Password security: Using Active Directory password policy
Learn how to implement password security policies using Active Directory in this walkthrough from Infosec Skills author Mike Meyers.
Topics
How to crack a password: Demo and video walkthrough
Infosec Skills author Mike Meyers shows just how easy it is to use a brute-force attack or a password dictionary attack to crack a password.
Inside Equifax’s massive breach: Demo of the exploit
The Equifax data breach affected nearly half of the U.S. population. In this episode of Cyber Work Applied, see how the attack actually happened.
5 ways to prevent APT ransomware attacks
APT groups are behind recent ransomware campaigns. Learn five ways you can prevent your organization from becoming the next victim.
Celebrate Data Privacy Week: Free privacy and security awareness resources
Practice data privacy year-round with these free resources for Data Privacy Week! Learn about data privacy best practices, data privacy careers and more.
Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
How VetsInTech helped a career Army medic achieve his goal of becoming a cybersecurity professional and his advice for other veterans
7 top security certifications you should have in 2023
Earning a cybersecurity certification can help you stand out and get hired. Find out which certs are most in-demand in 2023.
How Zoom is being exploited for phishing attacks
Learn how easy it is to create a Zoom phishing email in this episode of Cyber Work Applied with Infosec Principal Security Researcher Keatron Evans.
11 phishing email subject lines your employees need to recognize [Updated 2022]
53% of organizations reported a phishing-related breach. Here are the top phishing email subject lines your employees should be able to recognize.
Top 7 tools for intelligence-gathering purposes
Experts can often collect significant artifacts related to the authors behind the analyzed scenarios during cybersecurity exercises, including details such...
iOS forensics
Day by day, smartphones and tablets are becoming ever more popular, and as a result, the technology used in development to add new features or improve the security...
Federal privacy and cybersecurity enforcement — an overview
Learn a quick overview of the federal government’s privacy and cybersecurity laws.
U.S. privacy and cybersecurity laws — an overview
Learn how federal and state privacy laws intersect with cybersecurity and how to comply without being overwhelmed.
Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
An ex-employee leaks a Yandex source code repository, malware campaign infects over 4,500 WordPress sites and the new SwiftSlicer wiper tool. Catch all this...
PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
Credential stuffing attack exposes data of 35,000 PayPal accounts, Chinese hackers exploit Fortinet VPN vulnerability as 0-day and the new Android Hook malware....
Kali Linux: Top 8 tools for reverse engineering
These Kali Linux tools are great for offensive and defensive cybersecurity.
Stacks and Heap
Memory is a crucial resource for any system when conducting reverse engineering. Malware analysts must understand the way memory is assigned to a program.
During...
How to use Nmap and other network scanners
Learn how to use free network scanning tools like Nmap, Zenmap and Advanced Port Scanner in this episode of Cyber Work Applied.
Security engineers: The top 13 cybersecurity tools you should know
Security engineers utilize a range of tools to prevent cyber threats. These are the top 13 tools security engineering industry leaders are using now.
Dark Web hacking tools: Phishing kits, exploits, DDoS for hire and more
The demand for dark web hacking tools has reached all-time highs across the cybercriminal ecosystem during the COVID-19 pandemic.
Double extortion ransomware: Pay now or get breached
Ransomware has become a lot more sophisticated recently, and learning more about it is important to stay safe in case it happens to you.
How does hashing work: Examples and video walkthrough
What is password hashing? Infosec Skills author Mike Meyers explains how a hash works and demonstrates common hashing use cases.
How does encryption work? Examples and video walkthrough
Infosec Skills author Mike Meyers provides an easy-to-understand walkthrough of cryptography.
Data storage security isn’t working: Here are 5 ways to improve
Data storage and backup systems are far more insecure than other IT systems, research says. Here are five ways to improve their security.
Protect your data with zero-trust networks
83% of former employees retain access to one or more of your company's accounts. It's past time to use a zero-trust network to ensure your data stays safe.
Security risks of cloud migration
An overview of cloud migration projects and the considerations for migrating applications to the cloud.
