5 reasons to implement a self-doxxing program at your organization
Human beings are social animals, and most of us like to connect with others. In doing so, we tend to share personal data. In an age where that personal data
New Sudo flaw used to root on any standard Linux installation
A recent vulnerability tracked as CVE-2021-3156 in Sudo, a powerful utility used on any standard Linux installation, could allow unprivileged local users to gain root privileges on a vulnerable host.
What is homomorphic encryption?
Homomorphic encryption is a security technology that allows you to safely run and store your confidential data in cloud environments. As with most technologies, there are going to be some
6 most sophisticated phishing attacks of 2020
Any time there is a large disruption in our daily life, cybercriminals jump to the chance to engage in new forms of social engineering attacks. One of the most common
Man-in-the-middle attack: Real-life example and video walkthrough [Updated 2021]
Is your web browsing private, or is a man in the middle looking at everything you do? Learn what a man-in-the-middle (MITM) attack is, how to set up and execute
Cryptocurrency Enforcement Framework: Impacts on digital forensic investigations
Back in 2010, Laszlo Hanyecz bought two pizzas for 10,000 bitcoins. This was the first transaction using the novel technology based on a blockchain, cryptocurrency. As I write, a single
Understanding the tools/scripts you use in a Pentest
Earlier today a student shared with the infosec community that they failed their OSCP exam because they used a popular Linux enumeration tool called linPEAS. linPEAS is a well-known enumeration
Encryption and etcd: The key to securing Kubernetes
While it is easy to deploy containers, operationalizing these containers at scale — especially in concert with microservices and multiple cloud providers — requires careful planning. This is where an
What is a security champion? Definition, necessity and employee empowerment [Updated 2021]
A new kind of hero: Security champion In today’s world of malware, ransomware, hacking, phishing and other never-ending threats, the need for employee vigilance has never been greater. How does
Turla Crutch backdoor: analysis and recommendations
Crutch is a newly discovered backdoor from Turla advanced persistent threat (APT), a Russian-linked threat actor, used in a recent cyberattack against an country’s Ministry of Foreign Affairs. The attack
What’s New for April 2021
We’ve decided to try a new, “What’s New at OffSec” blog post series to share Offsec and cybersecurity industry-related news, interesting happenings, topics, thoughts and more. Admittedly inspired by Bungie’s
Uncovering and remediating malicious activity: From discovery to incident handling
Over the years, industry and government have realized that collective intelligence is needed to tackle cybersecurity threats. A recent alert from the Cybersecurity and Infrastructure Security Agency (CISA) — Alert
JavaScript obfuscator: Overview and technical overview
JavaScript has long been used as a method of hiding malicious payloads, especially via websites. A new development has seen this technology leveraged as a phishing email attack vector. When
Excel 4.0 malicious macro exploits: What you need to know
Excel 4.0 XLM macros have existed for more than three decades, but they have only recently gained popularity among attackers. Although Microsoft has long recommended VBA macros instead of XLM,
Mission-critical supply chain software: A growing operational priority
Security Magazine | Mission-critical supply chain software: A growing operational priority | 2021-04-01 | Security Magazine This website requires certain cookies to work and uses other cookies to help you
Malicious Excel attachments bypass security controls using .NET library
A recent threat group called Epic Manchego is using a new technique to create Excel files to bypass antivirus (AV) and and get low detection rates. By exploring how criminals
Volodya/BuggiCorp Windows exploit developer: What you need to know
Check Point researchers unveiled the identity of two authors responsible for zero-day attacks on Windows using a novel technique that allows them to recognize and identify malicious developers. According to
Insider threat report: Former Twitter employees charged with spying for Saudi Arabia
Spies within Twitter Insider threats are malicious threats to an organization that come from employees and other people working at that organization. This type of threat is particularly difficult to
AWS security and compliance overview
Amazon offers many solutions for ensuring your environment is secure and meets many industry standard compliance frameworks. By properly utilizing tools such as Cognito and Organizations, you will ensure your
Machine learning for social engineering
Social engineering is a form of communication that aims at gaining people’s trust at first and then prompting them to share sensitive information or do something the attacker would take
Cellular Networks and Mobile Security
Despite their seemingly endless coverage (your mileage will definitely vary), cellular network security has proven to be surprisingly robust over the years. There have been security issues over the years
Wi-Fi security
Wi-Fi is one of those things that has become so ubiquitous that it can be extremely easy to just forget to turn it off on your mobile device before you
Secure network protocols
For a very long time, having devices just work on a network was a feat in itself. This meant that the protocols involved didn’t necessarily need to be secure, they
Quantum cyberattacks: Preparing your organization for the unknown
Quantum computing days are coming Quantum computing has been a buzzword for several years. And while it’s still the early days, several industries have been showing progress, and 2020 brought
Trend Micro 2020 Annual Cybersecurity Report
Trend Micro – The global pandemic led to a dramatic transformation in the workforce. Organizations were tasked with the challenge of sustaining a year-round remote work setup and handling the
ATT&CK 2021 Roadmap
Amy L. RobertsonMar 16 · 9 min read A review of how we navigated 2020 and where we’re heading in 2021 With the monumental disruptions, challenges, and hybrid work environments
How CISOs can stay ahead of ransomware attacks
Trend Micro – Ransomware continues to hinder enterprises with targeted attacks using a myriad of techniques, including 2020’s most common approach of double extortion. Organizations need to stay alert and
An Introduction to asymmetric vs symmetric cryptography
Most people are aware of the basic idea behind cryptography — hiding a message with a code that can only be decoded by your intended recipient. However, this basic description
Top nine phishing simulators [updated 2021]
The title of this article was supposed to be “Top 9 Free Phishing Simulators.” However, after much searching, trying, visiting of broken links, filling out forms and signing up for
Most common MITRE ATT&CK tactics and techniques: CISA shares most common RVAs
Introduction CISA has released a list of Risk and Vulnerability Assessments, or RVAs, to the MITRE ATT&CK Framework and have released their findings to the public in a data-packed report.
