Introduction The increase in the use of mobile applications comes with an increase in hackers targeting them. A Symantec survey found that 1 in 36 devices had high-risk apps installed. Mobile… Go on to the site to read the full…
Tag: InfoSec Resources
Phishing technique: Message from the boss
Introduction Is it possible for you to ignore an email sent by your boss? Phishers believe that you probably would not, and this is the reason they are getting better at mimicking them. According to… Go on to the site…
Cyber Work podcast: Email attack trend predictions for 2020
Introduction In this episode of Infosec’s Cyber Work podcast series, host Chris Sienko chats with Evan Reiser, CEO of Abnormal Security. They discuss where email attacks are headed in 2020, as well… Go on to the site to read the…
Virtualization-based sandbox malware
Introduction Sandboxing is well known for its ability to execute code safely without potential malicious effects afflicting a system. They are normally used when testing out how programs and… Go on to the site to read the full article …
MITRE ATT&CK: System shutdown/reboot
Introduction When system features are used against the system itself, attackers have a unique opportunity to use the in-built capabilities of a computer to make it do what they want. Everyone knows… Go on to the site to read the…
Phishing techniques: Clone phishing
Introduction Trust is an important part of any relationship and once it has been established, you can generally ignore any kind of vetting you have to do for the person. When you trust someone,… Go on to the site to…
Domain vs Workgroup accounts in Windows 10
Introduction Computers have been categorized by a variety of user accounts for years, with Windows systems being no exception. Having different types of accounts makes computer management easier for… Go on to the site to read the full article …
Cyber Work: How to become an APT hunter with Carbon Black
Introduction In this episode of Infosec’s cybersecurity podcast series Cyber Work, host Chris Sienko talks with David Balcar, security strategist at Carbon Black. They discuss a wide range of topics,… Go on to the site to read the full article…
Bluetooth security in Windows 10
Introduction For a wireless technology standard formally established in the 1990s, Bluetooth has shown remarkable resilience and longevity. More than two decades later, we now have more… Go on to the site to read the full article Advertise on…
Network traffic analysis for IR: Basic protocols in networking
Introduction In this article, we’ll discuss some of the basic protocols that are commonly used in computer networking. A good understanding of computer networking is required by fresh hackers in… Go on to the site to read the full article…
The top 5 states for cybersecurity jobs
The rising demand for infosec jobs The demand for cybersecurity jobs hasn’t waned in the last decade. On the contrary, the talent gap has been widening. And given the growing magnitude of data… Go on to the site to read…
Cyber Work: How data science and machine learning are affecting cybersecurity
Introduction In this episode of Infosec’s Cyber Work podcast, host Chris Sienko spoke with Anu Yamunan, VP of product management and research at Exabeam. They discussed her 18-year experience path of… Go on to the site to read the full…
Jackpotting malware
Introduction Jackpotting malware is not well known because it exclusively targets automated teller machines (ATMs). This means it usually doesn’t directly affect a large number of people. However,… Go on to the site to read the full article Advertise…
RS-232 and RS-485
Introduction RS-232 and RS-485 both belong to the serial interface family. A serial interface is a communication interface in which data is transmitted bit by bit. A high logical voltage is… Go on to the site to read the full…
Cyber Work: The dangers of Role-Based Access Control (RBAC)
Introduction In this episode of Infosec’s Cyber Work podcast, host Chris Sienko chats with Balaji Parimi, founder and CEO of CloudKnox Security. They discuss current problems with Role-Based Access… Go on to the site to read the full article …
Maze ransomware
Introduction One of the many recurring themes in cybersecurity echoes one of the great mottos in life of “the only thing constant is change.” Ransomware is no exception to this rule, and this is best… Go on to the site…
Single Sign-On in Windows 10
Introduction They say that simplicity is key in life and this could not apply to anything more than it does to user authentication. Imagine being able to securely use one set of login credentials for… Go on to the site…
MITRE ATT&CK: Credential dumping
Introduction When attackers have established a foothold in a system, one of their primary objectives is typically to find user (or otherwise privileged) credentials — usernames and passwords…. Go on to the site to read the full article Advertise…
Malware spotlight: Tarmac
Introduction Many people wrongly believe that Mac computers are unable to get viruses. This belief is far from true. nVir, the first virus targeting Macintosh computers, appeared in 1987 and remained… Go on to the site to read the full…
Cyber Work Podcast: Getting started in Red Teaming
Introduction In this episode of Infosec’s cybersecurity podcast series Cyber Work, host Chris Sienko talks with Curtis Brazzell, managing security consultant at Pondurance, a managed detection and… Go on to the site to read the full article Advertise on…
