In the previous article, we discussed the common techniques of how application developers check for a rooted device and then how an attacker can bypass some of the techniques used by the developers. In this article, we will discuss different methods being used by Android developers to store data […]
Islamic State of Iraq and Syria (ISIS) a Global Threat: Analysis of the Effects on Cyberspace of the Iraqi Situation
What is ISIS and why it is menacing the world?
The Islamic State of Iraq and Syria and Islamic State of Iraq and al-Sham, also known as ISIS, is an unrecognized state and a Jihadist militant group operating in Iraq and Syria. The group claims religious authority over all Muslims […]
In this article, we will look at the techniques being used by Android developers to detect if a device on which the app is running is rooted or not. There are good number of advantages for an application in detecting if it is running on a rooted device or […]
“What I would really love to be able to do is to kill the password dead,” said White House cybersecurity coordinator Michael Daniel recently. A simple and understandable idea from the man often colloquially referred to as the cyber Czar. However, enabling that idea is just not that simple […]
Russia and Internet Freedom
The Russian government is increasing its pressure on social media. Many experts maintain that the population is suffering a serious online censorship. The analysts have noted a surge in the use of anonymous web surfing software like Tor. According to data proposed on the Tor Metrics […]
As the adoption of various forms of cloud models (i.e. public, private, and hybrid) in various industry verticals are increasing, the cloud buzzword is on a new high. However, customers still have doubts about the security areas and raise a common question: “How can I trust the cloud?” The […]
1. What is an E-mail Retention Policy?
Simply put, an e-mail retention policy/ERP is the process of keeping emails for compliance or business reasons. It differs from archiving (although these terms can be used interchangeably) in the fact that a retention policy decides when to dispose of redundant electronic messages, […]
DNS sinkhole or black hole DNS is used to spoof DNS servers to prevent resolving host names of specified URLs. This can be achieved by configuring the DNS forwarder to return a false IP address to a specific URL. DNS sinkholing can be used to prevent access of malicious […]
Microsoft provides an inbuilt API for debugging Windows executables. With the power of Win32 Debugging API, you can create a custom debugger according to your needs. You can handle breakpoints, create breakpoints, handle Dll loads and unloads, and more.
Windows Debugging API works in the basics of debugging events. On […]
Sometimes we come across situations when we are in need of doing something inside our debuggers or to extend the functionality of them. For such things, debuggers usually provide an API interface to extend or provide extra functionality for the debugger.
There are two types of API provided by the […]
Let’s face it, Information Security has about a bazillion possible questions at any given interview across a wide variety of possible topics. On top of that, InfoSec means a lot of different things to a lot of different people. For example, Information Security covers everyone from the guy at […]
In this article I am going to illustrate how NTP is vulnerable to attacks like replay-delay attacks, MITM, and a very recent attack termed as NTP DdoS (which is a kind of amplification attack used to flood the intended target with a response from the NTP server that can […]
We all know there have been (and still is) a lot of malware lurking around the Internet. It’s quite usual today that once the victims get infected, they call back to the command and control (C&C) server, which is controlled by the attacker. The attacker can then contact the […]
In this article, I’ll present whether it’s possible to get access to passwords lying around in memory by using a fully patched Linux x64 operating system. First, it’s not superfluous to emphasize that the distribution of the Linux operating system doesn’t matter, since the system is managing memory similarly […]
For those of us in the information technology field, there are two reasons why we should understand operating system fingerprinting.
The first reason is to better design and implement security controls in networks and local machines.
The second reason is that effective OS fingerprinting is a vital penetration testing skill.
If an […]
DMZ or DeMilitarized Zone is primarily used to separate the network into multiple blocks to enhance security. The name is derived from the same term used to define an area between two nations where military actions are prohibited.
When managing a network, we usually want to have some services or […]
During the last Christmas season, a phishing email with an executable named as greetings.exe was broadly sent, and when the email was executed, an image named ‘xmas’ was drawn on the screen. This has captured the eyes of many security analysts, as the firewall and other prevention measures were […]
The Current Situation
The fighting in Ukraine has escalated sharply since the elections on May 25th. President-elect Petro Poroshenko, backed by the European Union and US, ordered the national army to strengthen its eastern border with Russia and stop an influx of fighters.
The Ukraine offensive came after pro-Russian rebels had […]
So far, we have discussed techniques used in manipulation, the characteristics that social engineers possess, the cycle of social engineering, and the four main qualities that are abused in such attacks. Below, we will present an interesting classification of social engineering, present some more techniques, discuss why social engineering […]
In the first part of this article, we are going to discuss the psychology surrounding social engineering, and in particular, the four qualities that social engineers abuse and the manners in which they abuse them, the techniques that attackers use to manipulate their victims, the cycle of social […]