Topics - Infosec Resources

General security

General security January 12, 2021 Patrick Mallory

Analysts predict CEOs will be personally liable for security incidents. Should they be?

As more of our world becomes interconnected and reliant on computer systems to function, the risks from cyberattacks have increased. From public utilities,...

General security January 11, 2021 Graeme Messina

PCAP Analysis Basics with Wireshark [Updated 2021]

Wireshark is a very useful tool for information security professionals and is thought of by many as the de facto standard in network packet and protocol analysis....

Hacking

663 Articles

Hacking January 11, 2021 Pavitra Shankdhar

20 Popular Wireless Hacking Tools [Updated for 2021]

Last year, I wrote an article covering popular wireless hacking tools to crack or recover password of wireless network. We added 13 tools in that article which...

Hacking January 10, 2021 Dan Virgillito

How to Hack Android Devices Using the StageFright Vulnerability [Updated 2021]

In July 2015, mobile-security firm Zimperium declared it discovered a high-severity vulnerability inside the Android operating system. The critical flaw exists...

Security awareness

381 Articles

Security awareness January 12, 2021 Christine McKenzie

Fake online shopping websites: 6 ways to identify a fraudulent shopping website

Once upon a time, the only way to get your shopping done was at a brick-and-mortar store. In terms of crime, shoppers may have been worried about muggers and...

Security awareness January 11, 2021 Rupesh Hankare

All About Carding (For Noobs Only) [Updated 2021]

The Article writer's intent is to spread awareness about the carding. The writer is not responsible if any damage occurs. This is for educational purpose...

Application Security

297 Articles

Application Security January 11, 2021 Pavitra Shankdhar

Best Free and Open Source SQL Injection Tools [Updated 2021]

SQL injection is one of the most common attacks against web applications. This is used against websites which use SQL to query data from the database server....

Application Security January 6, 2021 Howard Poston

Pysa 101: Overview of Facebook’s open-source Python code analysis tool

Pyre is a performance type-checker created by Facebook for the Python programming language. It is designed to rapidly identify type errors within Python applications. The...

Penetration testing

279 Articles

Penetration testing January 11, 2021 Howard Poston

The Top 5 Pentesting Tools You Will Ever Need [updated 2021]

A penetration test or “pen test” is a human-driven assessment of an organization’s security. One or more pen testers will be engaged by an organization...

Penetration testing October 13, 2020 Pedro Tavares

Using Merlin agents to evade detection

While penetration testing and Red Teaming are crucial to check a system’s security and to validate potential entry-points in the infrastructure, sometimes...

Phishing

228 Articles

Phishing December 29, 2020 Kurt Ellzey

Phishing domain lawsuits and the Computer Fraud and Abuse Act

The worlds of trademark law and marketing seem to be constantly at odds with each other, occasionally collapsing into a court of law where they battle for...

Phishing December 18, 2020 Greg Belding

Phishing: Reputational damages

When phishing and damages are thought of in the same sentence, the typical thoughts of many are the loss of data due to theft, identity theft and ultimately...

Digital forensics

197 Articles

Computer Forensics is one of the hottest subject areas in our articles, mini-courses, and forensics boot camps. If you or your organization needs classroom or online computer forensics training, call an account representative at 877-471-0059.

Digital forensics January 8, 2021 Howard Poston

Popular Computer Forensics Top 19 Tools [updated 2021]

Computers are a vital source of forensic evidence for a growing number of crimes. While cybercrime has been growing steadily in recent years, even traditional...

Digital forensics January 6, 2021 Howard Poston

7 Best Computer Forensics Tools [Updated 2021]

Computer forensics deals with the collection of evidence from digital media, such as desktops, mobile devices, cloud computing and IoT devices. This evidence...

Malware analysis

197 Articles

Malware analysis January 13, 2021 Pedro Tavares

RegretLocker ransomware: What it is, how it works and how to prevent it | Malware spotlight

In October 2020, a new piece of data encryption malware made the headlines. RegretLocker is novel ransomware that can bypass the long encryption times required...

