Tag: InfoSec Resources

Tips For Purchasing Essays Online

Read the original article: Tips For Purchasing Essays Online When you have a passion for writing and need to earn additional money, there are a number of excellent ways to earn by purchasing essays online. When you have not written…

Microsoft Azure Fundamentals (AZ-900) Domains Overview

Read the original article: Microsoft Azure Fundamentals (AZ-900) Domains Overview Introduction The Microsoft Azure Fundamentals (AZ-900) certification exam is a great way for someone new to the field of cloud computing to demonstrate knowledge, interest and experience to current… Go…

What is a cyber range?

Read the original article: What is a cyber range? Introduction When it comes to cyberthreats, it is not a matter of if, but when an organization is going to be targeted by cybercriminals. Will you and your organization be ready?…

CCNA certification prep: Security fundamentals

Read the original article: CCNA certification prep: Security fundamentals Introduction In modern networks, security is not an afterthought. You need to know how to build secure networks from the outset. Security has to be woven into the very fabric of…

Microsoft Azure Certification: Overview And Career Path

Read the original article: Microsoft Azure Certification: Overview And Career Path Introduction The global COVID-19 pandemic has forced individuals and organizations to adopt new ways of doing daily tasks, from working to learning. It has also accelerated the journey to…

BPCS & SIS

Read the original article: BPCS & SIS Introduction Cybersecurity in the process industries is a growing concern due to the increasing number of cyber attacks against industrial control systems (ICS) and the presence of a large number of… Go on…

Browser Forensics: Firefox

Read the original article: Browser Forensics: Firefox Introduction Browsers have become an inherent part of our virtual life and we all make use of browsers for surfing the internet in some or the other way. Also, browsers can be used…

Browser Forensics: Google Chrome

Read the original article: Browser Forensics: Google Chrome Introduction Browsers have become an inherent part of our virtual life and we all make use of browsers for surfing the internet in some or the other way. Also, browsers can be…

AWS User Management

Read the original article: AWS User Management Introduction In order to keep your AWS environment secure while allowing your users to properly utilize resources, you must ensure that users are correctly created with proper permissions. Also, you… Go on to…

Wireless Networks and Security

Read the original article: Wireless Networks and Security Introduction Wireless networks have become an inherent part of our life and we all use wireless networks in some form in our day to day life. Of all the utilities provided by…

Networking fundamentals (for Network security professionals)

Read the original article: Networking fundamentals (for Network security professionals) Introduction To understand Network Security, it’s imperative that we understand networking fundamentals and networking basics. In this post, we will be learning about networking basics and… Go on to the…

Browser Forensics: IE 11

Read the original article: Browser Forensics: IE 11 Introduction Browsers have become an inherent part of our virtual life and we all make use of browsers for surfing the internet in some or the other way. Also, browsers can be…

Introduction to Printing and Format Strings

Read the original article: Introduction to Printing and Format Strings Introduction This article provides an overview of how printing functions work and how format strings are used to format the data being printed. Developers often use print functions for a…

Format String Vulnerabilities: Use and Definitions

Read the original article: Format String Vulnerabilities: Use and Definitions Introduction In the previous article, we understood how print functions like printf work. This article provides further definition of Format String vulnerabilities. We will begin by discussing how… Go on…

Copy-paste compromises

Read the original article: Copy-paste compromises Copy-paste compromises: Introduction and overview Although the concept of copy-paste compromises is not exactly new, there are now several different forms of the attack. In the version of copy-paste… Go on to the site…

How to exploit Format String Vulnerabilities

Read the original article: How to exploit Format String Vulnerabilities Introduction In the previous articles, we discussed printing functions, format strings and format string vulnerabilities. This article provides an overview of how Format String vulnerabilities can be… Go on to…

Format String Vulnerabilities Exploitation Case Study

Read the original article: Format String Vulnerabilities Exploitation Case Study Introduction: In the previous article of this series, we discussed how format string vulnerabilities can be exploited. This article provides a case study of how format string vulnerabilities can be……

IoT Security Fundamentals: IoT vs OT (Operational Technology)

Read the original article: IoT Security Fundamentals: IoT vs OT (Operational Technology) Introduction: Knowing the Notions  Industrial Internet of Things (IIoT) incorporates technologies such as machine learning, machine-to-machine (M2M) communication, sensor data, Big Data, etc. This… Go on to the…

How to mitigate Format String Vulnerabilities

Read the original article: How to mitigate Format String Vulnerabilities Introduction: This article provides an overview of various techniques that can be used to mitigate Format String vulnerabilities. In addition to the mitigations that are offered by the compilers… Go…

Hash Functions in Blockchain

Read the original article: Hash Functions in Blockchain Introduction to hash functions Hash functions are one of the most extensively-used cryptographic algorithms in blockchain technology. They are cryptographic (but not encryption) algorithms that are… Go on to the site to…

Public-Key Cryptography in Blockchain

Read the original article: Public-Key Cryptography in Blockchain How public-key cryptography works Public-key or asymmetric cryptography is one of the two main types of encryption algorithms. Its names come from the fact that it uses two different encryption keys:… Go…

