WKL offers Two Day Training at Hack Red Con 2023 – September 8 & 9, 2023
White Knight Labs is a distinguished participant, leading a training initiative at the esteemed Hack Red Con 2023 in Louisville, Kentucky on September 8 and September 9, 2023. Spearheaded by our renowned cybersecurity experts, Greg Hatcher and John Stigerwalt, the training brings an exceptional fusion of practical experience and theoretical knowledge to the fore. Drawing on White Knight Labs founders’ significant experiences, from Army Special Forces to NSA instruction and leading a CISA red team, the expertise shared will be foundational. Their vast experience and industry insight will be instrumental in an intensive, in-depth exploration of offensive development. Participants can look forward to an interactive engagement with several technologies, such as network, cloud, mobile, web app, and API, with a spotlight on cloud Windows malware development. Dive into this grand opportunity to learn and grow here and find more details about Hack Red Con here. Join us and experience the blend of high-end technical insight with a client-centric approach at its best. Tickets can be purchased here
John Stigerwalt on Why responsible implementation of AI technology is critical
In a thought-provoking article by John Stigerwalt, co-founder of White Knight Labs, published on EDN the critical aspect of responsible AI implementation is examined. Stigerwalt recognizes the growing presence of AI in various aspects of life and addresses significant concerns posed by the Federal Trade Commission (FTC) regarding AI’s accuracy, bias, and discrimination potential. Emphasizing the importance of ethical considerations in AI deployment, Stigerwalt envisions the impact on data privacy and the risk of falling into deceptive ‘dark pattern’ territories. To mitigate these concerns, Stigerwalt suggests stronger FTC enforcement, data protection regulations, enhanced security measures, and transparent AI algorithms. In conclusion, the article urges striking a balance between AI tools and human involvement, without hindering AI’s potential to revolutionize various industries. Through responsible practices in AI implementation, we can continue to innovate and thrive while maintaining trust and ethical integrity.
WKL CEO, Greg Hatcher, Shares Insights on Phishing Scams Targeting Small Business on Social Media in CNBC Article
In a recent CNBC article, Greg Hatcher, CEO of White Knight Labs, illuminates the prevalence and impact of phishing scams targeting small businesses on social media platforms like Meta. Through poignant examples and expert insights, the article highlights the vulnerability small businesses face and the need for proper cyber hygiene. The CNBC article discusses alarming statistics and personal stories that demonstrate an increased risk for small businesses. Most notably, the FBI revealed that nearly $7 billion in losses occurred in 2021 due to cyberattacks primarily targeting small businesses. Hatcher highlights the importance of good cyber hygiene practices, emphasizing the use of strong, lengthy passwords and two-factor authentication. He also sheds light on the unfortunate truth that many social media companies do not prioritize small business security. The article serves as a reminder for small business owners to be proactive with their online security measures and adopt best practices to protect their online presence on platforms such as Instagram, Facebook, and YouTube.
Discussing the Evolution of Cyber Threat Tactics with BetaNews
In a thoughtful Q&A session with BetaNews, with Ian Barker, our CEO, Greg Hatcher, explored the current trends in cyber threats, the role of artificial intelligence in cybersecurity, the importance of proactive government involvement in cyber defense, and much more. Hatcher addressed the rising security concern related to Microsoft’s Azure device codes being used to bypass Multi-Factor Authentication (MFA). He also explained the dangers of file systems like iso files coupled with embedded executables, and the attackers’ transition from using executables to dynamic link libraries (DLLs). Significantly, he examined the implications of Google’s newly created ‘zip’ TLD, which is increasingly being exploited by cybercriminals. Hatcher also recognized the threat that AI tools, like ChatGPT, pose to cybersecurity. He argued that with AI’s capacity to generate custom software without requiring programming knowledge, its potential impact on cybersecurity could be significant, potentially providing cybercriminals with a vast swathe of data hitherto inaccessible. Hatcher expressed the necessity for a more proactive role from governments in cyber defense. He also affirmed that cyber warfare, just as traditional warfare, is critical, and countries ignoring this fact will become increasingly vulnerable. Furthermore, Hatcher hinted at the evolving role of offensive cybersecurity strategies, taking the actions of China and the Biden administration as a case in point. Lastly, Hatcher highlighted the importance of cooperation between government and the private sector in sharing cybersecurity intelligence, drawing parallels with the increased need for intelligence sharing observed post 9/11. This Q&A is a must-read for anyone interested in the current and future state of cybersecurity and the increasingly sophisticated threats faced by businesses today.
What is Web Scraping and where is the Risk?