Malware analysis January 6, 2021 Pedro Tavares

Lazarus’s VHD ransomware: What it is, how it works and how to prevent it | Malware spotlight

Data encryption malware is one of the most popular malware families in recent years and targets mass volumes of users and companies around the world. In this...

Capture the Flag

161 Articles

Capture the Flag January 14, 2021 Security Ninja

Hack the Box (HTB) machine walkthrough series: Vault

Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is of an HTB machine named...

Capture the Flag January 11, 2021 Security Ninja

Hack the Box (HTB) machines walkthrough series — Fuse

Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is of an HTB machine named...

Reverse engineering

155 Articles

Reverse engineering January 10, 2021 Irfan Shakeel

Top 8 Reverse Engineering Tools for Cyber Security Professionals [Updated 2021]

Whether it is rebuilding a car engine or diagramming a sentence, people can learn about many things simply by taking them apart and putting them back together...

Reverse engineering September 4, 2019 Soufiane Tahiri

Reverse Engineering Obfuscated Assemblies [Updated 2019]

In previous articles that talked about .NET reverse engineering, we covered almost every aspect of reversing .NET assemblies, we explained how this kind of...

Exploit development

106 Articles

Exploit development September 26, 2020 Dejan Lukan

PDF File Format: Basic Structure [updated 2020]

We all know that there are a number of attacks where an attacker includes some shellcode in a PDF document. This shellcode uses some kind of vulnerability...

Exploit development August 24, 2020 Daniel Brecht

FBI, DHS & CISA report summarizes top 10 exploited vulnerabilities

According to the Cybersecurity and Infrastructure Security Agency (CISA), foreign cyber actors often exploit software vulnerabilities that have been already...

Secure coding

83 Articles

Secure coding December 22, 2020 Srinivas

Email-Based Attacks With Python: Phishing, Email Bombing and More

The ability to send emails using an automated software tool such a python script can be useful in performing mass email based phishing attacks. This article...

Secure coding December 22, 2020 Srinivas

Attacking Web Applications With Python: Recommended Tools

Python is a powerful scripting language and it is used in developing several real world tools that are heavily used by security professionals. This article...

Other

81 Articles

Other April 27, 2017 Chiragh Dewan

SonarQube: A Hidden Gem

SonarQube is an open source quality management software that analyzes and measures the technical quality of project portfolio to a method which essentially...

Other February 23, 2016 aurelius

Categorizing the Types of GNU/Linux users

I have been a GNU/Linux user for almost seven years now, and I have been using GNU/Linux since college. In fact, during my college years, I was the only Linux...

News

66 Articles

News January 4, 2021 Sam Fay

Cybersecurity Weekly: Paypal phishing texts, Facebook ad phishing, T-Mobile data breach

PayPal phishing texts state users accounts are limited. Facebook ads are being used to steal 615,000+ credentials in a phishing campaign. T-Mobile disclosed...

News December 30, 2020 Sam Fay

Cybersecurity Weekly: Ledger account leak, SUPERNOVA malware, Citrix NetScaler attacks

Physical addresses of 270,000 Ledger owners were leaked on a hacker forum. A new SolarWinds flaw likely let hackers install SUPERNOVA malware. Attackers are abusing Citrix NetScaler devices to launch amplified DDoS attacks. All this, and more, in this week’s edition of Cybersecurity Weekly....

Cloud

57 Articles

Cloud December 16, 2020 Mosimilolu Odusanya

CloudGoat walkthrough series: Lambda Privilege Escalation

This is the third in our walkthrough series of CloudGoat scenarios. CloudGoat is a “vulnerable by design” AWS deployment tool designed by Rhino Security...

Cloud December 14, 2020 Gilad Maayan

Information security strategy for the hybrid and multi-cloud

Cloud computing is omnipresent, and most organizations are opting for a model that combines several types of cloud infrastructure: private and public cloud...