Network traffic analysis for IR: Introduction to networking
Introduction Computer networking is one of the most important skills that incident responders are required to have. Analyzing network traffic as an incident responder is about more than just noting… Go on to the site to read the full article…
Connecting to secure wireless networks in Windows 10
Introduction Though they offer undeniable benefits of mobility, cost and convenience, wireless networks are less desirable from a security perspective. There is always a risk that signals can get… Go on to the site to read the full article …
Hack the Box (HTB) machines walkthrough series — Gitlab
Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is of an HTB machine named Gitlab. HTB is an excellent platform that… Go on to the site to…
North America’s top IT security conferences in 2020
Introduction: Why attend conferences? This year will bring plenty of opportunities for professionals to attend conferences, getting them exposed to new products and tools showcased by companies… Go on to the site to read the full article Advertise on…
MAC filtering in Windows 10
Introduction There are many options available to a Windows 10 user when it comes to managing computer networks, both wired and wireless. Some of them are incredibly vital while others offer less… Go on to the site to read the…
Introduction to the OWASP API Top Ten
The OWASP Project The Open Web Application Security Project (OWASP) is best known for its list of the top ten web application vulnerabilities. This list is updated every few years and is designed to… Go on to the site to…
Certifications compared: GCFE vs. CFCE vs. CCE
Introduction: What role does forensic science play in cybercrime investigations? As cybercrimes grow in terms of number of attacks and cost to organizations and businesses, it is obvious that… Go on to the site to read the full article …
Admin vs non-admin accounts in Windows 10
Introduction Coke versus Pepsi. Mac versus PC. Red versus Blue. There are some arguments that have been around for so long that the idea of one side or the other being 100% correct are slim to none…. Go on to…
NIST CSF: Cybersecurity basics — Foundation of CSF
Introduction The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is all about the security of critical Infrastructure. NIST SP 800-30, Rev. 1 defines critical… Go on to the site to read the full article Advertise on…
Network Traffic Analysis for IR — Discovering RATs
Introduction A Remote Access Trojan (RAT) is part of the malware family. It enables covert surveillance, a backdoor channel and unfettered and unauthorized remote access to a victim’s computer. Using… Go on to the site to read the full article…
Hack the Box (HTB) machines walkthrough series — Aragog
Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is of an HTB machine named Aragog. HTB is an excellent platform that… Go on to the site to…
Secure your APIs — don’t give hackers a chance!
Introduction The use of APIs is now ubiquitous, and the “API economy” is well and truly established. From cloud-based services, back-end services for mobile apps, internal server-to-server services,… Go on to the site to read the full article Advertise…
Types of user accounts in Windows 10 (local, domain, Microsoft)
Introduction Years ago, I was just starting out in tech. I was located at a remote facility compared to the rest of the company, and we had someone that was demanding domain administrator… Go on to the site to read…
How to use Windows Recovery Environment
Introduction It’s frustrating when a Windows operating system fails to boot or restarts unexpectedly. Maybe the problem is a corrupted disk or missing files, or maybe you just can’t be sure. … Go on to the site to read the full…
How to reset Windows 10
Introduction Windows 10 has been on a roll, offering users unprecedented choice regarding both customization of their system and different ways to get things done — including recovery options. Reset… Go on to the site to read the full article…
How to use Windows Backup and Restore Utility
Introduction Since its first appearance in the Windows OS family in Windows 7, the Backup and Restore utility has been the go-to for managing the all-too-important backup and restore jobs Windows… Go on to the site to read the full…
Network traffic analysis for IR: Analyzing IoT attacks
Introduction The Internet of Things (IoT) incorporates everything from tiny sensors and devices to huge structures like cloud computing. IoT includes the major networks types, such as vehicular,… Go on to the site to read the full article Advertise…
NIST CSF: Implementing NIST CSF
Introduction The National Institute of Standards and Technology’s Cybersecurity Framework, or NIST CSF, was first published in 2014 to provide voluntary guidance for organizational cybersecurity… Go on to the site to read the full article Advertise on IT Security…
Driver Security in Windows 10
Introduction Drivers are an essential group of files that allow a hardware component(s) to communicate with the computer’s operating system (OS). If an attacker successfully exploits a kernel-based… Go on to the site to read the full article Advertise…
How to use Microsoft Passport in Windows 10
Introduction Passwords, the long-relied-upon information security measure that helps secure billions of user accounts daily, have become a little long in the tooth. When you consider advances in… Go on to the site to read the full article Advertise…
What is NoSQL injection?
