The Tiberium blog

Recent events, threats, and all things cyber

Blog - Welcome to the Future

Welcome To The Future 

Learn the lessons of the past   Welcome to our first blog of this year, slightly delayed by the dreaded CV-19. In this missive, we will have a look at what is going on at the start of the year, summarise some of the big-ticket cyber security issues of last year and be bold enough to … Read more

on
Blog - You'll log

You’ll Log 

Logging around the Christmas week Unless you have been attending too many Christmas lunches, dinners, drinks parties (like our fantastic ‘Friends Of Tiberium’ new office opening event), you will have seen the news that yet another piece of open source code running on Unix servers has been discovered to contain a critical bug which ‘could … Read more

on
Blog - The Number of The Beast

The Number Of The Beast

777 cyber incidents supported by the UK NCSC in the past 12 months  Last week the UK National Cyber Security Centre (NCSC- part of GCHQ) released its annual review and very interesting reading it makes.  With every passing year, the ‘hands on’ services of the NCSC increasingly support both the public and private sectors, announcing that this … Read more

on
Blog - Pegasus

Pegasus

No Hippo-cracy evident in WhatsApp versus NSO court case  We have all heard about the infamous Israeli cyber security software company NSO group whose most infamous work is the mobile device spying software Pegasus.  According to NSO, Pegasus software is allegedly only sold to “licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime,”. … Read more

on
Blog - Diamond Life - Smooth Operator

Diamond Life – Smooth Operator

Diamonds are a geek’s best friend You will no doubt have heard about the Russian ransomware gang called Conti (or something like that) which has spent the last year ransoming critical national infrastructure and national health services including the Irish Health and Safety Executive (HSE).  Following a meeting between POTUS Biden and Vlad, where it is reported that … Read more

on
Classifying domains through string entropy

Chapter 2: Classifying domains through string entropy

Introduction  This is the second blog in the ‘Classifying Malicious Domains’ series, which aims to give insight into how to we at Tiberium use our knowledge of attacker’s techniques, tactics, and procedures to detect attacks before they occur.  Today we’re going to talk about ‘dodgy’ looking domains – that is a domain that looks more like a plate of alphabet soup than a bona fide website.   An early tl;dr  … Read more

on
Chain Gang

Chain Gang

Microsoft has identified (more) Nation-State supply chain attacks  We all know about supply chain attacks, the most recent example being the Solarwinds/FireEye debacle in which parties third, outed as the Russian state-sponsored APT-29 group (also called Nobelium) by none other than the FBI and associated American Government departments (they have so many, it’s too confusing).  The long and short of these … Read more

on
Games Without Frontiers

Games Without Frontiers

How will SASE, SOAR, Zero Trust and SIEM technologies shake out?  If you have been reading this blog regularly, read our note on, or visited Microsoft, Cisco etc. conferences you will be aware of the terms Zero Trust, SASE, SOAR and SIEM. In this blog, we explain (in summary, trying not to fall asleep) what … Read more

on
Blog - Everything's gonna be alright

Everything’s Gonna Be Alright

At least if you get patching   The start of Autumn is always a quiet time for us Cyber bloggers. Presumably having taken time off over the summer to rest and recuperate on their islands with flip-top Volcano lairs or Yachts with a submarine, plane and another boat inside therm, we think that this must be planning … Read more

on