Securing Windows 10 hosts

53 Articles

Securing Windows 10 hosts December 14, 2020 Kurt Ellzey

How to Use Windows 10 Action Center and Security & Maintenance App for Hardening

When you hear someone mention "Action Center" in regards to security, you may picture a team of specialists running through a facility- trying to get to their...

Securing Windows 10 hosts December 14, 2020 Kurt Ellzey

Data Security in Windows 10: NTFS Permissions (Standard)

"I don't have anything to hide." "What about your credit card numbers?" "Well yeah, okay but…" "Bank account number? Social Security Number? Social Media...

Management, compliance & auditing

49 Articles

Management, compliance & auditing January 4, 2021 Infosec

Average Chief Security Officer Salary [Updated 2021]

The role of a chief security officer is one that combines management with a deep understanding of information technology and data protection. A chief security...

Management, compliance & auditing September 21, 2020 Susan Morrow

NY SHIELD Act: Security awareness and training requirements for New York businesses

The world of data protection and privacy regulations has brought us many laws and acts. The most commonly cited are the EU’s General Data Protection Regulation...

Threat hunting

48 Articles

Threat hunting January 14, 2021 Beth Osborne

FBI releases Rana Intelligence Computing indicators of compromise (IOCs)

The FBI’s Cyber Division recently disclosed that Iran’s intelligence agency is employing nation-state actors and a front company, Rana Intelligence Computing,...

Threat hunting August 13, 2019 Lester Obbayi

Threat hunting with Kolide and osquery

In this article, we’ll discuss how we can use Kolide Fleet for threat-hunting purposes. This article is not intended to be an introductory piece, but rather...

MITRE ATT&CK™

47 Articles

MITRE ATT&CK™ November 11, 2020 Howard Poston

7 Steps of the MITRE ATT&CK®-based Analytics Development Method

The MITRE ATT&CK-based analytics development method is a process of using red and blue team engagements to develop and improve the analytics used to detect...

MITRE ATT&CK™ November 11, 2020 Howard Poston

How to Use MITRE ATT&CK® to Map Defenses and Understand Gaps

The MITRE ATT&CK® framework is a useful way to standardize cybersecurity terminology and provides a framework for organizations to plan and evaluate...

Healthcare information security

41 Articles

Healthcare information security May 1, 2020 Susan Morrow

Top Cyber Security Risks in Healthcare [Updated 2020]

The healthcare industry is a prime target for cybercriminals. Stolen protected health information (PHI) is worth hundreds, even thousands of dollars on the...

Healthcare information security August 28, 2018 Beth Osborne

The Most Vulnerable and Hackable Medical Devices

The Internet of Things (IoT) adds convenience and capabilities in both personal and professional applications. Smart device usage in the medical field...

Industrial control systems and operational technology

36 Articles

Industrial control systems and operational technology September 9, 2020 Pierluigi Paganini

BPCS & SIS

Cybersecurity in the process industries is a growing concern due to the increasing number of cyber attacks against industrial control systems (ICS) and the...

Industrial control systems and operational technology August 31, 2020 Dimitar Kostadinov

Security Technologies for ICS/SCADA environments

Generally speaking, security is not a priority in the context of industrial control systems (ICSs) and Supervisory Control And Data Acquisition (SCADA) environments....

Network traffic analysis for incident response

34 Articles

Network traffic analysis for incident response October 5, 2020 Nitesh Malviya

Firewalls and IDS/IPS

A typical corporate network makes use of a number of networking devices and mechanisms for preventing various attacks and maintaining the security of their...

Network traffic analysis for incident response April 7, 2020 Fakhar Imam

Network traffic analysis for IR: Data exfiltration

Understanding network behavior is a prerequisite for developing effective incident detection and response capabilities. ESG research has found that 87 percent...