Blockchain Structure

Read the original article: Blockchain Structure Introduction The blockchain gets its name from its underlying structure. The blockchain is organized as a series of “blocks” that are “chained” together. Understanding blockchain security requires… Go on to the site to read…

The business value of CompTIA CySA+ employee certification

Read the original article: The business value of CompTIA CySA+ employee certification Introduction The cybersecurity threat landscape is rapidly evolving, and cybercriminals are becoming more sophisticated. Traditional threat detection techniques that rely on signature-based threat… Go on to the site…

IPv4 and IPv6 Overview

Read the original article: IPv4 and IPv6 Overview IP stands for internet protocol. The internet protocol is the protocol which allows internetworking at the internet layer of the internet protocol suite. IPv4 is the fourth version of the protocol… Go…

How to achieve CMMC levels 1 through 5

Read the original article: How to achieve CMMC levels 1 through 5 Introduction: Where the DoD stands on cybersecurity certification The Department of Defense (DoD) has created the Cybersecurity Maturity Model Certification (CMMC) in an effort to secure the Defense……

Deepfake

Read the original article: Deepfake Introduction “Deepfake” isn’t a new type of beauty cream, an underwater virtual tour or even a sternly worded insult. It is in fact, the culmination of decades worth of audio and video editing… Go on…

Endpoint Hardening (best practices)

Read the original article: Endpoint Hardening (best practices) Introduction Endpoint hardening: If you were to tell the average person that you were going to be performing this task for your organization, they’d probably ask if you were a blacksmith…. Go…

Encryption vs Encoding

Read the original article: Encryption vs Encoding Encryption and decryption Encryption is the process of converting plaintext to encrypted text. Since encrypted text cannot be read by anyone, encrypted text hides the original data from unauthorized… Go on to the…

The OSI Model and TCP/IP Model

Read the original article: The OSI Model and TCP/IP Model What is the OSI model? The OSI model was the primary standard model for network communications, adopted by all major telecommunication companies and computers within the early 1980s. The users…

Using Base64 for Malware Obfuscation

Read the original article: Using Base64 for Malware Obfuscation What is Malware – Malware stands for malicious software and software, in simple language, means some program written in any programming language. So if a malicious program is intentionally written to……

Attacks on Blockchain

Read the original article: Attacks on Blockchain Blockchain attack vectors Blockchain can be attacked in a number of different ways. Many of the most famous attacks focus on issues with either the theoretical blockchain protocol (such as the 51%… Go…

Mobile Device Management

Read the original article: Mobile Device Management Introduction “Hey Buddy, can you make it so my phone can get work email please?”  “Oh sure, no problem.”  “Thanks.  Also I’ll need my laptop, tablet, smartwatch,… Go on to the site to…

Blockchain: Beyond the Basics

Read the original article: Blockchain: Beyond the Basics Beyond the basic blockchain The core blockchain protocol implements a distributed ledger capable of performing cryptocurrency transfers. Smart contract platforms add additional functionality by… Go on to the site to read the…

Top 7 cybersecurity books for ethical hackers in 2020

Read the original article: Top 7 cybersecurity books for ethical hackers in 2020 Top ethical hacking books for 2020 Ethical hacking is a huge field with a number of different specializations within it. Since ethical hackers are expected to perform…

Top 5 ways ransomware is delivered and deployed

Read the original article: Top 5 ways ransomware is delivered and deployed Introduction If your computer has not yet been affected by ransomware, odds are it could soon be. With ransom payments averaging more than $80,000 in Q4 2019, the…

How to spot a malicious browser extension

Read the original article: How to spot a malicious browser extension Introduction Let’s not kid ourselves — the experience of surfing the web wouldn’t be the same without extensions. Browser extensions make it possible to block advertisements, change the appearance…

Capture the flag: A walkthrough of SunCSR’s Geisha

Read the original article: Capture the flag: A walkthrough of SunCSR’s Geisha Introduction Welcome to my write-up for the Geisha machine from VulnHub. This is a beginner- to intermediate-level, intentionally vulnerable virtual machine created for the purposes of testing and……

Sunset Decoy: VulnHub CTF walkthrough

Read the original article: Sunset Decoy: VulnHub CTF walkthrough In this article, we will solve a Capture the Flag (CTF) challenge that was posted on the VulnHub website by an author whitecr0wz. As per the description given by the author,…

Time to update your cybersecurity policy?

