• Hacker's Corner

    The Personal Musings & Opinions About All Things Cybersecurity From A White-Hat Hacker

  • Daniel Smith

    Security Researcher

    Daniel Smith is an information security researcher for Radware's Emergency Response Team. As a white-hat hacker, his expertise in tools and techniques helps Radware develop signatures and mitigation attacks proactively for its customers. He focuses on security research and risk analysis for network and application based vulnerabilities. Daniel’s research focuses in on Denial-of-Service attacks and includes analysis of malware and botnets.

    Read Daniel's Research
  •  Cybersecurity is the proverbial game of whack-a-mole. With categorical alterations to tactics, techniques and procedures, nobody knows exactly what the future holds, but indicators from yesterday and today allow us to foretell what we can expect tomorrow."

  • Tactics, Techniques and Procedures

    The cybersecurity threat landscape continues to grow as the attacks and evasion maneuvers of threat actors makes the task of detecting and tracking cyberattacks increasingly challenging.

    Reboot: The Return of the Stresser Industry

    At the beginning of 2018, things looked as if they were about to snowball out of control. It seemed every week there was a new critical vulnerability affecting an IoT device or enterprise solution, which was quickly followed by a newly disco

    Cyber Threat Intelligence

    Cyber threat intelligence is based on the collection of data from multiple sources for research and analyzing threats so that organizations can be prepared to identify and mitigate cyberattacks. This means collecting and researching data associated with criminal organizations and hacktivist to create actionable insight.

    New Threats Targeting Oil and Gas

    Last year, US-CERT issued a technical alert that was a result of a joint effort between the Department of Homeland Security and the Federal Bureau of Investigation. This alert highlighted a growing threat from the Russian government and its actions against several industries, including the energy sector.

    CVE-2019-0708 (BlueKeep)

    Patch Tuesday is an unofficial term used to refer to Microsoft’s regular release of security updates for its products. On May 14, 2019, Patch Tuesday included 79 vulnerabilities in an update from Microsoft. Of the 79 vulnerabilities, 22 of them were labeled as critical, four of those being remote code execution attacks.

    MSP Attacks

    Over the last two years, managed service providers (MSPs) have experienced first-hand the growing trend in supply chain attacks. In April 2017, amid growing tensions between the United States and China, US-CERT issued an alert detailing an emerging threat impacting service providers across multiple sectors.

    Target Intelligence

    At the beginning of May 2019, Cybersecurity firm AdvIntel published a blog  about a high-profile Russian hacking collective, Fxmsp, claiming to have breached three major anti-virus companies located in the United States. Following the publication both Ars Technica  and Bleeping Computer  picked up the story and provided updates about this ongoing event.