Several months after the Heartbleed OpenSSL flaw made news as one of the most serious Internet security breaches ever, the open source community once again scrambled to patch another major security bug – Shellshock. Today Shellshock continues to be used by hackers to exploit vulnerabilities.
I’m anything but shocked. I […]
It sounds like the 90s sci-fi horror thriller, “Tremors”.
Unfortunately, today, it could easily be a headline from the recent space of distributed-denial-of-service attacks targeted at private, education, government, and corporate networks & computer systems.
According to Symantec’s recent whitepaper, titled ‘The Continued Rise of DDoS Attacks’, 60 percent of companies […]
What is Online Defamation /a.k.a. Cyber Libel/ and How it Pertains to some Contemporary Legal Systems
Preface: Balancing Freedom of Expression and Reputation Protection
The right to freedom of expression – is there a better way to begin this topic? What could be perceived as a written embodiment of one of the holy pillars of modern human rights also appears to be in an unspoken conflict […]
In this article we will learn about the latest NAT-PMP vulnerability being discovered, which will affect around 1.2 billion SOHO routers worldwide.
What is a SOHO network?
SOHO stands for small office/home office which is a type of LAN network being designed for very small networks. A SOHO network can be […]
In this article, we will look at cracking access points using WPA-PSK or WPA2-PSK using Wifite.
If you have used tools like airodump-ng, aircrack-ng etc to crack WPA access points before, you would know that the required thing to successfully crack a WPA-PSK network is a captured WPA four-way handshake. […]
In 2013, Imperva, a company providing information security products and services, published a study analyzing attack traffic against 60 web applications within the time period of January-March 2013. The study found that the sources of multiple attacks constitute a large percent of the total sources of attacks. For […]
If you’re a CTO or a network admin, you’ve probably memorized some of the basics of network security. Have lots of well-configured firewalls and IDS/IPS devices. Use switches instead of hubs. Make sure everyone uses complex passwords and make sure they don’t write them down anywhere. Have lots of […]
The rapid diffusion for the cloud computing paradigm and promised benefits for the adoption of cloud infrastructure are attracting a growing number of businesses and organizations.
Of course, it is essential for organizations to maximize the benefits of migration to cloud architecture by reducing costs and minimizing risks.
Cloud computing represents […]
In a scenario where a lot of users connect to a wireless network and where they occasionally lose their connections, an individual or a company can tweak the wireless router’s advanced settings to optimize the performance of users, and solve the problem of some users unable to obtain an […]
In recent weeks, security experts at Kaspersky Lab have observed several attacks on Automated Teller Machines (ATMs) which were infected by malware dubbed Tyupkin. Tyupkin is one of the most popular malwares used by criminals to compromise ATMs and force these machines to release cash on demand. Experts at […]
In this article we’re going to take a look at how to secure a WordPress installation against attackers in an IaaS virtual machine. Virtual machines can be rented with various IaaS cloud providers, and only a credit card is needed to actually rent a virtual machine, which is quite […]
When official details of the new features in Android 5.0 Lollipop were released last week, Android Smart Lock piqued my interest. It’s a lock screen controlling feature that uses Bluetooth connectivity between a user’s Android 5.0 devices to unlock phone, tablet, and smartphone screens when they’re within the broadcast […]
In this article we will learn about the how SSL has reaches its end with various vulnerabilities. This article will also cover the recent vulnerability discovered by Google researchers and is termed as a POODLE attack.IntroductionSecure Socket Layer (SSL) protocol was discovered to provide secure transmission between two parties. […]
In this article series, we will look at a tool named Wifite suitable for automated auditing of wireless networks. Most of you who have experience in wireless pentesting would use tools like airmon-ng, aireplay-ng, airodump-ng, aircrack-ng to crack wireless networks. This would involve a sequence of steps, like capturing […]
Android fans such as myself have been eagerly anticipating the upcoming new stable version of Android, 5.0 Lollipop.
Android 5.0 was introduced with the codename “Android L” at the Google I/O convention in June 2014. At the time, we didn’t know if “Android L” was going to be 4.5 or […]
In this article we will learn about a transition technology in networking known as Teredo tunneling. There are various transition technologies already in place such as 6to4, but because of some shortcoming of the existing technologies, Teredo was developed. Teredo has some security considerations which will be covered later […]
In October 2008, an assassination attempt against exiled former Pakistani Prime Minister Benazir Bhutto was carried out by al-Qaeda operatives in the form of a roadside bombing of her caravan. The first sign that an attack was about to occur, according to witnesses, was the sudden switching off of public streetlights […]
XXE (XML External Entity attack) is now increasingly being found and reported in major web applications such as Facebook, PayPal, etc. For instance, a quick look at the recent Bug Bounty vulnerabilities on these sites confirms this. Although XXE has been around for many years, it never really got […]
In the 3rd century BC, the Chinese Emperor Qin Shihuang attempted to destroy original Confucian texts and killed scholars who had knowledge in those texts. This event is known as “fénshū kēngrú” (in English: the burning of books and burying of scholars). At least since that time, the […]
The year is 2045. A 31-year-old woman is brought to the hospital complainingof headaches and fever. The doctors identify a species of equine encephalitis, a mosquito-borne virus, in her blood. In the first two decades of the 21st century, there was not a cure for this type of […]