Topics - Infosec Resources

General Security

1,382 Articles

General Security November 23, 2020 Patrick Mallory

2020: The year’s biggest hacks and cyberattacks

General Security October 29, 2020 Dan Virgillito

Key findings from the 2020 Netwrix IT Trends report

Hacking

631 Articles

Hacking October 28, 2020 Kurt Ellzey

Fake Image Detection

Hacking September 30, 2020 Jatin Jain

Copy-paste compromises

Security Awareness

372 Articles

Security Awareness November 10, 2020 Tyra Appleby

55 federal and state regulations that require employee security awareness and training

Security Awareness October 27, 2020 Daniel Dimov

Business email compromise (BEC) scams level up: How to spot the most sophisticated BEC attacks

Application Security

294 Articles

Application Security October 19, 2020 Graeme Messina

Open-source application security flaws: What you should know and how to spot them

Application Security August 4, 2020 Ajay Yadav

Network Design: Firewall, IDS/IPS

Penetration Testing

275 Articles

Penetration Testing October 13, 2020 Pedro Tavares

Using Merlin agents to evade detection

Penetration Testing September 26, 2020 Satyam Singh

Important SQLMap commands

Phishing

227 Articles

Phishing November 17, 2020 Susan Morrow

Phishing attack timeline: 21 hours from target to detection

Phishing November 2, 2020 Greg Belding

Overview of phishing techniques: Brand impersonation

Digital Forensics

195 Articles

Computer Forensics is one of the hottest subject areas in our articles, mini-courses, and forensics boot camps. If you or your organization needs classroom or online computer forensics training, call an account representative at 877-471-0059.

Digital Forensics August 29, 2019 Alec Waters

Eyesight to the Blind – SSL Decryption for Network Monitoring [Updated 2019]

Digital Forensics August 21, 2019 Dejan Lukan

Gentoo Hardening: Part 4: PaX, RBAC and ClamAV [Updated 2019]

Malware Analysis

189 Articles

Malware Analysis November 11, 2020 Chris Sienko

Nworm malware: What it is, how it works and how to prevent it | Malware spotlight

Malware Analysis November 4, 2020 Pedro Tavares

MalLocker Android ransomware: What it is, how it works and how to prevent it | Malware spotlight

Reverse Engineering

155 Articles

Reverse Engineering September 4, 2019 Soufiane Tahiri

Reverse Engineering Obfuscated Assemblies [Updated 2019]

Reverse Engineering August 31, 2019 Dejan Lukan

Crack Me Challenge Part 4 [Updated 2019]

Capture the Flag

150 Articles

Capture the Flag November 23, 2020 LetsPen Test

Photographer 1: VulnHub CTF walkthrough, part 2

Capture the Flag November 19, 2020 LetsPen Test

My CMSMS 1: VulnHub CTF walkthrough

Exploit Development

106 Articles

Exploit Development September 26, 2020 Dejan Lukan

PDF File Format: Basic Structure [updated 2020]

Exploit Development August 24, 2020 Daniel Brecht

FBI, DHS & CISA report summarizes top 10 exploited vulnerabilities

Other

79 Articles

Other February 23, 2016 aurelius

Categorizing the Types of GNU/Linux users

Other October 12, 2015 Infosec

Career Opportunities at Stroz Freidberg

News

61 Articles

News November 17, 2020 Sam Fay

Cybersecurity Weekly: Hackers for hire, DNS cache poisoning, The North Face attacked

News November 10, 2020 Sam Fay

Cybersecurity Weekly: Apple patches, job offer phishing, Cisco zero-day

Secure Coding

58 Articles

Secure Coding October 28, 2020 Srinivas

How To Exploit Improper Error Handling

Secure Coding October 27, 2020 Srinivas

Improper Error Handling Exploitation Case Study

Healthcare Information Security

56 Articles

Healthcare Information Security September 9, 2020 Susan Morrow

Look! Another Blog Post

Healthcare Information Security May 1, 2020 Susan Morrow

Top Cyber Security Risks in Healthcare [Updated 2020]

Cloud

52 Articles

Cloud November 16, 2020 Mosimilolu Odusanya

Malicious Amazon Machine Images (AMIs)

Cloud November 5, 2020 Daniel Brecht

Key findings from Ponemon’s State of Vulnerability Management in the Cloud and On-Premises report

Securing Windows 10 Hosts

51 Articles

Securing Windows 10 Hosts August 27, 2020 Kurt Ellzey

How to audit Windows 10 security logs

Securing Windows 10 Hosts August 26, 2020 Kurt Ellzey

How to audit Windows 10 system logs

Management, Compliance & Auditing

49 Articles

Management, Compliance & Auditing September 21, 2020 Susan Morrow

NY SHIELD Act: Security awareness and training requirements for New York businesses