Unveiling the complexities of web scraping, the latest article by Brooke Betcher titled “What is Web Scraping” on BuiltIn.com is a must-read. Our very own Greg Hatcher, CEO of White Knight Labs, has contributed to the article, leveraging his deep knowledge of cybersecurity. The writeup walks you step-by-step through the core concept of web scraping – a method utilized to extract vast quantities of data from websites. Despite its numerous practical applications, web scraping can pose considerable risks if used for malicious intentions, highlighting the critical importance of cybersecurity measures. Stay ahead of the curve by understanding the potential cybersecurity threats. Utilize the expert insights from industry specialist Greg Hatcher and fortify the security of your data today. Remember, knowledge is power, and in this context, it’s the power to protect your digital domain. For bespoke cybersecurity solutions, don’t hesitate to contact White Knight Labs.
Embracing ChatGPT
In the article “Embracing ChatGPT? Pay Attention To These Cybersecurity Concerns” written by Greg Hatcher, the CEO of White Knight Labs, Hatcher elaborates on the cybersecurity concerns that come with AI platforms like ChatGPT. ChatGPT, despite its beneficial use in generating a variety of written content, is evolving into a significant cybersecurity concern due to its capacity to continuously learn and adapt according to the input that users feed into it. The system’s vulnerability to breaches is profound due to its foundation on open-source software. This allows potential hackers to inspect, modify, and enhance the original code. Despite open-source software’s potential benefits of fostering innovation through collaboration, it also provides an open door for malicious individuals to adapt the code for their dubious intentions. Hatcher cites a data breach at OpenAI as an example of these concerns. Also, ChatGPT poses a threat to data security as AI inevitably stores large amounts of data and could generate threats like biases and inaccuracies due to the user inputs. Another serious concern is the potential exploitation of ChatGPT for the creation of phishing emails. Additionally, ChatGPT and most AI are developing without human supervision, adding to its potential misuse. Mixed with the capabilities of White Knight Labs, it becomes evident how such entities can play a significant role in identifying and remedying these vulnerabilities. As a cybersecurity consultancy that crafts a team of security professionals to aid organizations in identifying security vulnerabilities, White Knight Labs could no doubt assist in the scrutiny and hardening of AI systems like ChatGPT. By deploying a risk-based approach to such AI platforms, White Knight Labs can analyze various attack vectors and help safeguard the integrity and privacy of both organizations and users alike. Services like penetration testing, web application security assessments, and cloud pen testing would be crucial in providing security measures for AI programs and the systems they inhabit. By applying their cybersecurity expertise, White Knight Labs can address and mitigate the security risks associated with such open-source AI systems.
Ransomware Payments
The article “How ransomware gangs negotiate payments” by Kolawole Samuel Adebayo on Fast Company, discusses the intricacies behind ransomware attacks and the methods used by attackers to negotiate payments. The CEO of White Knight Labs, Greg Hatcher, contributes to the article with his expert insights. According to Greg Hatcher, ransomware attackers typically dictate the method of communication and payment, which is almost always Tor and cryptocurrency due to the anonymity those platforms provide. He explains that the encrypted data from the victim’s critical systems allows attackers to swiftly define these communication and payment channels. Hatcher also describes the challenges involved in tracing illicit ransom payments. Even with the public ledger characteristic of blockchain technologies, tracing these transactions remains an “expensive and time-intensive” task. This is primarily due to the multitude of wallets involved in the transactions and the overall anonymity that cryptocurrencies present, making it difficult to follow the money trail. Greg Hatcher provides valuable insights into the shadowy mechanics of ransomware negotiations and the accompanying challenges involved in fighting this growing form of cybercrime.
Offensive Development Training Course in South Dakota – October 17 & 18
On October 17 & 18, 2023 we’ll be offering an Offensive Development training course at the Wild West Hackin’ Fest in Deadwood, SD. Register to attend in person or for those that can’t get there, virtual attendance will also be accommodated. Click the button below for more information.
Adversary Village @ CloudCon 2023 – July 24 & 25
White Knight Labs was at CloudCon 2023 presented by CSA West Michigan.
Making Sure Lost Data Stays Lost
Steven Lawton published an article on Dark Reading that explores the potential risks of retired hardware and forgotten cloud virtual machines. A recent report revealed that 56% of decommissioned routers sold on the secondary market contained sensitive corporate material, highlighting the regular exposure of confidential data. Greg Hatcher, CEO of cybersecurity consultancy White Knight Labs, explains that cloud-based vulnerabilities usually result from misconfigurations or naïve actions. He emphasizes the importance of having both hardware and software asset inventories to protect networks and cloud environments. Hatcher also notes that sensitive data might not stay hidden, even when applications are deleted from retired hard disks. Access policies can remediate vulnerabilities by allowing specific individuals to access data within a platform, while guidelines and security frameworks can help define controls for decommissioning hardware and protecting data.