Cryptography

31 Articles

Cryptography November 23, 2020 Nitesh Malviya

The Advanced Encryption Standard (AES)

Encryption is the process of converting plaintext to encrypted text. Since encrypted text cannot be read by anyone, encrypted text hides the original data...

Cryptography October 13, 2020 Jatin Jain

The ultimate guide to encryption key management

In cryptography, a key is a very important piece of information used to combine with an algorithm (a cipher) to transform plaintext into ciphertext (encryption). The...

Applied cryptography and cryptanalysis

30 Articles

Applied cryptography and cryptanalysis January 5, 2021 Srinivas

Cryptography Errors

Many organizations make use of cryptography for securing their applications. A large portion of banking applications rely on some sort of cryptography. When...

Applied cryptography and cryptanalysis December 16, 2020 Nitesh Malviya

Block Ciphers

Encryption is the process of converting plaintext to encrypted text. Since encrypted text cannot be read by anyone, encrypted text hides the original data...

Professional development

27 Articles

Professional development January 15, 2021 Shreya Verma

Infosec Skills author teaches people-process-technology approach for “secure software development”

"Technology is as good as the processes implemented around it, and processes are as good as the people who execute them, so never stop learning, "John said....

Professional development January 15, 2021 Brian Ruddock

Infosec Skills author Joseph South found “love at first sight” in cybersecurity

"I'm not teaching you different theories of how you would penetrate a network based on some book written by someone that hasn't done it in 10 years," he said. "I'm teaching you things that I did last week at work that are working." ...

Incident response

27 Articles

Incident response June 9, 2020 Christine McKenzie

Digital forensics and incident response: Is it the career for you?

When many of us think of detective work, we conjure up images of trench-coated detectives chasing bad guys down darkened alleyways or poring over black-and-white...

Incident response November 29, 2018 Graeme Messina

Top 30 Incident Responder Interview Questions and Answers for 2019

As systems move into the cloud and are increasingly exposed to the Internet, incident responders are becoming more necessary in the corporate world. If you...

Data recovery

24 Articles

Data recovery February 4, 2018 Warlock

File Carving

File carving is a process used in computer forensics to extract data from a disk drive or other storage device without the assistance of the file system that...

Data recovery January 2, 2018 Infosec

Average VMware Certified Professional Salary (VCP6) in 2018

The Cloud phenomenon is taking the world by storm (pun unintended)! Cloud and virtualization technology is becoming increasingly popular with both large and...

Network Security

21 Articles

Network Security December 15, 2020 Nitesh Malviya

Email Security

We all know Email is the widely used communication medium at least in the corporate world. In fact, Email existed before the World Wide Web and other modes...

Network Security November 24, 2020 Dimitar Kostadinov

Data Integrity and Backups

Data integrity means that a given data set is accurate, complete, consistent, unchanged (original or a true copy) and trustworthy throughout its entire lifecycle,...

Wireless security

21 Articles

Wireless security September 3, 2019 Dan Virgillito

Acceptable Use Policy (AUP) Template For Public WiFi Networks [Updated 2019]

Acceptable Use Policies (AUPs) are an essential component to all organizations, companies, and other establishments offering Internet or Intranet access. According...

Wireless security August 23, 2019 Alexander Polyakov

SAP Mobile Infrastructure Security [Updated 2019]

SAP, like any other large vendor, is evolving towards greater mobility and providing access to its applications from different devices located anywhere in the...

Blockchain security

20 Articles

Blockchain security December 16, 2020 Nitesh Malviya

What are Smart Contracts?

Let’s understand what Smart Contracts are using a simple example. Consider the purchase of cookies from a vending machine. The one who wants to buy the...

Blockchain security December 16, 2020 Nitesh Malviya

Introduction to Blockchain Consensus Algorithms

A blockchain is a record of digital transactions. It is a distributed software network which can function both as a digital ledger and as a mechanism allowing...

Business email compromise

18 Articles

Business email compromise November 2, 2020 Rodika Tollefson

BEC attacks: A business risk your insurance company is unlikely to cover

Business email compromise (BEC) attacks can cost an organization millions of dollars, and the threat is growing as more business activity takes place online....

