Author: Peter Bassill
Date: September 12, 2020
Ingredients Favourate rub Olive Oil Red Pepper Flakes Russet Potatoes Sweet Onion Perparation Wash a few russet potatoes and slice lengthwise into wedges. Pile onto a piece of aluminum foil large enough to wrap them up. Sprinkle with Rub. Dice a small onion and add this to the pile as well. Sprinkle some crushed red […]
Author: Peter Bassill
Date: July 23, 2020
A post from my “In the Darkened Room” series, a personal look at cheap penetration testing and why it might, or might not, be a good idea. As the owner of a penetration testing company I receive, almost daily, requests to “sharpen my pencil” or “give me your best price”. When I started back in […]
Author: Peter Bassill
Date: July 23, 2020
Very soon, sometime around mid-September 2020, we will be making the road trip of a lifetime. We are moving our lives from the UK to southern Spain. What better way to do that than in a trusty VW Caravelle? Well ok, it is a VW Multivan that I purchased from a chap in Germany. Built […]
Author: Peter Bassill
Date: July 19, 2020
Fun stats & facts of 6 months of security consulting in the gig economy. The most common request is to “pentest” a platform or application that does not belong to the requester. The second most common request is to write up papers for the requesters security degree or high school course. Over the six months […]
Author: Peter Bassill
Date: May 23, 2020
Categories:
Attacks,
CISOLast week saw yet another company hit by the hacking group Maze. It seems that every week the group are announcing more victims. “The Maze ransomware was discovered on May 29th 2019 by Jerome Segura. Maze is a complex piece of malware that uses some tricks to frustrate analysis right from the beginning. The malware […]
Author: Peter Bassill
Date: April 3, 2020
IMPORTANT This post is written for those who need or have to use Zoom. It is written to help those people use Zoom safely. If you are in the Cyber Security Industry and you wish to comment on why you should use X or why China is the enemy, this is not the place. Please make a post of your own […]
Author: Peter Bassill
Date: April 2, 2020
Looking back, it came as no surprise that last week took a toll on me mentally, and I had a bad day. It is now Saturday morning, its 5 am, and as I am up (babies are awake and playing), I thought I would pen this little article so that it might bring help to someone else. This is […]
Author: Peter Bassill
Date: April 2, 2020
Remote working considerations for the current pandemic situation. We all need to be taking remote working considerations. While adjusting the work paradigm, it is vital to keep a mind’s eye on the security and safety of the businesses information assets. 4 Remote Working Considerations There are four things to really take into account. Remote working is often perceived as a security risk but done well; […]
Author: Peter Bassill
Date: March 22, 2020
Categories:
CISO,
LessonsWith the current pandemic situation, we all need to be taking remote working considerations. While adjusting the work paradigm, it is vital to keep a mind’s eye on the security and safety of the businesses information assets. What business leaders should be considering while they complete rapid deployment of remote working? There are four things […]
Author: Peter Bassill
Date: October 6, 2019
It has been a long two weeks and there is a lot to document but I am taking a few minutes out to have a quick word about passwords. First lets just set out the definition of a password. A password is a basic security mechanism that consists of a secret passphrase created using alphabetic, numeric, alphanumeric and symbolic characters, or a combination. […]
Author: Peter Bassill
Date: July 10, 2019
IT DOES NOT MATTER HOW SECURE YOU ARE, IF YOU USE SERVER 2008 Hello folks and welcome to the fourth mini paper in my series “from the darkened room”. This mini paper is looking at what actually goes into the reconnaissance part of a penetration test here at Hedgehog, and how the recon phase alone meant game over on a test. […]
Author: Peter Bassill
Date: July 3, 2019
The second post in my series from the darkened room; sometimes I walk away. This engagement was a pure web application penetration test. The new client was an online retailer and the story starts and ends at the pre-test phase. They contacted us to perform a web app penetration test against a single URL. They initially wanted to spend no more than two days on the […]
Author: Peter Bassill
Date: July 2, 2019