Introduction to injection Injection attacks are considered some of the most dangerous types of vulnerabilities in existence. According to the OWASP Top Ten List of web application vulnerabilities,… Go on to the site to read the full article Advertise…
Web server security: Web server hardening
Introduction A web server is not just any other device that you employ in your network environment. Unlike other devices sitting behind layers of defenses and firewalls, web servers sit at the rim of… Go on to the site to…
Hack the Box (HTB) machines walkthrough series — Networked
Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is of an HTB machine named Networked. HTB is an excellent platform… Go on to the site to read…
Getting Started with Web Server Security
Introduction The role that the internet plays in people’s lives and business operations has only continued to increase as advancements in web services, web-based applications and other services have… Go on to the site to read the full article …
How to use Credential Manager in Windows 10
Introduction Windows Credential Manager is a Windows feature that, both due to its user friendliness and popularity, was brought over to Windows 10. Since its debut in Windows 7, Credential Manager… Go on to the site to read the full…
Industrial Ethernet
Introduction Industrial Control Systems (ICS) are different from conventional IT systems. ICS typically source data from remote sensors and transmit commands to machines for the relevant action to… Go on to the site to read the full article Advertise…
Considering cyber insurance? Here’s what you need to know
The growing need for cyber insurance Fueled by the growing number of data breaches, an expanding attack surface and a shortage of cybersecurity talent, cyber risk is a mounting concern for… Go on to the site to read the full…
How to configure Picture Passwords and PINs in Windows 10
Introduction When you first think of the concept of a picture password, you may think of something like the old TV show classic “Concentration,” or a typical emoji-based conversation — a bunch of… Go on to the site to read…
Zero-day attacks: Protections, best practices and how to implement them
Introduction Zero-day attacks are one of the most dangerous cybersecurity threats. This type of cyberattack targets software vulnerabilities previously unknown to software or antivirus vendors,… Go on to the site to read the full article Advertise on IT Security…
FOUNDATION Fieldbus
Introduction Foundation Fieldbus was designed to replace analog connections in the refining, petrochemical and nuclear industries. It was first proposed in 1984 and standardized in 1996. Foundation… Go on to the site to read the full article Advertise on…
Account Management Concepts for ICS/SCADA environments
Introduction Industrial Control Systems (ICS) are part of the Supervisory Control and data acquisition environments. These systems are responsible for the infrastructure of our cities and towns. ICS… Go on to the site to read the full article Advertise…
PROFIBUS and PROFINET
Introduction Profibus and Profinet were created and designed by the same organization. Profibus stands for Process Field Bus and Profinet stands for Process Field Net. Since both were created by the… Go on to the site to read the full…
How to use Credential Guard in Windows 10
Introduction One of the proverbial gems in the crown of a successful attack is user credentials, and it is understandable why. Once an attacker has a compromised system’s credentials, most of the… Go on to the site to read the…
What companies need to know about proposed changes to the Gramm-Leach-Bliley Act
Introduction: What is the Gramm-Leach-Bliley Act (GLBA)? Also called the Financial Modernization Act of 1999, GLBA governs the way in which financial institutions must prevent the disclosure of… Go on to the site to read the full article Advertise…
Hack the Box (HTB) machines walkthrough series — Arctic
Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is of an HTB machine named Arctic. HTB is an excellent platform that… Go on to the site to…
Access Control Implementation in ICS
Introduction Industrial Control Systems (ICS) differ from traditional information technology (IT) systems, making the implementation of certain security controls difficult. Access Controls (AC) deal… Go on to the site to read the full article Advertise on IT Security News.…
Ethical hacking: IoT hacking tools
Introduction IoT (Internet of Things) and embedded devices present a new challenge to ethical hackers hoping to understand the security vulnerabilities these devices contain. To hack IoT interfaces… Go on to the site to read the full article Advertise…
4 Times a Security Breach Was Narrowly Avoided
Introduction We’ve all heard of prominent companies who have been a victim of a data breach. Little to no attention, however, is given to organizations that narrowly avoided security-shaking… Go on to the site to read the full article …
ICS Components
Introduction All components that are discussed in this writing can be found in the two types of ICSes: Supervisory Control and Data Acquisition (SCADA) and Distributed Control System (DCS). An ICS… Go on to the site to read the full…
What is Malware Obfuscation?