Business email compromise August 3, 2018 Jeff Peters

The $9 billion BEC threat you can’t ignore

Business email compromise (BEC) attacks are expected to cost businesses $9 billion by the end of 2018, according to Trend Micro estimates. In this discussion...

Virtualization security

16 Articles

Virtualization security January 7, 2021 Pedro Tavares

Installing and Configuring CentOS 8 on Virtualbox [updated 2021]

Unix-based operating systems are ruling the webserver OS market. According to data from W3techs, in 2017 Unix servers were used by 66.5% of all the websites,...

Virtualization security March 26, 2019 Youness Zougar

Virtual Machine Introspection in Malware Analysis – Use Case

To determine the behavior of a piece of malware, we will develop a script (based on LibVMI functions) that will allow us to trace the Kernel APIs executed by...

IT certifications

15 Articles

IT certifications March 27, 2020 Jeff Peters

Which CompTIA cert is right for you: PenTest+, CySA+ or CASP+?

There's never been a better time to be a cybersecurity professional, but with so many potential career paths, what skills should you focus on learning?...

IT certifications November 23, 2015 Infosec

CISSP Domain #1 Cheat Sheet: Security and Risk Management

Our new Cheat Sheet on the first domain of the CISSP, "Security and Risk Management," covers all the major focus areas you need to know for the exam! Our...

Insider threat

13 Articles

Insider threat September 23, 2020 Susan Morrow

8 of the world’s biggest insider threat security incidents

If you work in security or are just interested in the general area of cybersecurity you will no doubt have heard of the dreaded insider threat. In the context...

Insider threat November 30, 2018 Susan Morrow

Top 5 Ways to Identify and Address Insider Threats

A recent report commissioned by CA Technologies threw up some very interesting and alarming data about the threats that an insider can pose to an organization....

NIST Cyber Security Framework

11 Articles

NIST Cyber Security Framework February 25, 2020 Fakhar Imam

NIST CSF: Cybersecurity basics — Foundation of CSF

The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is all about the security of critical Infrastructure. NIST SP 800-30,...

NIST Cyber Security Framework February 19, 2020 Greg Belding

NIST CSF: Implementing NIST CSF

The National Institute of Standards and Technology’s Cybersecurity Framework, or NIST CSF, was first published in 2014 to provide voluntary guidance for...

Web server security

10 Articles

Web server security December 23, 2020 Kurt Ellzey

Top 6 JavaScript plugin security risks

If you're on the web for more than about two hours, there's a good chance that you'll hear someone use the word “analytics.” This does not necessarily...

Web server security May 4, 2020 Lester Obbayi

Web server protection: Web server security monitoring

Web server security is important in ensuring the correct operation of your websites. It allows you to identify vulnerabilities and any other security issues...

SCADA/ ICS Security

9 Articles

SCADA/ ICS Security January 24, 2017 Jim Acord

Advice to a New SCADA Engineer

As I have come in contact with those new to industrial control systems – whether they be supervisor control and data acquisition (SCADA) systems, building...

SCADA/ ICS Security February 1, 2015 Infosec

SCADA Interview Questions

SCADA (supervisory control and data acquisition) is a type of software application and hardware control that defines the way data and real-time processing is...

Vulnerabilities

8 Articles

Vulnerabilities January 4, 2021 Beth Osborne

Software vulnerability patching best practices: Patch everything, even if vendors downplay risks

Software vulnerability continues to be a challenging cybersecurity risk. Cybercriminals are able to seize on these vulnerabilities and breach systems. The...

Vulnerabilities December 29, 2020 Greg Belding

What is a vulnerability disclosure policy (VDP)?

The vulnerability disclosure policy, or VDP, may be a term that you have heard thrown around at work, in an elevator, at an event and not knowing what it...

