We Buy and Sell: The Public Advertisement of Zero-Day Exploits

By Max Smeets Zero-day exploits expose a previously unknown vulnerability. They can be especially powerful for gaining access to computer systems or escalating privileges within the system. Zero-day exploit brokers often publicly advertise what they pay out to developers for their new vulnerability discoveries. You can find detailed price lists online that tell you exactlyContinue reading “We Buy and Sell: The Public Advertisement of Zero-Day Exploits”

Offensive Cyber Beyond the Usual Suspects

The world’s attention remains focused on Russia’s invasion of Ukraine. Since the start of the conflict, cybersecurity experts and scholars have engaged in a heated debate over the perceived success and failure of cyber operations. Major crises such as this have also resurfaced questions around the role, form, tactics, and narratives that configure what offensiveContinue reading “Offensive Cyber Beyond the Usual Suspects”

Making the Concept of Violence Central to the Study of Offensive Cyber Operations

Dr Florian J Egloff, Dr James Shires Cyberspace is everywhere. It is so prevalent that the concept has started to lose its functional utility – and, as the recent Facebook rebrand demonstrates, big tech companies still want to make cyber interactions even more seamless and attractive. For the majority of the world’s population with accessContinue reading “Making the Concept of Violence Central to the Study of Offensive Cyber Operations”

To the Frontline and Beyond: How Ransomware’s Operational Details Can Inform Policy and Strategy

Dr Jamie Collier Mentioned just once in the UK Government’s Integrated Review, recent events highlight that ransomware is undoubtedly a crucial matter of national security. As Ciaran Martin has already discussed in The Alert, ransomware has recently disrupted oil and meat supplies, education infrastructure, and healthcare operations during a global pandemic. Offensive cyber might beContinue reading “To the Frontline and Beyond: How Ransomware’s Operational Details Can Inform Policy and Strategy”

Balancing on the rail – considering responsibility and restraint in the July 2021 Iran railways incident

JD Work [1], [2] An intrusion against a railway network, resulting in destructive effects leading to disruption of cargo and passenger transportation, would in previous decades likely have been considered a major strategic attack. Early writings on cyber warfare posited such actions only in theory, within the context of adapting ideas of other long-range strikeContinue reading “Balancing on the rail – considering responsibility and restraint in the July 2021 Iran railways incident”