Read the original article: Time to update your cybersecurity policy? Introduction In today’s highly connected world, new cyberthreats and risks emerge seemingly every hour, around the clock. Whether it is from spearphishing, a distributed denial-of-service attack or a… Go on…

6 Windows event log IDs to monitor now

Read the original article: 6 Windows event log IDs to monitor now Introduction It’s possible to use Windows 10 event logs to detect intrusions and malicious activity, but some knowledge of critical IDs is mandatory to avoid over-collection and other…

Cloud Pentesting Certification Boot Camp: The ultimate guide

Read the original article: Cloud Pentesting Certification Boot Camp: The ultimate guide What is a Certified Cloud Penetration Tester (CCPT) certification? The CCPT certification is offered by the Information Assurance Certification Review Board to validate an applicant’s skills in cloud……

The CySA+ knowledge domains

Read the original article: The CySA+ knowledge domains Introduction The new CompTIA Cybersecurity Analyst Certification (CySA+), exam code CS0-002, came into effect as of April 21, 2020, replacing the CySA+ exam (CS0-001). The new certification verifies… Go on to the…

The CySA+ knowledge domains

Read the original article: The CySA+ knowledge domains Introduction The new CompTIA Cybersecurity Analyst Certification (CySA+), exam code CS0-002, came into effect as of April 21, 2020, replacing the CySA+ exam (CS0-001). The new certification verifies… Go on to the…

Introduction to Cryptography

Read the original article: Introduction to Cryptography The field of cryptology Cryptology — literally “the study of secrets” — is composed of cryptography (making codes) and cryptanalysis (breaking codes). However, many people use the term cryptography… Go on to the…

Top 9 Phishing Simulators [Updated 2020]

Read the original article: Top 9 Phishing Simulators [Updated 2020] The title of this article was supposed to be “Top 10 Free Phishing Simulators”. However, after much searching, trying, visiting of broken links, filling out forms and signing up for…

Top 6 cybersecurity books for IT auditors

Read the original article: Top 6 cybersecurity books for IT auditors Introduction Like many other information security professionals, you probably have a library of books on the topic of your career choice. Not only that, but like many others, yours…

Podcast recap: Email attack trend predictions for 2020

Read the original article: Podcast recap: Email attack trend predictions for 2020 Introduction Email continues to be a major method of communication in both personal and professional contexts. The sheer proliferation of information transmitted via email every day makes it…

The Most Common Social Engineering Attacks [Updated 2020]

Read the original article: The Most Common Social Engineering Attacks [Updated 2020] Introduction In his book, “The Art of Deception,” popular hacker Kevin Mitnick explained the power of social engineering techniques. Today, we are aware that social engineering can be…

Capture the flag: A walkthrough of SunCSR’s Sumo

Read the original article: Capture the flag: A walkthrough of SunCSR’s Sumo Introduction Welcome to my write-up for the Sumo machine from VulnHub. This is a beginner-level, intentionally vulnerable virtual machine created for the purposes of testing and strengthening one’s……

Lab: Hacking an Android Device with MSFvenom [Updated 2020]

Read the original article: Lab: Hacking an Android Device with MSFvenom [Updated 2020] Learn penetration testing Build your real-world pentesting skills through 34 hands-on labs. This skills course covers ⇒ Web app hacking ⇒ Hacking with Android ⇒ Ethical hacking…

Network Design: Firewall, IDS/IPS

Read the original article: Network Design: Firewall, IDS/IPS Introduction There are many different types of devices and mechanisms within the security environment to provide a layered approach of defense. This is so that if an attacker is able to bypass…

21 cybersecurity products to combat APT29: MITRE weighs in

Read the original article: 21 cybersecurity products to combat APT29: MITRE weighs in Introduction MITRE, a not-for-profit organization based in the US, is best known for its globally accessible knowledge base of cyber adversary strategies and techniques popularly referred to…

Bypassing security products via DNS data exfiltration

Read the original article: Bypassing security products via DNS data exfiltration Introduction  Criminals are using different strategies to compromise computer networks, infrastructures and organizations. Cyber incidents have increased in number and complexity since the… Go on to the site to…

App isolation in Windows 10

Read the original article: App isolation in Windows 10 What is app isolation in Windows 10? Suppose you want to install and run a new program on Windows but you think it may be risky and may harm your system.…

How to use Radare2 for reverse engineering

Read the original article: How to use Radare2 for reverse engineering Introduction This article defines reverse-engineering as it is used in the analysis of software. We will explain in detail how to use radare2 for reverse engineering. It exposes techniques…

Windows Supported wireless encryption types

Read the original article: Windows Supported wireless encryption types Introduction We all want to keep our wireless network secure, to keep our personal data and information safe, don’t we? Fortunately, Windows supports multiple wireless encryption types. You, as… Go on…

Configuring DNS in AWS

Read the original article: Configuring DNS in AWS Introduction The Domain Name System (DNS) is necessary for routing traffic across the internet. It accomplishes this task by converting easily remembered domain names (example.com) into the IP… Go on to the…

AWS Storage Services

Read the original article: AWS Storage Services Introduction Amazon offers several storage services, each optimized for specific use cases. In order to choose the best storage for your application, first we must understand the various offerings…. Go on to the…

Cross-Site Request Forgery (CSRF) Vulnerabilities

Read the original article: Cross-Site Request Forgery (CSRF) Vulnerabilities Introduction to cookies and user authentication Cross-site request forgery (CSRF) vulnerabilities are designed to take actions on a website on behalf of an authenticated user. Accomplishing this… Go on to the…

HTTP-based Vulnerabilities

Read the original article: HTTP-based Vulnerabilities Introduction to HTTP and HTML vulnerabilities Web applications are commonly targeted by cybercriminals. The combination of public exposure and potential access to sensitive data makes them easily… Go on to the site to read…