Source: DeviantArt (Streamweb)


Have you noticed recently that the number of API breaches seem to be rising, not ebbing? You’re not alone. As a matter of fact, the number of API breaches have been going up exponentially and it’s only getting worse as we move into 2021.

In part 1 of our series, I introduced my mHealth app and API vulnerability research and unveiled the trailer for this research.

In this part, I walk you through configuring your tools and performing the techniques I use in targeting and exploiting mHealth apps and APIs in my research campaign and unveil some of the…


Are you being kept up at night wondering just how secure your company’s mobile health (mHealth) APIs really are? You aren’t alone. And after the research I’ve conducted on mHealth APIs, you very well should be. If you aren’t, you will be.

The number of mHealth companies have more than doubled in the past two years and with COVID-19, the protracting work-from-home economy is rewriting workplace norms that have been in place since the first industrial revolution. The court of public opinion on the future of retail shopping, banking, and healthcare in our new mobile-first world has delivered their…

Photo by Matthew Zicopula during the Tanium documentary filming


A rogue base station (also called a dirt box or rogue BTS) is the use of a software-defined radio (SDR) to create a fake cell tower and a software implementation of a GSM/GPRS radio access network. The software typically used to power rogue BTS’ is YateBTS, which supports GSM850, EGSM900, DCS1800, PCS1900 GSM bands.

The purpose of creating a rogue base station in vulnerability research or penetration testing of cellular-capable IoT devices or embedded systems, such as telematics control units (TCUs) inside connected cars is to force an association of the device talking over GSM to associate to the…

How MITRE Shield has turned cyber deception technology into a business imperative to deny a contested network to adversaries.


Just when you began to fully wrap your head around the MITRE ATT&CK framework, MITRE went and published a brand new framework for you to understand that it’s called MITRE Shield.

Have you seen MITRE Shield mentioned in a recent publication or heard about it in a vendor pitch but were too embarrassed to ask what the heck it was? Don’t understand deception technology and what it’s relevancy to MITRE Shield is? You aren’t alone. …


This article is written for penetration testers wanting to learn how to hack Bluetooth low energy (BLE) smart devices using relay attacks. These attacks can be employed against smart locks to even BLE-powered ignition systems in connected cars. This article goes into technical depth on how to build and configure two Raspberry Pis running Gattacker and explains in detail what relay attacks are, how and why they are effective against BLE, and how BLE differs from Bluetooth.

The Rise of Bluetooth 4.0

Let’s make something abundantly clear, there’s Bluetooth and Bluetooth Low Energy (BLE). Bluetooth was designed for short-range wireless communication (10–100 meters), such as…


This white paper discusses the new generation of data security solutions that addresses the failure of traditional data loss prevention (DLP) solutions to secure sensitive data that in today’s cloud-first and software-as-a-service (SaaS) economy is no longer effective. Data is now mobile and able to move between on-prem networks, cloud workloads, and SaaS providers. The fact of the matter is, network and endpoint DLP solutions have been rendered ineffective since data is no longer intended to stay within the confines of the enterprise’s on-prem network with the dissolution of the network edge.

In a new world of pandemics and an…

The story behind the mass exodus of enterprises from SIEM to Elastic

“It is not the strongest or the most intelligent who will survive, but those who can best manage change.” -Leon C. Megginson

KnighTV Live!: Episode 5: The end of the SIEM Era and Rise of Elastic


In my Ashes to Ashes article, I talked about how the event fatigue problem perpetuated by SIEM solutions requires SOAR to help address the problem, which also expands and improves SecOps, mechanizing and organizing activities previously relied on by the human analyst across all sense and response actions. …

“Abashed the devil stood and felt how awful goodness is and saw Virtue in her shape how lovely: and pined his loss” -John Milton

In a recent penetration test of a large bank, I was able to transfer money to any account and change any customer’s ATM debit card PIN with no authentication through the bank’s API servers the mobile application communicates with. While I was able to successfully reverse engineer the Android app using MobSF, I wasn’t so successful in finding the numerous POST and GET requests the mobile app uses when communicating with the bank. …

The idea here is that small changes — the burgeoning amount of unstructured data being generated in the enterprise, the interminable event fatigue problem created by false positives in security information and event management (SIEM) solutions, and the global talent shortage in cybersecurity that makes finding affordable security operations center (SOC) analysts difficult — are ushering in a big change as the sun begins to set on SIEM technology.

While organizations historically sent device logs, security control events, and operating system and application logs to central log servers or SIEMs that end up eventually slowing the SIEM down due to…

Falling [the play]. Retrieved from on SEP 8, 2019


As of today, no laws or regulations, even the latest version of PCI-DSS, HIPAA, and HITECH, do not make network segmentation or micro-segmentation compulsory to comply with the rule. By making network segmentation discretionary — even when transmitting, processing, or storing regulated data, the number of breaches will continue to rise as companies err on the side of doing less with more.

The purpose of this article is not to explain the contemporary need of network segmentation and micro-segmentation. …

Alissa Knight

Hacker | Cybersecurity Content Creator | Influencer | Published Author

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store