WKL offers Two Day Training at Hack Red Con 2023 – September 8 & 9, 2023

White Knight Labs is a distinguished participant, leading a training initiative at the esteemed Hack Red Con 2023 in Louisville, Kentucky on September 8 and September 9, 2023. Spearheaded by our renowned cybersecurity experts, Greg Hatcher and John Stigerwalt, the training brings an exceptional fusion of practical experience and theoretical knowledge to the fore. Drawing on White Knight Labs founders’ significant experiences, from Army Special Forces to NSA instruction and leading a CISA red team, the expertise shared will be foundational. Their vast experience and industry insight will be instrumental in an intensive, in-depth exploration of offensive development. Participants can look forward to an interactive engagement with several technologies, such as network, cloud, mobile, web app, and API, with a spotlight on cloud Windows malware development. Dive into this grand opportunity to learn and grow here and find more details about Hack Red Con here. Join us and experience the blend of high-end technical insight with a client-centric approach at its best. Tickets can be purchased here
John Stigerwalt on Why responsible implementation of AI technology is critical

In a thought-provoking article by John Stigerwalt, co-founder of White Knight Labs, published on EDN the critical aspect of responsible AI implementation is examined. Stigerwalt recognizes the growing presence of AI in various aspects of life and addresses significant concerns posed by the Federal Trade Commission (FTC) regarding AI’s accuracy, bias, and discrimination potential. Emphasizing the importance of ethical considerations in AI deployment, Stigerwalt envisions the impact on data privacy and the risk of falling into deceptive ‘dark pattern’ territories. To mitigate these concerns, Stigerwalt suggests stronger FTC enforcement, data protection regulations, enhanced security measures, and transparent AI algorithms. In conclusion, the article urges striking a balance between AI tools and human involvement, without hindering AI’s potential to revolutionize various industries. Through responsible practices in AI implementation, we can continue to innovate and thrive while maintaining trust and ethical integrity.
WKL CEO, Greg Hatcher, Shares Insights on Phishing Scams Targeting Small Business on Social Media in CNBC Article

In a recent CNBC article, Greg Hatcher, CEO of White Knight Labs, illuminates the prevalence and impact of phishing scams targeting small businesses on social media platforms like Meta. Through poignant examples and expert insights, the article highlights the vulnerability small businesses face and the need for proper cyber hygiene. The CNBC article discusses alarming statistics and personal stories that demonstrate an increased risk for small businesses. Most notably, the FBI revealed that nearly $7 billion in losses occurred in 2021 due to cyberattacks primarily targeting small businesses. Hatcher highlights the importance of good cyber hygiene practices, emphasizing the use of strong, lengthy passwords and two-factor authentication. He also sheds light on the unfortunate truth that many social media companies do not prioritize small business security. The article serves as a reminder for small business owners to be proactive with their online security measures and adopt best practices to protect their online presence on platforms such as Instagram, Facebook, and YouTube.
Discussing the Evolution of Cyber Threat Tactics with BetaNews

In a thoughtful Q&A session with BetaNews, with Ian Barker, our CEO, Greg Hatcher, explored the current trends in cyber threats, the role of artificial intelligence in cybersecurity, the importance of proactive government involvement in cyber defense, and much more. Hatcher addressed the rising security concern related to Microsoft’s Azure device codes being used to bypass Multi-Factor Authentication (MFA). He also explained the dangers of file systems like iso files coupled with embedded executables, and the attackers’ transition from using executables to dynamic link libraries (DLLs). Significantly, he examined the implications of Google’s newly created ‘zip’ TLD, which is increasingly being exploited by cybercriminals. Hatcher also recognized the threat that AI tools, like ChatGPT, pose to cybersecurity. He argued that with AI’s capacity to generate custom software without requiring programming knowledge, its potential impact on cybersecurity could be significant, potentially providing cybercriminals with a vast swathe of data hitherto inaccessible. Hatcher expressed the necessity for a more proactive role from governments in cyber defense. He also affirmed that cyber warfare, just as traditional warfare, is critical, and countries ignoring this fact will become increasingly vulnerable. Furthermore, Hatcher hinted at the evolving role of offensive cybersecurity strategies, taking the actions of China and the Biden administration as a case in point. Lastly, Hatcher highlighted the importance of cooperation between government and the private sector in sharing cybersecurity intelligence, drawing parallels with the increased need for intelligence sharing observed post 9/11. This Q&A is a must-read for anyone interested in the current and future state of cybersecurity and the increasingly sophisticated threats faced by businesses today.
What is Web Scraping and where is the Risk?

Unveiling the complexities of web scraping, the latest article by Brooke Betcher titled “What is Web Scraping” on BuiltIn.com is a must-read. Our very own Greg Hatcher, CEO of White Knight Labs, has contributed to the article, leveraging his deep knowledge of cybersecurity. The writeup walks you step-by-step through the core concept of web scraping – a method utilized to extract vast quantities of data from websites. Despite its numerous practical applications, web scraping can pose considerable risks if used for malicious intentions, highlighting the critical importance of cybersecurity measures. Stay ahead of the curve by understanding the potential cybersecurity threats. Utilize the expert insights from industry specialist Greg Hatcher and fortify the security of your data today. Remember, knowledge is power, and in this context, it’s the power to protect your digital domain. For bespoke cybersecurity solutions, don’t hesitate to contact White Knight Labs.
Embracing ChatGPT