Management, Compliance & Auditing May 20, 2020 Susan Morrow

Critical security concerns for the financial services industry

Threat Hunting

47 Articles

Threat Hunting August 13, 2019 Lester Obbayi

Threat hunting with Kolide and osquery

Threat Hunting July 31, 2019 Lester Obbayi

Threat hunting with osquery

MITRE ATT&CK™

46 Articles

MITRE ATT&CK™ November 11, 2020 Howard Poston

7 Steps of the MITRE ATT&CK®-based Analytics Development Method

MITRE ATT&CK™ November 11, 2020 Howard Poston

Using MITRE ATT&CK®-based analytics for threat detection: 5 principles

Industrial Control Systems and Operational Technology

36 Articles

Industrial Control Systems and Operational Technology September 9, 2020 Pierluigi Paganini

BPCS & SIS

Industrial Control Systems and Operational Technology August 31, 2020 Dimitar Kostadinov

Security Technologies for ICS/SCADA environments

Network traffic analysis for incident response

34 Articles

Network traffic analysis for incident response October 5, 2020 Nitesh Malviya

Firewalls and IDS/IPS

Network traffic analysis for incident response April 7, 2020 Fakhar Imam

Network traffic analysis for IR: Data exfiltration

Ethical Hacking

30 Articles

Ethical Hacking September 30, 2020 Pedro Tavares

Fuzzing introduction: Definition, types and tools for cybersecurity pros

Ethical Hacking September 23, 2020 Howard Poston

Top 7 cybersecurity books for ethical hackers in 2020

Cryptography

29 Articles

Cryptography October 13, 2020 Jatin Jain

The ultimate guide to encryption key management

Cryptography July 7, 2020 Susan Morrow

Security risks of outdated encryption: Is your data really secure?

Incident Response

27 Articles

Incident Response June 9, 2020 Christine McKenzie

Digital forensics and incident response: Is it the career for you?

Incident Response November 29, 2018 Graeme Messina

Top 30 Incident Responder Interview Questions and Answers for 2019

Data Recovery

24 Articles

Data Recovery February 4, 2018 Warlock

File Carving

Data Recovery January 2, 2018 Infosec

Average VMware Certified Professional Salary (VCP6) in 2018

Wireless Security

21 Articles

Wireless Security September 3, 2019 Dan Virgillito

Acceptable Use Policy (AUP) Template For Public WiFi Networks [Updated 2019]

Wireless Security August 23, 2019 Alexander Polyakov

SAP Mobile Infrastructure Security [Updated 2019]

Business Email Compromise

18 Articles

Business Email Compromise November 2, 2020 Rodika Tollefson

BEC attacks: A business risk your insurance company is unlikely to cover

Business Email Compromise August 3, 2018 Jeff Peters

The $9 billion BEC threat you can’t ignore

Blockchain Security

18 Articles

Blockchain Security October 14, 2020 Howard Poston

Second-Layer Protocols

Blockchain Security October 14, 2020 Howard Poston

Alternative Distributed Ledger Architectures

Applied Cryptography and Cryptanalysis

17 Articles

Applied Cryptography and Cryptanalysis October 20, 2020 Dimitar Kostadinov

Case Studies in Poor Password Management

Applied Cryptography and Cryptanalysis October 8, 2020 Dan Virgillito

Principles of Cryptography

IT Certifications

14 Articles

IT Certifications November 23, 2015 Infosec

CISSP Domain #1 Cheat Sheet: Security and Risk Management

IT Certifications May 28, 2015 Infosec

CISSP Domains: 2015 Update

Networking

14 Articles

Networking September 30, 2020 Susan Morrow

Average CCNA salary 2020

Networking August 3, 2020 Dan Virgillito

RTS Threshold Configuration for Improved Wireless Network Performance [Updated 2020]

Insider Threat

13 Articles

Insider Threat September 23, 2020 Susan Morrow

8 of the world’s biggest insider threat security incidents

Insider Threat November 30, 2018 Susan Morrow

Top 5 Ways to Identify and Address Insider Threats

NIST CSF

11 Articles

NIST CSF February 25, 2020 Fakhar Imam

NIST CSF: Cybersecurity basics — Foundation of CSF

NIST CSF February 19, 2020 Greg Belding

NIST CSF: Implementing NIST CSF

Virtualization Security

11 Articles

Virtualization Security March 26, 2019 Youness Zougar

Virtual Machine Introspection in Malware Analysis – Use Case

Virtualization Security February 7, 2019 Greg Belding

VCP 6.5 Certification & Exam

Professional Development

10 Articles

Professional Development November 3, 2020 Beth Osborne

Key findings from “The Life and Times of Cybersecurity Professionals 2020”