ADVANCED PENETRATION TESTING – WHEN THE WORLD CRASHES DOWN Can a seasoned security professional beat the world’s best security software and mitigation? This job certainly found out. It also demonstrated well the difference between a vulnerability scan and a penetration test. The client had spent three years relying on a “market leading” vulnerability scanner to identify all their security weaknesses. What it didn’t spot was, well, all their […]
Author: Peter Bassill
Date: December 23, 2018
A few days ago I decided to write a regular monthly piece on mental health in racing and Cyber Security. Before I do that though, I though I would give you all a bit of background on why I became a trustee. In motorsport we are blessed with a massive number of volunteers. Without them […]
Author: Peter Bassill
Date: December 3, 2018
Categories:
Attacks,
LessonsI say it often, and I mean it everytime. Be careful what you click on. Ok, so how the heck did my card get details get stolen and used for online gambling? It was a Wednesday morning. Up early as ever and had a need to buy some trophies for our charity hill climb event […]
Author: Peter Bassill
Date: June 12, 2018
Hey, didnt I write something like this last year? Well, yes, I sure did. Originally this piece was titled “So you want to be a pentester” and was writing because I get asked a lot by people society see’s as fringe humans how to get into the coolest and best industry in the work. Please […]
Author: Peter Bassill
Date: October 18, 2017
The KRACK Attack Details were released publicly on the morning of Monday 16th October 2017 (see https://www.krackattacks.com/ ) of a newly-discovered and serious vulnerability in the WPA wireless network security protocol. This exploitable flaw has been dubbed the KRACK Attack (Key Reinstallation Attack). Since the vulnerability disclosure our researchers, Matthew Bowers and Peter Bassill have been researching […]
Author: Peter Bassill
Date: September 12, 2017
2016 was a black year in the calendar of data breaches. With countless websites and applications being breached, user’s details were made available online. Of the reported and published breaches, over 1.167 billion user’s details were leaked. Over halfway through 2017 and that figure is close once again. Each year the UK government surveys the […]
Author: Peter Bassill
Date: June 29, 2017
Categories:
Attacks,
CISOOver the past weeks there have been a number of interesting articles on cyber attacks on commercial vessels. Many contain very little detail. All of these stem from the recent cyber attacks which have, understandable, got people a little worried. These recent cyber attacks are, as I and others have been trying to tell people, […]
Author: Peter Bassill
Date: March 12, 2017
Acting as Chief Information Security Officer for a number of firms can be fun and stressful. Regardless, my 5 ways of staying secure don’t change much. Here they are: Don’t publically punish people for getting it wrong, publically praise them for getting it right. Get systems in line with Cyber Essentials Plus, done properly it […]
Author: Peter Bassill
Date: January 30, 2017
Over the past months I have been thinking a lot about the best way for the SME to get secured. So a great starting point is a few “x Steps” articles, little things that can help the SME, and big business, be secure. Passwords How many times have you heard people say “use a different password […]
Author: Peter Bassill
Date: January 24, 2017
Every year most businesses go through some form of penetration test and typically within a few minutes of being on site I can make a reasonably good prediction as to what I will find. So I thought why not create a quick post on Top 5 Ways to Annoy a Pentester. Very useful to all those […]
Author: Peter Bassill
Date: January 15, 2017
Every morning my first job of the day over a nice cup of coldbrew coffee is to go through the emails received over night. Occasionally I find a gem in the midst of the noise received from the internets. This morning I received the following email in the Security Operations mailbox: A spotting the spelling […]
Author: Peter Bassill
Date: October 31, 2016
Categories:
Attacks,
LessonsFor a long time I have been advising clients, friends and the business community on how to avoid falling for phishing attacks. Even the banks have got in on the act now with some rather good TV ads. Nether the less, phishing attacks works, especially when done well. Last week I received this: The Baited […]
Author: Peter Bassill
Date: August 15, 2016
SPG, that magical use on everything run. The simplest in the world: 4 parts course ground sea salt 2 parts garlic granuals (dont use anything other than granuals) 1 part course ground pepper
Author: Peter Bassill
Date: August 8, 2016
Ingredients Butter Drizzle of olive oil Pinch of parsely Chopped Tomato Your favourate steak rub 1 Ribeye steak, 1 inch thick 1 Onion, sliced thin Method Season steak with your favourate rub for an hour. In a small bowl, mix some butter and 1 teaspoon of your favourate rub.Transfer butter/rub mix to a sheet of […]
