• Hacker's Corner

    The Personal Musings & Opinions About All Things Cybersecurity From A White-Hat Hacker

  • Daniel Smith

    Security Researcher


    Daniel Smith is an information security researcher for Radware's Emergency Response Team. As a white-hat hacker, his expertise in tools and techniques helps Radware develop signatures and mitigation attacks proactively for its customers. He focuses on security research and risk analysis for network and application based vulnerabilities. Daniel’s research focuses in on Denial-of-Service attacks and includes analysis of malware and botnets.

    Read Daniel's Research
     
  •  Cybersecurity is the proverbial game of whack-a-mole. With categorical alterations to tactics, techniques and procedures, nobody knows exactly what the future holds, but indicators from yesterday and today allow us to foretell what we can expect tomorrow."

  • Cyber Threat Intelligence

    Cyber threat intelligence is based on the collection of data from multiple sources for research and analyzing threats so that organizations can be prepared to identify and mitigate cyberattacks. This means collecting and researching data associated with criminal organizations and hacktivist to create actionable insight.

    New Threats Targeting Oil and Gas

    Last year, US-CERT issued a technical alert that was a result of a joint effort between the Department of Homeland Security and the Federal Bureau of Investigation. This alert highlighted a growing threat from the Russian government and its actions against several industries, including the energy sector.

    CVE-2019-0708 (BlueKeep)

    Patch Tuesday is an unofficial term used to refer to Microsoft’s regular release of security updates for its products. On May 14, 2019, Patch Tuesday included 79 vulnerabilities in an update from Microsoft. Of the 79 vulnerabilities, 22 of them were labeled as critical, four of those being remote code execution attacks.

    MSP Attacks

    Over the last two years, managed service providers (MSPs) have experienced first-hand the growing trend in supply chain attacks. In April 2017, amid growing tensions between the United States and China, US-CERT issued an alert detailing an emerging threat impacting service providers across multiple sectors.

    Target Intelligence

    At the beginning of May 2019, Cybersecurity firm AdvIntel published a blog  about a high-profile Russian hacking collective, Fxmsp, claiming to have breached three major anti-virus companies located in the United States. Following the publication both Ars Technica  and Bleeping Computer  picked up the story and provided updates about this ongoing event.

    Understanding the Darknet and Its Impact on Cybersecurity

    This piece explains how the darknet has refined the art of hacking, and in the process, how it has dramatically expanded the threat landscape that organizations now face.

    OpIcarus: A Success or Failure

    Over the years, I have tracked a number of Anonymous operations. I like to consider myself a historian of sorts, but recently it seems that everyone is intentionally forgetting the past so they can reshape the future to fit their agenda. To add to the confusion there are a number of outlets who are unable to verify threat actors and their activity from just a few years ago. Let’s clear up a few things about OpIcarus.