Professional Development October 9, 2020 Infosec

Learning x86 disassembly gives you the “keys to the kingdom,” says Infosec Skills author Stephanie Domas

Web Server Security

9 Articles

Web Server Security May 4, 2020 Lester Obbayi

Web server protection: Web server security monitoring

Web Server Security April 28, 2020 Lester Obbayi

Web server security: Active defense

SCADA/ ICS Security

9 Articles

SCADA/ ICS Security January 24, 2017 Jim Acord

Advice to a New SCADA Engineer

SCADA/ ICS Security February 1, 2015 Infosec

SCADA Interview Questions

Risk Management

7 Articles

Risk Management September 1, 2020 Greg Belding

Why your security risk management program should include legacy systems

Risk Management November 29, 2018 Pedro Tavares

Best Practices for Conducting a Risk-Based Internal Audit

DoD 8570

7 Articles

DoD 8570 October 26, 2020 Greg Belding

Introduction to the DoD Cyber Workforce Framework (DCWF)

DoD 8570 September 23, 2020 Susan Morrow

DoD 8570 IAT Certification and Requirements [Updated 2020]

Network Security (101)

7 Articles

Network Security (101) September 24, 2020 Nitesh Malviya

IPv4 and IPv6 Overview

Network Security (101) September 23, 2020 Nitesh Malviya

The OSI Model and TCP/IP Model

Cybersecurity Data Science

6 Articles

Cybersecurity Data Science October 20, 2020 Dimitar Kostadinov

Deanonymizing Tor using ML

Cybersecurity Data Science September 21, 2020 Kurt Ellzey

Deepfake

DNS

5 Articles

DNS September 14, 2020 Howard Poston

DNS security best practices: Preventing DNS hijacking, poisoning and redirection

DNS August 3, 2020 Pedro Tavares

Bypassing security products via DNS data exfiltration

Management, Compliance & Auditing

5 Articles

Management, Compliance & Auditing November 17, 2020 Christine McKenzie

The small business owner’s guide to cybersecurity

Management, Compliance & Auditing November 12, 2020 Susan Morrow

First Safe Harbor, then Privacy Shield: What EU-US data-sharing agreement is next?

The Ultimate Guide to Internet of Things (IoT) Security Fundamentals

5 Articles

The Ultimate Guide to Internet of Things (IoT) Security Fundamentals September 24, 2020 Dimitar Kostadinov

IoT Security Fundamentals: IoT vs OT (Operational Technology)

The Ultimate Guide to Internet of Things (IoT) Security Fundamentals September 22, 2020 Dimitar Kostadinov

IoT Security Fundamentals: Intercepting and Manipulating Wireless Communications

Cyber Range

5 Articles

Cyber Range November 23, 2020 Graeme Messina

Scalability & elasticity: Technical considerations when selecting a cyber range

Cyber Range November 19, 2020 Graeme Messina

How to safely test new technologies and tools in a cyber range

NICE Framework

5 Articles

NICE Framework October 22, 2020 Daniel Brecht

How to use the NICE Cybersecurity Workforce Framework to plan career progression: A practitioners’ guide

NICE Framework September 14, 2020 Kurt Ellzey

52 NICE Cybersecurity Workforce Framework work roles: What you need to know

Pentesting Certifications

4 Articles

Pentesting Certifications April 27, 2020 Susan Morrow

The business value of the CompTIA PenTest+ employee certification

Pentesting Certifications July 7, 2019 Ravi Das (writer/revisions editor)

10 Best Practices for Mobile App Penetration Testing

Cyberwarfare

3 Articles

Cyberwarfare April 16, 2019 Dan Virgillito

Cyberwarfare security solutions for large enterprises

Cyberwarfare March 6, 2019 Pedro Tavares

How to Protect Files With Canary Tokens

Project Management

3 Articles

Project Management July 27, 2017 Olusegun Ogunsina

What You Need to Know When Prepping for the PMP

Project Management April 27, 2017 Chiragh Dewan

SonarQube: A Hidden Gem

Vulnerabilities

2 Articles

Vulnerabilities November 10, 2020 Greg Belding

Malicious Docker images: How to detect vulnerabilities and mitigate risk

Vulnerabilities November 3, 2020 Dan Virgillito

Apache Guacamole Remote Desktop Protocol (RDP) vulnerabilities: What you need to know

Conferences and Events

2 Articles

Conferences and Events September 16, 2020 Dan Virgillito

6 Windows event log IDs to monitor now

Conferences and Events March 18, 2019 Camille Dupuis

Conferences

Data Breach

1 Articles

Data Breach November 9, 2020 Susan Morrow

Data breach vs. data misuse: Reducing business risk with good data tracking

Web App Penetration Testing

1 Articles

Web App Penetration Testing August 20, 2015 Rorot

Web Application Penetration Testing Methodology eBook