Breaking misused stream ciphers
Encryption algorithms can be classified in a couple of different ways. A top-level distinction is between symmetric encryption algorithms (which use the same keys for encryption and decryption) and asymmetric
Entropy calculations
Entropy is a measure of the randomness in a system. The more random the system, the less predictable it is and the higher its entropy. Entropy and cryptanalysis Entropy is
Blockchain and hash functions
Hash functions are cryptographic algorithms designed to protect the integrity of data. Hash functions have a few useful properties, including: One-way: Hash functions are one-way functions, meaning that it is
The Broader Application of Pentesting Skills
Entering or advancing in an information security career requires an investment in training and certification. Whether you’re new to infosec or interested in transitioning from another industry, a few certifications
Blockchain and asymmetric cryptography
Blockchain technology makes it possible to solve business problems in ways that were previously impossible. A major enabler of this is the decentralization of the blockchain’s digital ledger. Blockchain’s decentralization
AWS APIs abuse: Watch out for these vulnerable APIs
In December 2020, Unit 42 researchers at Palo Alto Networks discovered a class of AWS application programming interfaces (APIs) that can be abused to enumerate sensitive information about a target’s
Attacking block creation
Blockchain is a relatively new technology that is achieving rapid adoption. It has a number of built-in protections and incentives designed to allow the decentralized network to maintain and secure
Decrypting SSL/TLS traffic with Wireshark [updated 2021]
The internet wasn’t designed to be secure from the start. Many protocols (such as HTTP and DNS) were designed to serve their purpose of conveying information over the network without
Dumping a complete database using SQL injection [updated 2021]
What is SQL injection? SQL Injection is a web-based attack used by hackers to steal sensitive information from organizations through web applications. It is one of the most common application
Highly skilled & well-funded: The new booming threat in cybercrime
Security Magazine | Highly skilled & well-funded: The new booming threat in cybercrime | 2021-03-01 | Security Magazine This website requires certain cookies to work and uses other cookies to
Key findings from ESG’s Modern Application Development Security report
A deep dive into security issues In August 2020, the Enterprise Strategy Group (ESG) published its report, “Modern Application Development Security.” ESG is a company specialized in IT-related research. It
CloudGoat walkthrough series: IAM privilege escalation by attachment
This is the fourth in the walkthrough series of the CloudGoat scenarios. CloudGoat is a “vulnerable by design” AWS deployment tool designed by Rhino Security Labs. It is used to
11 phishing email subject lines your employees need to recognize
By now, we’ve all probably received an enticing email from a long-lost relative promising untold riches and wealth. In fact, there might be a few sitting in your spam box
Phishing with Google Forms, Firebase and Docs: Detection and prevention
The COVID-19 pandemic spurred a massive shift toward telework as companies tried to both stay operational and safe. One of the biggest impacts of this shift was an increased reliance
What is blockchain?
What is Blockchain? Blockchain is built from layers rather than in one big piece. Cryptographic algorithms and data structures are part of the lowest layer of blockchain technology. Blockchain blocks
How to implement common logic constructs such as if/else/loops in x86 assembly
In the last few articles on x86 assembly, we discussed a variety of concepts which include x86 Instruction Set Architecture, x86 syntax types, data representation, commonly used x86 instructions, building
How to control the flow of a program in x86 assembly
x86 assembly language just like most other programming languages provides us with the ability to control the flow of the program using various instructions. This article provides an overview of
Mitigating MFA bypass attacks: 5 tips for developers
Introduction App developers have enough reasons to integrate multi-factor authentication (MFA) into their offerings. Passwords just don’t do the trick, as they’re vulnerable to brute force and can be stolen