Author: Peter Bassill
Date: August 4, 2016
The hottest of hot sauces Habanero Peppers – 40 Serrano Chili Peppers – 4 Jalapenos – 3 Garlic Cloves – 10 whole Vinegar Distilled – 1 cup Water – 1 cup Olive Oil – 3.4 Tablespoons Lemon Juice – ½ cup Molasses – 2 Tablespoons Smoked Paprika – 1 Tablespoon Kosher Salt – 1 teaspoon […]
Author: Peter Bassill
Date: August 2, 2016
Ingredients 3 tablespoons vegetable oil 1 teaspoon minced garlic 1 1/2 cups of finest tomato ketchup 6 tablespoons cider vinegar 1/2 cup water 2 tablespoons Worcestershire sauce 1 teaspoon sweet paprika 1 bay leaf 1/4 teaspoon Tabasco sauce 1/4 teaspoon cayenne pepper 3 tablespoons lemon juice 4 tablespoons butter 3 tablespoon honey Method Heat the vegetable oil in […]
Author: Peter Bassill
Date: August 2, 2016
Ingredients 2 cups vinegar 1 cup olive oil 2/3 cup Worcestershire sauce 1/2 cup water 2 lemons pulped 2 tablespoons of Lesters mum’s hot sauce 6 crushed bay leaves 2 cloves garlic, smashed or minced 1 tablespoon smoked paprika 1 tablespoon chili powder Method Place all ingredients in a large pot and bring to a boil. Reduce […]
Author: Peter Bassill
Date: August 2, 2016
Ingredients 1 1/2 cups of the finest tomato ketchup 1/2 cup cider vinegar 1/2 cup sugar 1/2 cup water 2 tablespoons Worcestershire sauce 1 tablespoon chili powder 1 teaspoon cumin 1/2 teaspoon cayenne pepper Method Mix together the ketchup, vinegar, sugar, water, Worcestershire sauce, chili powder, cumin and cayenne. Gently bring to a low simmer and then […]
Author: Peter Bassill
Date: July 31, 2016
Not a fan of store brought. So I make my own. Ingrediants Potato Diced hard boiled eggs Mayonnaise Mustard Salt Pepper Method Peel and chop potatoes to 1/2 inch cubes. Add the potatoes to a large pot and cover the potatoes with water, bring this to a boil and let the potatoes cook to soften. […]
Author: Peter Bassill
Date: July 31, 2016
I am not a fan of store brought coleslaw, i find it too greasy and tasteless. Ingredients Chopped cabbage and carrots 1/4 cup mayonnaise 1/4 cup sour cream 1 tablespoon apple cider vinegar 1/2 tablespoon sugar 1 cup blue cheese crumbles a pinch of salt a pinch of pepper Method Mix the mayonnaise, sour cream, apple cider vingar and sugar […]
Author: Peter Bassill
Date: July 31, 2016
Very simple, easy to make, pulled pork. You really want to take some time, go to a skilled local butcher (avoid those darn supermarkets, the meat isn’t the best). For a typical shoulder, expect a cook time of around 2 hours per pound. Ingredients Pork Shoulder, as big as you like. Method Trim of the […]
Author: Peter Bassill
Date: July 31, 2016
This is my variation on a Texan bbq rub. It is great on chicken and pork. Ingredients ¼ cup light brown sugar 1 tbsp smoked paprika 1 tsp ground cayenne pepper 1 tsp chili powder 1 tbsp salt 1 tsp garlic powder 1 tsp onion powder 1/2 tsp ground black pepper Method Mix all together and store in your rub shaker.
Author: Peter Bassill
Date: July 31, 2016
Ingredients ½ cup brown sugar ½ cup paprika 1 tablespoon black pepper 1 tablespoon salt 1 tablespoon chili powder 1 tablespoon garlic powder 1 tablespoon onion powder 1 teaspoon cayenne pepper Method Put it all in a bowl, mix very well, then store in your rub shaker.
Author: Peter Bassill
Date: June 17, 2015
1 cup course salt 1 cup course pepper Thats all she wrote folks.
Author: Peter Bassill
Date: August 2, 2014
My preferred brisket rub Ingredients 5 tablespoons paprika 3 tablespoons salt 2 tablespoons garlic powder 2 tablespoons onion powder 1 tablespoon black pepper 1 tablespoon dried parsley 2 teaspoons cayenne pepper 2 teaspoons ground cumin 1 teaspoon ground coriander 1 teaspoon dried oregano 1/4 teaspoon hot chili powder 1/2 cup brown sugar Method Mix together and stored in […]
Author: Peter Bassill
Date: January 1, 1996
Author: Peter Bassill
Date: January 1, 1996
A quick and simple backup script. The source of this is from Voorburg here: https://voorburg.home.xs4all.nl/backup.html
Author: Peter Bassill
Date: January 1, 1996
A quick shell script to auto-connect openvpn to your VPN. You just need to ensure that your autologin configured .ovpn file is saved in /etc/openvpn and rename replaceme.ovpn in the script to the name of your config file.
Author: Peter Bassill
Date: January 1, 1996
A short script to deploy hardened Apache2 on Ubuntu 18.04 LTS
Author: Peter Bassill
Date: January 1, 1996
A short script to harden SSH
Author: Peter Bassill
Date: January 1, 1996
Short script to output the state of a system.
Author: Peter Bassill
Date: January 1, 1996
A short script to install OpenVAS on Ubuntu 18.04 LTS.