Microsoft Windows provides a sleek API for cryptographic purposes. It is a generic interface for accessing cryptographic services provided by Microsoft Windows operating system.
CryptoAPI is meant to be used by developers of Windows-based applications that may alter users to form and exchange documents and alternative information in a very […]
sqlmap is an attack tool which can be effectively used to perform SQL injection attacks and post exploitation acts. It is a versatile tool when it comes to SQL injections. Most security professionals use sqlmap for SQL injection related pen tests.
sqlmap is a modular framework written in Python. It […]
In this article, we’ll learn about the concept of data loss prevention: why it is needed, what are the different types of DLP and its modes of operations, what is the planning and design strategy for DLP, what are the possible deployment scenarios, and what are workflow and best […]
Islamic State of Iraq and Syria (ISIS) a Global Threat: Analysis of the Effects on Cyberspace of the Iraqi Situation
What is ISIS and why it is menacing the world?
The Islamic State of Iraq and Syria and Islamic State of Iraq and al-Sham, also known as ISIS, is an unrecognized state and a Jihadist militant group operating in Iraq and Syria. The group claims religious authority over all Muslims […]
In this article, we will look at the techniques being used by Android developers to detect if a device on which the app is running is rooted or not. There are good number of advantages for an application in detecting if it is running on a rooted device or […]
“What I would really love to be able to do is to kill the password dead,” said White House cybersecurity coordinator Michael Daniel recently. A simple and understandable idea from the man often colloquially referred to as the cyber Czar. However, enabling that idea is just not that simple […]
Russia and Internet Freedom
The Russian government is increasing its pressure on social media. Many experts maintain that the population is suffering a serious online censorship. The analysts have noted a surge in the use of anonymous web surfing software like Tor. According to data proposed on the Tor Metrics […]
Someone once said, “the powers of hell feed on the best instincts in man.”
Take, for example, the case of Andrew Meldrum, who was recently convicted of three counts of unauthorized access to computer material and two counts of voyeurism– http://www.wired.co.uk/news/archive/2014-03/04/cyber-voyeur. It seems Mr. Meldrum installed spyware on at least […]
As the adoption of various forms of cloud models (i.e. public, private, and hybrid) in various industry verticals are increasing, the cloud buzzword is on a new high. However, customers still have doubts about the security areas and raise a common question: “How can I trust the cloud?” The […]
1. What is an E-mail Retention Policy?
Simply put, an e-mail retention policy/ERP is the process of keeping emails for compliance or business reasons. It differs from archiving (although these terms can be used interchangeably) in the fact that a retention policy decides when to dispose of redundant electronic messages, […]
DNS sinkhole or black hole DNS is used to spoof DNS servers to prevent resolving host names of specified URLs. This can be achieved by configuring the DNS forwarder to return a false IP address to a specific URL. DNS sinkholing can be used to prevent access of malicious […]
Microsoft provides an inbuilt API for debugging Windows executables. With the power of Win32 Debugging API, you can create a custom debugger according to your needs. You can handle breakpoints, create breakpoints, handle Dll loads and unloads, and more.
Windows Debugging API works in the basics of debugging events. On […]
In this article I am going to illustrate how NTP is vulnerable to attacks like replay-delay attacks, MITM, and a very recent attack termed as NTP DdoS (which is a kind of amplification attack used to flood the intended target with a response from the NTP server that can […]
We all know there have been (and still is) a lot of malware lurking around the Internet. It’s quite usual today that once the victims get infected, they call back to the command and control (C&C) server, which is controlled by the attacker. The attacker can then contact the […]
In this article, I’ll present whether it’s possible to get access to passwords lying around in memory by using a fully patched Linux x64 operating system. First, it’s not superfluous to emphasize that the distribution of the Linux operating system doesn’t matter, since the system is managing memory similarly […]
DMZ or DeMilitarized Zone is primarily used to separate the network into multiple blocks to enhance security. The name is derived from the same term used to define an area between two nations where military actions are prohibited.
When managing a network, we usually want to have some services or […]
During the last Christmas season, a phishing email with an executable named as greetings.exe was broadly sent, and when the email was executed, an image named ‘xmas’ was drawn on the screen. This has captured the eyes of many security analysts, as the firewall and other prevention measures were […]
The Current Situation
The fighting in Ukraine has escalated sharply since the elections on May 25th. President-elect Petro Poroshenko, backed by the European Union and US, ordered the national army to strengthen its eastern border with Russia and stop an influx of fighters.
The Ukraine offensive came after pro-Russian rebels had […]
So far, we have discussed techniques used in manipulation, the characteristics that social engineers possess, the cycle of social engineering, and the four main qualities that are abused in such attacks. Below, we will present an interesting classification of social engineering, present some more techniques, discuss why social engineering […]
In the first part of this article, we are going to discuss the psychology surrounding social engineering, and in particular, the four qualities that social engineers abuse and the manners in which they abuse them, the techniques that attackers use to manipulate their victims, the cycle of social […]