Hello folks and welcome to the fourth mini paper in my series "from the darkened room". This mini paper is looking at what actually goes into the reconnaissance part of a penetration test, and how the recon phase alone meant game over on a test.
I work with a fair few ladies and gents who do bug bounties and while sitting on the beach during one of our hack on the beach sessions, I posed the question “How friggin evil is clickjacking, PoC or GTFO.” The challenge was set, and here is what we decided.
Well Kwikfit are being very quiet and keeping the information internally. It does seem that the retail estate have been hit with a form of malware which has rendered the epos systems useless. And in today’s non-cash based economy that is a problem for any retailer.
The majority of penetration tests will invariably reveal passwords of some sort from the user base, especially where that penetration test is done on a Windows network. So, as with last year we continue our annual review of the state of passwords.
Two months of hard work in evenings and over the weekends came to fruition this week as on Monday we opened the doors to Gibraltar's first ever Cyber Summer Camp. The event was put on for kids from 13 to 17 attending school in Gibraltar.
In 2009, back when I was the Chief Information Security Officer for Gala Coral Group, I wrote that one of the hot topics for many Chief Information Security Officers was reducing the potential for Data Loss.