Cybersecurity data science

8 Articles

Cybersecurity data science December 15, 2020 Kurt Ellzey

Generating Text Using ML

Most of us have that one TV show that we want to see just one more episode of. Just one more reunion or reboot or movie to finish off a storyline that wasn't...

Cybersecurity data science December 14, 2020 Kurt Ellzey

Setting Up a Virtual Lab for Cybersecurity Data Science

"Giant Rabbit uses Carrot Smash. You take 9999 damage. Game over." "Aww! All right, this time I’ll get it for sure." "Do you want to reload your...

Cyber ranges

8 Articles

Cyber ranges January 13, 2021 Patrick Mallory

What types of attack scenarios can you simulate in a cyber range?

Just as in any other endeavor, practice makes perfect, and the same goes for preparing for cyberattacks. For organizations looking to take their preparations...

Cyber ranges December 15, 2020 Graeme Messina

How are virtual labs and cyber range simulations different?

Cybersecurity training is one of the most important ways that IT professionals can validate their skills and learn new ones too. It not only teaches valuable...

Risk management

7 Articles

Risk management September 1, 2020 Greg Belding

Why your security risk management program should include legacy systems

The aim of business is to be profitable — and as we all know, investing in new systems, devices, and technology costs money that may otherwise be logged...

Risk management November 29, 2018 Pedro Tavares

Best Practices for Conducting a Risk-Based Internal Audit

Over the last few years, cyber-crimes have grown in number and in the ways cybercriminals exploit them. Due to this, the need to manage risks has been recognized...

DoD 8570

7 Articles

DoD 8570 October 26, 2020 Greg Belding

Introduction to the DoD Cyber Workforce Framework (DCWF)

In response to the ever-changing world, including the increased focus on cyberspace as a theater of war, the US Department of Defense (DoD) decided that it...

DoD 8570 September 23, 2020 Susan Morrow

DoD 8570 IAT Certification and Requirements [Updated 2020]

The US Department of Defense (DoD) hosts a number of directives that set out the requirements of their workforce. DoD 8570, titled “Information Assurance...

Management, compliance & auditing

7 Articles

Management, compliance & auditing December 23, 2020 Gilad Maayan

Comparing endpoint security: EPP vs. EDR vs. XDR

Endpoint detection and response is a type of security solution that provides real-time visibility into endpoint activities by monitoring and recording endpoint...

Management, compliance & auditing December 21, 2020 Karen Walsh

5 changes the CPRA makes to the CCPA that you need to know

On election day 2020, Californians did more than vote for a president. They also passed the California Privacy Rights Act (CPRA), which clarified the California...

NICE Framework

7 Articles

NICE Framework January 14, 2021 Ian Palmer

Close Your Skills Gap: Putting the NICE Workforce Framework for Cybersecurity to Work

If you’re looking for a blueprint that classifies, manages and explains cybersecurity work, the National Initiative for Cybersecurity Education (NICE) has...

NICE Framework December 30, 2020 Greg Belding

What is the difference between the NICE Framework and DoDD 8140/8570?

For those looking into government work, or for those just plain interested in the different cybersecurity frameworks out there, have probably encountered...

DNS

5 Articles

DNS September 14, 2020 Howard Poston

DNS security best practices: Preventing DNS hijacking, poisoning and redirection

The Domain Name System (DNS) is one of the fundamental protocols of the Internet. It provides a lookup service that converts domain names (like google.com)...

DNS August 3, 2020 Pedro Tavares

Bypassing security products via DNS data exfiltration

Criminals are using different strategies to compromise computer networks, infrastructures and organizations. Cyber incidents have increased in number and complexity...

The ultimate guide to internet of things (IoT) security fundamentals

5 Articles

The ultimate guide to internet of things (IoT) security fundamentals September 24, 2020 Dimitar Kostadinov

IoT Security Fundamentals: IoT vs OT (Operational Technology)

Introduction: Knowing the Notions Industrial Internet of Things (IIoT) incorporates technologies such as machine learning, machine-to-machine (M2M) communication,...