DevSecOps in the Azure Cloud
Explore how organizations operating in the Microsoft Azure cloud can use a vendor-prescribed architecture and dedicated security tools to adopt a DevSecOps process.
Certifications compared: Linux+ vs RHCSA/RHCE [2022 update]
Find out which certifications are best to validate your knowledge and skills working in open-source environments.
Android security: Everything you need to know [Updated 2021]
Android devices have a host of security risks, but updates are helping to mitigate them.
How will zero trust change the incident response process?
Find out how Zero Trust security affects the incident response process.
How to build a proactive incident response plan
The average cost of a data breach is now $4.24 million. A proactive incident response plan is crucial to help organizations mitigate that risk.
Digium Phones Under Attack and how web shells can be really dangerous
Learn about the dangers web shells have on Digium phones.
vSingle is abusing GitHub to communicate with the C2 server
Lazarus' advanced persistent threat (APT) operations use malware specially crafted for attacking financial institutions, espionage, and disruptive purposes.
Securing operational technology: Safeguard infrastructure from cyberattack
How do we guard operational technology against cyberattacks? Tune in as Francis Cianfrocca, Insight Cyber Group CEO, & Chris Sienko dissect this very issue.
Operation technology sees rise in targeted remote access Trojans and ransomware
Operation technology (OT) is one of the most overlooked segments of the IT sector that attack groups target.
Genetic testing “hottest” new form of health insurance fraud, FBI warns
The FBI is finding more and more cases of health insurance fraud. Learn more about it.
Healthcare data security issues: Best security practices for virtual healthcare sessions
With more telehealth and related digital mechanisms to deliver health, healthcare data security standards are more important than ever.
Executing the Sandworm APT: Lab and walkthrough
Learn the techniques the Sandworm APT hacking group used to compromise, pivot from and destroy a server. Then try to do it yourself.
Using persistence to maintain a foothold: Example and walkthrough
Learn how threat actors use MITRE ATT&CK® persistence techniques to maintain a foothold in an environment. Then try the techniques yourself.
Compromise assessment or threat hunting? What do organizations need?
Compromise assessment and threat hunting are two rising techniques of implementing network security. Figure out what your organization needs.
Deception technologies: 4 tools to help you identify threats and mitigate risks
Deception technologies have come a long way from the days when honeypots were used to analyze attacker behavior. Today’s deception tools contain advanced...
AI and machine learning career paths, trends and job prospects
Learn about the job prospects for artificial intelligence and how to prepare for a career in it.
Will a Digital Bill of Rights solve machine learning and privacy issues?
Will the Digital Bill of Rights fix the machine learning algorithm and privacy conundrum?
Capture: Improve IoT firmware security with new firmware architecture
In this article, we shall discuss what Capture is and discuss how its application can benefit both IoT device owners and IoT device vendors.
Smart Toys and Their Cybersecurity Risks: Are Our Toys Becoming a Sci-Fi Nightmare? [updated 2021]
As smart toys get more advanced, they bring more cybersecurity risk with them.
Decentralized identifiers (DIDs) and blockchain: The silver bullet for online privacy?
Learn more about decentralized identifiers and the role they play in keeping your privacy and data intact.
Cryptocurrency Enforcement Framework: Impacts on digital forensic investigations
A new Cryptocurrency Enforcement Framework was recently released. Learn how it may impact cryptocurrency, cybersecurity and digital forensics investigations.
NIST first responder guidance: Balancing mobile security with response time
The NIST 1800-13 standard describes how public safety first responder organizations can improve access to sensitive data without compromising security
Critical software security guidance issued by NIST
Explore the five best practices in cybersecurity risk mitigation for all organizations based on NIST's Security Measures for EO-Critical Software Use.
Infosec Skills August Challenge
Join the quest for new skills, bragging rights and over $1,000 in prizes. Each month, we’ll release a brand new challenge. Can you complete it?
ICS cyber ranges: Hands-on training for industrial control system security teams
Incident response has been a pillar of cybersecurity for decades. But plans to account for the unique risks surrounding the specialized command and control...