Interview with DIGIT

Interview with DIGIT

Social engineering and social media risks Here’s a link to an interview with DIGIT who organise the excellent Scot-Secure event in Edinburgh (among many other things).It focuses on social engineering in the context of social media reconnaissance, manipulation...
Can I borrow your swipecard?

Can I borrow your swipecard?

This case involves an accountancy firm based in South East England.  The firm had just lost a big client and as a result had to make some cuts which included letting a few members of staff go.   Jamie had been one of these staff members.  He was disgruntled to...
Can I borrow your swipecard?

Stay calm and (don’t) pay the hackers

This social engineering case study highlights how attackers can use curiosity, urgency and fear to manipulate victims into breaking company protocols and get a finance employee to willingly transfer £152,000 into the attackers bank account. Miranda worked in Finance...
Can I borrow your swipecard?

The enthusiastic law student

This case involves a law firm based in the south of England.  The firm was of a reasonable size and, like most law firms, held a lot of very sensitive customer data. One morning one of the solicitors received a Facebook message purporting to be from a young law...
Criminal Justice Evolution podcast

Criminal Justice Evolution podcast

Patrick Fitzgibbons was kind enough to invite me on to his US based Criminal Justice Evolution podcast.  We talked about the social engineering threats facing businesses worldwide, how cyber-crime is evolving and the difficulty law enforcement faces when tracking down...
The not-so-secret life of boarding passes

The not-so-secret life of boarding passes

Have you ever thought about what your boarding pass might say about you? I don’t mean “oh look at me, I’m flying in Emirates Business Class”, but what data you might be leaking publicly on that anachronistic piece of paper you discard in the seat in front of you....
The Prisoners Dilemma and Intelligence sharing

The Prisoners Dilemma and Intelligence sharing

Cybercrime is increasing year on year. The 2017 cyber breaches survey shows that almost half of UK firms have been hit by cyber breach or attack in the past year. Yet for private companies there appears to be a severe reluctance to share cyber intelligence and...
Equifax Leak

Equifax Leak

In the latest in a truly blockbuster year for data leaks, American credit reporting company Equifax has announced the loss of highly sensitive data belonging to 143 million Americans. Nearly half the population of the US are thought to be effected. There have been...