The ultimate guide to internet of things (IoT) security fundamentals September 22, 2020 Dimitar Kostadinov

IoT Security Fundamentals: Intercepting and Manipulating Wireless Communications

Introduction: IoT Manufacturers Favor Convenience over Security Because IoT security is still an afterthought, cybercriminals in general consider smart devices...

Pentesting certifications

4 Articles

Pentesting certifications April 27, 2020 Susan Morrow

The business value of the CompTIA PenTest+ employee certification

Vulnerabilities in our technology-enabled systems and services are the Achilles heel of our extended IT networks. In 2019, CVE Details recorded 16,556 such...

Pentesting certifications July 7, 2019 Ravi Das (writer/revisions editor)

10 Best Practices for Mobile App Penetration Testing

Penetration testing is one of the best ways to thoroughly check your defense perimeters for security weaknesses. Pentesting can be used across the entire spectrum...

Threat modeling

4 Articles

Threat modeling January 11, 2021 Howard Poston

Threat modeling: Technical walkthrough and tutorial

Threat modeling is an exercise designed to help an organization identify potential threats and cybersecurity risks within their organization and systems....

Threat modeling December 22, 2020 Howard Poston

Role and purpose of threat modeling in software development

Threat modeling is an exercise designed to identify the potential cybersecurity threats and attack surface of an application. By working through the threat...

Cyberwarfare

3 Articles

Cyberwarfare April 16, 2019 Dan Virgillito

Cyberwarfare security solutions for large enterprises

The impact of cyberwarfare on political organizations and critical infrastructure vendors is well-documented. What is considerably less discussed, however,...

Cyberwarfare March 6, 2019 Pedro Tavares

How to Protect Files With Canary Tokens

We are living in a world where terms such as data breach, vulnerability and cyberattack have been headlines. The number of vulnerabilities doesn't stop growing...

Conferences and events

2 Articles

Conferences and events September 16, 2020 Dan Virgillito

6 Windows event log IDs to monitor now

It’s possible to use Windows 10 event logs to detect intrusions and malicious activity, but some knowledge of critical IDs is mandatory to avoid over-collection...

Conferences and events March 18, 2019 Camille Dupuis

Conferences

Listed below are the in-person events Infosec will be at this year. November 3-5, 2019 | Chicago, IL November 18-20, 2019 | Phoenix, AZ December 9-10, 2019...

CCNA

2 Articles

CCNA September 30, 2020 Susan Morrow

Average CCNA salary 2020

The CCNA (Cisco Certified Network Associate) is one of the most well-known entry-level certifications within the IT industry. Holding this credential proves...

CCNA March 18, 2019 Adeolu Owokade

CCNA versus CCNP Difficulty

For anyone starting a new project, the wise thing to do is to “count the cost.” This also holds true for those just starting out in their Cisco (or networking-related)...

IoT Security

2 Articles

IoT Security February 17, 2018 Sumit Bhattacharya

The Top Ten IoT Vulnerabilities

Kevin Ashton coined the phrase the "Internet of Things" (also known as "IoT") back in 1999. This term represented the concept of a massive system where everyday...

IoT Security November 30, 2017 Irfan Shakeel

How IoT is Raising Cybersecurity Concerns

The world of information technology is moving towards a new trend called the Internet of Things, or IoT for short. Thus, there is a considerable drive to connect...

Data breach

1 Articles

Data breach November 9, 2020 Susan Morrow

Data breach vs. data misuse: Reducing business risk with good data tracking

Imagine this, and let’s face it, this isn't too hard: your personal data, including financial information, has been stolen in a major data breach. You’d...

Web app penetration testing

1 Articles

Web app penetration testing August 20, 2015 Rorot

Web Application Penetration Testing Methodology eBook

34 Page eBook This comprehensive eBook dives deep into Penetration Testing Methodology, covering Security in the SDLC, Information Gathering, Vulnerability...