In the article “Embracing ChatGPT? Pay Attention To These Cybersecurity Concerns” written by Greg Hatcher, the CEO of White Knight Labs, Hatcher elaborates on the cybersecurity concerns that come with AI platforms like ChatGPT. ChatGPT, despite its beneficial use in generating a variety of written content, is evolving into a significant cybersecurity concern due to its capacity to continuously learn and adapt according to the input that users feed into it. The system’s vulnerability to breaches is profound due to its foundation on open-source software. This allows potential hackers to inspect, modify, and enhance the original code. Despite open-source software’s potential benefits of fostering innovation through collaboration, it also provides an open door for malicious individuals to adapt the code for their dubious intentions. Hatcher cites a data breach at OpenAI as an example of these concerns. Also, ChatGPT poses a threat to data security as AI inevitably stores large amounts of data and could generate threats like biases and inaccuracies due to the user inputs. Another serious concern is the potential exploitation of ChatGPT for the creation of phishing emails. Additionally, ChatGPT and most AI are developing without human supervision, adding to its potential misuse. Mixed with the capabilities of White Knight Labs, it becomes evident how such entities can play a significant role in identifying and remedying these vulnerabilities. As a cybersecurity consultancy that crafts a team of security professionals to aid organizations in identifying security vulnerabilities, White Knight Labs could no doubt assist in the scrutiny and hardening of AI systems like ChatGPT. By deploying a risk-based approach to such AI platforms, White Knight Labs can analyze various attack vectors and help safeguard the integrity and privacy of both organizations and users alike. Services like penetration testing, web application security assessments, and cloud pen testing would be crucial in providing security measures for AI programs and the systems they inhabit. By applying their cybersecurity expertise, White Knight Labs can address and mitigate the security risks associated with such open-source AI systems.
Flipper Zero and 433MHz Hacking – Part 1

What is the Flipper Zero? The Flipper Zero can best be described as a hardware hacking multi-tool. The Flipper Zero is an open-sourced hardware, hand-held device. The ability to explore and access RFID, the 433 Mhz spectrum, GPIO pins, UART, USB, NFC, infrared, and more is self-contained in a portable “to-go” device. What is the 433 MHz spectrum? Different countries set aside different parts of the radio spectrum that may be used by low-power devices (LPD) for license-free radio transmission. UHF 433.050 to 434.790 MHz is set aside in the United States for this purpose. This enables things like garage door openers, home security systems, and other short-range radio-controlled devices to work. In the United States, the Federal Communication Commission (FCC) is the government agency responsible for regulating and enforcing laws around the use of the electromagnetic spectrum. Minus a few exceptions, United States 47 CFR 15.201 defines and requires “intentional radiators” to be certified, and 47 CFR 15.240 outlines requirements for such devices. 433 MHz Recon (T1596, T1592.001) Because “intentional radiators” operating in the 433 – 434 MHz spectrum must be certified, various certification records are publicly available via the FCC’s website. If you look at virtually any electronic device, usually imprinted in plastic or on a label, you will find a string that starts with FCC ID: followed by an ID number. The image on the left shows the FCC ID for a security system’s keypad. The FCC has an online “Equipment Authorization Search” site, making it fairly simple to look up FCC IDs. Click to increase size If you have never used this site before, the dash symbol ( – ) must be prepended to the Product Code, at the time of this writing. If omitted, the search will likely fail. Once the search results load, you will see something like this: Here we can see the application history and the frequency range this device is certified to operate within. Clicking on “Details” presents us with several documents that can be very useful for OSINT/Recon activities. By law, manufacturers are allowed to keep certain details confidential, so it is not unusual to see a “Confidentiality” letter attached to the application. The Confidentiality letter outlines what was withheld and, in this case, it looks like schematics, block diagrams, and operational descriptions were all withheld. The “Internal Photos” is a great resource for providing an overview of what the printed circuit board (PCB) looks like and what (if any) debug taps may exist. It also provides indirect clues on how the device may be assembled and, thus, how it may be disassembled, thereby reducing the risk of “breaking” the device before you get to test it. If you don’t already have it, the “User Manual” can be a great resource. Having the user manual on hand can be very helpful. You can often find default credentials, Admin IP addresses, and other useful things in it. The “test reports” are often a wealth of information. Sometimes we can learn what modulation is being used, in this case Frequency Shift Keying (FSK), as well as the bandwidth and other useful details. In some cases, you may also find FCC IDs for other devices the product may contain (IoT inception). Below is the base station the example keypad connects to. If you are having difficulties locating a chip or component, the test report may contain references, model/part numbers, or other clues to help you out. At this point, it becomes an iterative process of finding the FCC ID, looking it up, going through the documents, and repeating as necessary. Capturing some data! So far, we have done our homework. We have learned this keypad communicates on 433.92, the device uses FSK, and the expected bandwidth will be around 37.074 KHz. Image Credit: https://docs.flipperzero.one/sub-ghz/read The Flipper Zero comes with a frequency analyzer. To access it, go to Main Menu > Sub-GHz > Frequency Analyzer. With the Flipper Zero close to the keypad, perform an action that instantiates a wireless signal. Sure enough, when we test the keypad in the above example, we get a value (+/-) of 433.92. To capture data we need to go to the “Read Raw” menu. Main Menu > Sub-GHz > Read Raw Image Credit: https://docs.flipperzero.one/sub-ghz/read-raw We need to enter the config menu and make sure the Frequency is set to 433.92. The Flipper Zero supports two FSK modes: For now, let’s select FM238 and let’s set the RSSI threshold to -70.0. With the configuration set, we are now ready to capture! When we replay this, the base station responds with an error/warning “Wireless Interference Detected.” The device will likely use some checks to prevent direct replay attacks. A common method is to use rolling codes. In the next chapter, we will dive more into how we can decode and begin to make sense of what is happening behind the scenes.