The Tiberium blog

Recent events, threats, and all things cyber

Tiberium blog - farmer in the dell title image

The Farmer In The Dell

Way back in the midsts of time (December 2020), numerous, very severe issues in some Dell Windows drivers were reported proactively by the good people at Sentinel labs and perhaps other parties, so far nameless. On what is cheesily called ‘Star Wars Day’ (04/05 or May the fourth, be yawningly with you), Sentinel disclosed these … Read more

on

Don’t Pay The Ransom

Ransom has been a thing since, probably, the invention of rope. It is certainly referred to in The Holy Bible. In the Old Testament, it referred to as payment of some sort to release someone, and in the New Testament, it refers to “Christ’s gift of Himself as a ransom for many”.

No such thing as an original sin. A notion that is continuously being challenged in the cyberspace.

To get some perspective, the largest ransom ever paid for the release of a person (according to the Guinness Book Of Records) was $1.5 Billion in 1533 for Atahualpa, Emperor Of The Incas.

on
Cool for cats banner - Tiberium blog

Cool for Cats

Dig if you will the picture. Way way back in October 2016, the British Signal Intelligence (and much more besides) operation GCHQ gave birth to an industry facing computer security advisory outfit; The National Cyber Security Centre, NCSC.

on
Blog header - Back in the USSR. Exchange patches, the fallout continues

Back in the USSR

Well, at least ten Russian diplomats will be expelled by the Biden administration in retaliation for interference in American elections and cyber attacks, including the SolarWinds hack that both the USA and #UsToo soon to be ‘England’ currently known as The United Kingdom. The SolarWinds gig has now been firmly placed in the paws of … Read more

on
Name and number blog header

Name and Number

The Third Geneva Convention is relative to prisoners of war; we have all seen the films. Unsurprisingly modified in 1949, it defines humanitarian protections for prisoners. According to the convention, a prisoner must give the following: surname, first names and rank, date of birth, and army, regimental, personal or serial number. The convention precludes the use … Read more

on
Return-To-Sender

Return To Sender

It is looking more and more likely that a significant proportion of the workforce may be returning to some kind of office (at least in the UK) soon.

on
School's our before summer

School’s out before summer

It’s not all about making zee monies (whilst providing excellent customer service, value and security outcome, obvs) at Tiberium HQ. As it happens, ‘What’s that coming over the hill’ was written and performed by ‘The Automatic’ who are from Cardiff, so in their case, what might be coming over the hill is something to be … Read more

on
Let me in blog post image

Let Me In

Let Me In This week, Facebook announced the extension of support for ‘physical security keys’, previously only supported on desktops, to Android and iOS devices We have been reading about the rise and rise of hardware tokens for years, ever since they took a back seat in the enterprise in favour of software tokens (a … Read more

on

DearCry Automated Action

Follow on from our last blog post, where we covered off proof of concept code for the HAFNIUM linked Exchange server intrusions. We are now diving deeper into DearCry, a new strain of ransomware that several threat actor groups are deploying.

on