Author: Professor John Walker

This is my one hundredth Article for those nice people at Information Security Buzz (hence the title), and whilst I was pondering on which topic to write on next, along came a subject falling directly into my lap in the form of a blatant scam – followed by others – which I felt was of high value for purpose of security awareness educational value to share with our community, but above all the great unwashed public at large – please read on: Over the years, I seem to have gathered so much stuff, which is now unused and unwanted, and…

For about a decade now, I have both practiced and taught, what has, up to 2022, seemingly been considered a Grey Art – that of Open-Source Intelligence (OSINT), and its related methodologies in the UK, the UAE, Pakistan, India, and the Far East for Commercials, Industrials, Government, Police Authorities, and Military Agencies, and in that period, I have evolved a very powerful OSINT toolset. However, the world is changing, and as such we continually need to apply the life-long approach of CPD (Continuous Professional Development), and of course the continued evolution of our toolsets to keep tuned to the new…

As many readers of Information Security Buzz articles may already be aware, I have had published two articles about ‘Trust’ in relation to Russian applications, and as such I have set on a personal course to remove all links with such companies, relinquished partnerships, and have removed all said applications of origin from all my devices – that is, all except for one stubborn little piece of software! The Technical Challenges Having arrived at the juncture to run the final removal of such applications, I hit a very interesting, concerning situation in which said application not only refused to be…

The sad kinetic situation of the Russian war in Ukraine has created much instability on the world stage – observing the fallout of human tragedies and loss of life – facts we are all very much aware of and tuned into from the daily reports from the media. However, there are several unknown unknowns, of which those outside of the world of Cyber, OSINT, and Research may not be unaware of – the members of the unindoctrinated public. But before we can look at the overall logical implications, we may all face as we enter the new era of the…

The National Cyber Security Centre (NCSC, a part of GCHQ) has warned UK organisations and consumers to consider the risk of using Russian technologies amid the ongoing war in Ukraine, and the change in attitude of the Russian Leadership toward the West. The NCSC went on to add comment that Russian firms may be compelled by law to comply with the country’s Federal Security Service (FSB) – although there is no evidence that this has occurred yet – however, it is yet another tool in the toolbox of Russian Hybrid Warfare, so take note. In several articles which have been…

What has become so obvious during the sad events unfolding in Ukraine is the power of OSINT, discovering the facts through available multiple sources of verifiable intelligence – ranging from social-media titbits, images, news items, and other sources of intelligence born out of Flight Tracking applications, through to MetaData, and EXIF data extracts. For example, at Fig 1 is a display of the flight path of Military Aircraft which are clearly supporting the missions to defend those impacted by the illegal war of the Power Mad, warped Russian leader, Putin. Fig 1 – Aircraft Tracking – Here US Airforce Boeing…

The year was 1993 when I attended the Third Virus Bulleting Conference in Amsterdam, held at the Grand Hotel Krasnapolsky where I presented my first ever paper, on the subject of defeating Anti-Virus by means of encapsulation of malicious payload – My session was the second PM of the day, and as the hall filled up with just about every seat taken, my nerves kicked in – what should have been 45 minutes of presentation time was completed in just 30 – See URL below: https://www.virusbulletin.com/uploads/pdf/conference/vb93/VB93report.pdf Why this event precludes this article is, in Amsterdam I happened to sit in on…

On the 23 of February 2022, I am presenting a webinar to an international audience titled, ‘Don’t look back in anger look forward and predict the unknown’ on the subject of, what for many today would seem to be still considered a Dark Art – subject OSINT (Open-Source Intelligence). In this webinar we will explore both positive, and negatives of the specific methodologies which may be applied to fulfil both good, and evil purpose, and will delve into how OSINT may be used by the aggressors to footprint a target pre-attack to identify any weak-points which may be analysed, and…

Prior to the Christmas festivities, I got may hands on a pair of the latest encrypted key solution to come out of the iStorage stable – enter the DATASHUR SD, supplied with a pair of iStorage branded 128 GB, and a 256 GB SDXC cards. Thus, I subjected said items to a review and evaluation over the holiday period – but first, how do I know the supplier? I first became aware of iStorage when I was commissioned to assist them go through the NCSC (GCHQ) independents security evaluation process, with the objective to have a selection of their products…

Introduction This paper will consider the areas surrounding Data Security and look at the multiples of ways in which it may be breached, altered, or compromised, some of which may be obvious, others not so. We will explore this topic based on the security four table legs of CIA+A: Confidentiality, Integrity, Availability, and Accountability We will however be concentrating on the areas of Confidentiality and Integrity in relation to the stored data objects (Information). However, at this juncture we must stress that where a mitigation relates to encrypting localised on-board, or attached media, we must keep in mind that this…