Introduction Malware has been a threat to companies and individuals since the 1970s, when the Creeper virus was first discovered. Since then, the globe has faced threats from hundreds of thousands of… Go on to the site to read the…
Debugging Basics
Introduction The journey to coding mastery will come with a few bumps in the road. Some can be easily resolved by taking a closer look at the code. Others, however, give the learning coder the… Go on to the site…
Application Management in Windows 10
Introduction Since the introduction of applications (apps) into the Windows operating system family, apps have become a sort of nexus between Windows computer systems and mobile devices. Borrowing… Go on to the site to read the full article Advertise…
Top IT security conferences you should attend in 2020
Introduction: Why attend conferences? Conferences are a great way to gain information and knowledge about advances on cutting-edge technologies but are also opportunities to meet and connect with… Go on to the site to read the full article Advertise…
4 predictions for 2020: Looking into the regulatory crystal ball
Introduction Moving into the second month of 2020, data privacy and security is still headline news. At the end of January, the United Nations called for additional investigations into the Jeff Bezos… Go on to the site to read the…
Securing Windows 10 with Local Group Policy
Introduction When it comes to quickly making wide-ranging modifications to Windows systems, Group Policy is usually at the top of the list for ease-of use and raw power. The problem is that most… Go on to the site to read…
Reverse Engineering and Malware Analysis Tools
Introduction Reverse-engineering and malware analysis tools have an important role to play in terms of cybersecurity. For example, app developers and security teams can implement these control… Go on to the site to read the full article Advertise on…
Top cybersecurity lessons for e-commerce website administrators
Introduction In 2018, card-skimming malware targeting Magento-based online stores resulted in the infection of 7,339 e-commerce sites. Any customer entering card details into the site then had those… Go on to the site to read the full article Advertise…
Ethical hacking: wireless hacking with Kismet
Introduction To continue our ethical hacking series, we are now going to dive deeper into the process of wardriving, wireless hacking and the roles that the Linux tool Kismet plays in an ethical… Go on to the site to read…
Malware spotlight: Droppers
Introduction There’s a cloud of confusion around droppers. Often seen as a sort of helper program in a cyberattack, droppers are actually a type of malware that plays an instrumental role. It should… Go on to the site to read…
Network Traffic Analysis for IR: SSH Protocol with Wireshark
Introduction to the SSH protocol The Secure Shell (SSH) is designed to allow confidential and authenticated remote access to a computer. Like the Telnet protocol, it enables a user to remotely access… Go on to the site to read the…
Network traffic analysis for IR: Analyzing DDoS attacks
Introduction Distributed Denial-of-Service (DDoS) attacks are one of the powerful cyber weapons threat actors use today. We often hear about a website being “brought down by attackers,” and in most… Go on to the site to read the full article…
Cybercrime investigator resume tips
Introduction Looking for your first job in the exciting field of cybercrime investigation? Or perhaps you’re a seasoned cybercrime investigator looking for your next promotion? You’ll need a resume… Go on to the site to read the full article …
Wireshark for Incident Response 101
Introduction to Wireshark Wireshark is a freely available tool for network traffic analysis. It can be used to either analyze saved packet capture files or perform live traffic capture of packets… Go on to the site to read the full…
Malware spotlight: EvilGnome
Introduction The name EvilGnome may conjure images of a malicious creature of folklore. Instead, this name actually refers to an emerging type of malware recently detected by malware researchers…. Go on to the site to read the full article …
What’s new in ethical hacking: Latest careers, skills and certifications
Put on your white hat and learn how to hack for the good guys! Ethical hackers use the same techniques used by cybercriminals to assess an organization’s vulnerabilities and help keep them safe. Join… Go on to the site to…
Malware spotlight: Nodersok
Introduction The zombie movie film genre has long been a favorite among horror film fanatics, as shown by the ever-growing number of films that portray an undead apocalypse. Each of these zombie… Go on to the site to read the…
MITRE ATT&CK: Disk content wipe
Introduction Classic moves, no matter what the subject matter is, are timeless. Be it the hook shot in basketball, the uppercut in boxing or the pirouette in ballet, these are moves that you remember… Go on to the site to…
The user experience of security
Introduction Back in the 1990s, when you mentioned cybersecurity to anyone, a glazed look would come over their face. And fair enough. Security, as a discipline of IT, was a bit dry and boring. Then… Go on to the site…
MITRE ATT&CK: Disk structure wipe
Introduction Denying the availability of systems and resources of an attack target is a main objective of many real-world attack campaigns. If you were going to disrupt a target, this denial of… Go on to the site to read the…
Benefits of teaching employees to hack
Introduction You know that look in an employee’s eye when you announce the call to cybersecurity awareness training. They already work in IT or know a lot about computing. They also let you know they… Go on to the site…
