons to criticize Facebook for its collecting of our personal data, but the company also deserves credit for being at the forefront when it comes to online security. The company has long had a generous bug bounty program , can send PGP-encrypted notifications, and has even set up a .onion version…
-
VB2017 videos on attacks against Ukraine
(In)security is a global problem that affects every country in the world, but in recent years, none has been as badly hit as Ukraine. The most well known malware that affected the country is (Not)Petya, a ransomware/wiper threat that had global impact (it cost shipping firm Maersk alone $300m in lost revenues ), but which…
-
Facebook helps you determine whether emails really came from its servers
There are many good reasons to criticize Facebook for its collecting of our personal data, but the company also deserves credit for being at the forefront when it comes to online security. The company has long had a generous bug bounty program , can send PGP-encrypted notifications, and has even set up a .onion version…
-
Vulnerability disclosure and botnet takedown not to be hindered by Wassenaar Arrangement
I have never been too keen on making comparisons between (advanced) cyber attacks and conventional war, as such comparisons tend to ignore the enormous human cost that comes with wars. That said, digital weapons do play an important role in global conflicts, military or otherwise, and thus it makes sense for them to be covered…
-
Vulnerability disclosure and botnet takedown not to be hindered by Wassenaar Arrangement
I have never been too keen on making comparisons between (advanced) cyber attacks and conventional war, as such comparisons tend to ignore the enormous human cost that comes with wars. That said, digital weapons do play an important role in global conflicts, military or otherwise, and thus it makes sense for them to be covered…
-
VB2017 paper: Nine circles of Cerber
Earlier this week, we published the video of a VB2017 presentation on the Spora ransomware. Spora is hardly alone in this prominent threat type though, and one of the other major names in the world of ransomware is Cerber, which operates a successful affiliate scheme, making it ‘The McDonald’s of the underworld’. Last year, Check…
-
VB2017 paper: Nine circles of Cerber
Earlier this week, we published the video of a VB2017 presentation on the Spora ransomware. Spora is hardly alone in this prominent threat type though, and one of the other major names in the world of ransomware is Cerber, which operates a successful affiliate scheme, making it ‘The McDonald’s of the underworld’. Last year, Check…
-
Attack on Fox-IT shows how a DNS hijack can break multiple layers of security
Every company will, sooner or later, get hacked and we should judge them by how they respond. With that in mind, Fox-IT , which writes in great detail about how a DNS hijack was used to man-in-the-middle its customer portal, should be judged favourably. The company’s report on the incident also provides some important lessons,…
-
Throwback Thursday: BGP – from route hijacking to RPKI: how vulnerable is the Internet?
Yesterday, a ‘ mysterious event ‘ involving BGP, the Internet’s border gateway protocol, led to the traffic to many popular websites being routed for around six minutes. BGP hijacks – the Internet equivalent of changing traffic direction signs – are not very common but occur more often than one would expect for a technology that is…
-
Attack on Fox-IT shows how a DNS hijack can break multiple layers of security
Every company will, sooner or later, get hacked and we should judge them by how they respond. With that in mind, Fox-IT , which writes in great detail about how a DNS hijack was used to man-in-the-middle its customer portal, should be judged favourably. The company’s report on the incident also provides some important lessons,…
Got any book recommendations?