Malware spotlight: Wabbit
Introduction Beginnings are often steeped in myth, legend and a good helping of storytelling, with malware being no exception to this rule. Way back in 1974, before many of our readers were born,… Go on to the site to read…
MITRE ATT&CK: Supply chain compromise
Introduction Attackers are well known to install malicious software, or malware, onto compromised systems during a cyberattack. But what many may not know is that this is not the first opportunity… Go on to the site to read the full…
NIST CSF core functions: Detect
Introduction The National Institute of Standards and Technology’s Cybersecurity Framework, or NIST CSF, was first published in 2014 to provide guidance for organizational cybersecurity defenses and… Go on to the site to read the full article Advertise on IT…
How Women’s Society of Cyberjutsu is diversifying security | Cyber Work Podcast
Mari Galloway, CEO of Women’s Society of Cyberjutsu, and Cyber Work podcast host Chris Sienko discuss Mari’s career journey, the ethos of Women’s Society of Cyberjutsu, and insights on how to diversify the cybersecurity workforce. View the transcript, additional episodes…
MITRE ATT&CK: Shortcut modification
Introduction Most people love shortcuts — they make things faster and easier. This common passion is behind a lot of the conveniences we experience on a daily basis. Shortcuts have impacted modern… Go on to the site to read the…
Cyber Work: How to become a Chief Information Security Officer
Introduction In this episode of Infosec’s cybersecurity podcast series Cyber Work, host Chris Sienko talks with Joshua Knight, cybersecurity business leader at Dimension Data, about how to become a… Go on to the site to read the full article …
MITRE ATT&CK: External remote service
Introduction If you would have told the average person fifty years ago that in the future people would be able to view what you are doing on a personal computer screen in your home or at your office,… Go on…
Malware Obfuscation, Encoding and Encryption
Introduction Malware is complex and meant to confuse. Many computer users think malware is just another word for “virus” when a virus is actually a type of malware. And in addition to viruses,… Go on to the site to read…
Ethical Hacking: How to hack a web server
When practicing ethical hacking, a hacker is searching for vulnerabilities. An ethical hacker has several reasons to try gaining unauthorized control of a web server, though the primary reason is to… Go on to the site to read the full…
Response to IT industry trends analysis 2020
Introduction The Computing Technology Industry Association (CompTIA) has just published its Industry Trends Analysis 2020. This publication takes a generalized look at the landscape in which IT… Go on to the site to read the full article Advertise on…
Network Traffic Analysis for Incident Response: Internet Protocol with Wireshark
Introduction to the Internet Protocol The Internet Protocol (IP) is the most widely-used network-level protocol. Common transport-level protocols, the Transport Control Protocol (TCP) and the User… Go on to the site to read the full article Advertise on IT…
Email attack trend predictions for 2020 | Cyber Work Podcast
Evan Reiser, CEO of Abnormal Security, and Cyber Work podcast host Chris Sienko discuss where email attacks are headed in 2020 and how AI and machine learning can help detect business email compromise. View the transcript, additional episodes and promotional…
Train or entertain? Do both with this security awareness program plan [Updated 2020]
Security awareness and training is a vital part of any cybersecurity strategy. After all, human error is the root cause of a quarter of all breaches. For years, organizations have opted for… Go on to the site to read the…
MITRE ATT&CK: Port knocking
Introduction Ports are like the doors into or out of a network, where information must pass through them to enter or exit an organization’s network. Now, when you knock on a door in physical reality,… Go on to the site…
Malware spotlight: Hybrid malware
Introduction Hybrid malware, also known as combo malware, is a combination of two or more different types of attacks — usually a Trojan horse or worm with adware or malware attached. Hybrid malware… Go on to the site to read…
PCI Security Standards Council talks security awareness and training | Cyber Work Podcast
Are your employees prepared to protect the cardholder data they process, store and transmit? With over 120 billion card payments — or $6.48 trillion dollars in transactions — processed yearly in the U.S. alone, it’s easy to see why payment…
Malware spotlight: Mirai
Introduction If you ask any number of information security experts about emerging platforms you will hear many answers, but the Internet of Things, or IoT, will be one of the top responses. Attackers… Go on to the site to read…
ICMP Protocol with Wireshark
Introduction to ICMP Unlike the Transport Control Protocol (TCP) and User Datagram Protocol (UDP), the Internet Control Message Protocol (ICMP) is not designed for carrying data. While ICMP packets… Go on to the site to read the full article …
NIST CSF self-assessments
Introduction The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) provides guidance for organizations regarding how to better manager and reduce cybersecurity risk… Go on to the site to read the full article Advertise on IT Security…
Ethical hacking: Top 6 techniques for attacking two-factor authentication
Introduction Two-factor authentication (2FA) has been renowned for some time now for the security it can bring to organizations. The combination of something you know, something you have and… Go on to the site to read the full article …