Mobile emulator farms: What are they and how they work
Mobile emulator farms have been used to steal millions of dollars.
Topics
Explore Python for MITRE ATT&CK execution
Python can help a penetration tester gain execution on a target system. Find out how Python can be used as part of a phishing campaign and more.
Explore Python for MITRE ATT&CK initial access
Gaining initial access to a target environment provides many opportunities for using Python scripts.
SOCs spend nearly a quarter of their time on email security
Email security is still a high risk for companies, but there are things you can do to mitigate it.
Security awareness manager: Is it the career for you?
Learn all about the role of a security awareness manager and find out a career in security awareness is a good fit for you.
Securing the Kubernetes cluster
Explore common security best practices to ensure that your Kubernetes cluster is properly secured.
How to run a software composition analysis tool
Learn the pros and cons of software composition analysis (SCA) and how it can help protect your application from attacks.
Phishing attacks doubled last year, according to Anti-Phishing Working Group
This article will recap findings from the 2020 fourth quarter edition of the APWG Phishing Activity Trends Report.
The Phish Scale: How NIST is quantifying employee phishing risk
The NIST Phish Scale is a useful tool for quantifying phishing risk for your employees.
Partnering to close the cyber skills gap: 6 questions with Coursera
Six questions with Dr. Betty Vandenbosch, Chief Content Officer at Coursera, on closing the cybersecurity skills gap through industry partnerships.
Women in cybersecurity: Building diversity, accessibility and stronger teams
Women are still underrepresented in cybersecurity roles, but there are ways to pursue change and take action.
Email forensics: desktop-based clients
Emails are the most commonly used technology for exchanging messages between people/business using electronic media. With every technology, there comes a risk.This...
What is a Honey Pot? [updated 2021]
Honeypots are special programs that are written for one purpose: to be exploited. Honeypots emulate the appearance of a vulnerability so that attackers, viruses...
WPWN: 1 VulnHub capture the flag walkthrough
This easy capture the flag exercise from VulnHub provides a good hands-on experience.
M87 1: VulnHub Capture the flag walkthrough
This VulnHub capture the flag (CTF) challenge is a great resource for those looking to learn hacking skills and practice them in a safe environment.
Why data classification is important for security
Malicious actors want your data, but not all data is created equal. That's why data classification is a crucial step when it comes to data security.
Compliance management: Things you should know
Compliance management is important to ensure it's easier to adhere to policies. It can protect your organization and customers.
Stacks and Heap
Memory is a crucial resource for any system when conducting reverse engineering. Malware analysts must understand the way memory is assigned to a program.
During...
Top 8 reverse engineering tools for cyber security professionals [updated 2021]
Whether it is rebuilding a car engine or diagramming a sentence, people can learn about many things simply by taking them apart and putting them back together...
Introduction to Secure Software Development Life Cycle
Learn all about the Secure Software Development Life Cycle.
How to implement common logic constructs such as if/else/loops in x86 assembly
X86 is an assembly language. It is also backward compatible. It is said to be compatible with systems going back 1972. Object codes can be created by x86...
Securing voice communications
Whether you're using Skype, Zoom or a custom-built system, securing voice communications is an important component of security.
What is endpoint protection and security?
As technology evolves, so has endpoint security. Learn how to answer what is the endpoint — and how to secure it.
Cybersecurity Weekly: Largest ever password dump, DoJ recovers ransom, Chrome bugs
The largest password collection ever was leaked online with 8.4 billion entries. The U.S. DoJ recovers more than half of the ransom paid by Colonial Pipeline. A Chrome browser bug is under active attack. All this, and more, in this week’s edition of Cybersecurity Weekly.
Cybersecurity Weekly: DOJ prioritizes ransomware, CODESYS flaws, Realtek bugs
The U.S. gives ransomware hacks a similar priority as terrorism. Ten critical flaws were found in the CODESYS industrial automation software. Researchers warn of critical bugs affecting the Realtek Wi-Fi module. All this, and more, in this week’s edition of Cybersecurity Weekly.
Dependency confusion: Compromising the supply chain
Public packages can be exploited and replaced with malicious ones at even the largest companies like Apple and more.
BendyBear: A shellcode attack used for cyberespionage
BendyBear malware has proven to be one of the most dangerous, and a threat to countries across the world.
Structures of cryptography
Cryptography is an important way to keep data safe. Learn about cryptography features and how cryptography works.
Role of digital signatures in asymmetric cryptography
Digital signatures are used for verification and authentication. See the steps to create a digital signature — and their applications.
Sparrow.ps1: Free Azure/Microsoft 365 incident response tool
Sparrow is a powerful tool used for detecting malicious activities in Azure and Microsoft Office 365.
Uncovering and remediating malicious activity: From discovery to incident handling
Need a “cybersecurity playbook” for incident response? A recent CISA alert used threat intel from five counties to create this best practice guide.
AWS security and compliance overview
Amazon offers many solutions for ensuring your environment is secure and meets many industry standard compliance frameworks. By properly utilizing tools such...
CloudGoat walkthrough series: IAM privilege escalation by attachment
This is the fourth in the walkthrough series of the CloudGoat scenarios. CloudGoat is a “vulnerable by design” AWS deployment tool designed by Rhino Security...
Android security: Everything you need to know [Updated 2021]
Android devices have a host of security risks, but updates are helping to mitigate them.
Application sideloading in Windows 10
Windows 10 security is a constantly evolving and update process. Data security in Windows 10 starts with a high encryption, using BitLocker. Access is restricted...
ICS/SCADA threats and threat actors
Industrial control systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems play a critical role in critical infrastructure and industrial...
Incident response and recovery best practices for industrial control systems
In collaboration with the North American Electric Reliability Corporation (NERC), the Federal Energy Regulatory Commission (FERC) developed a 2020 Cyber Planning...
Analysis of ransomware used in recent cyberattacks on health care institutions
In recent years, there has been a steady increase in the number of ransomware attacks on healthcare institutions. The pressure such institutions experienced...
Top Cyber Security Risks in Healthcare [Updated 2020]
The healthcare industry is a prime target for cybercriminals. Stolen protected health information (PHI) is worth hundreds, even thousands of dollars on the...
Whitespace obfuscation: PHP malware, web shells and steganography
How to deal with whitespace obfuscation and what to be aware of.
New Sudo flaw used to root on any standard Linux installation
Vulnerability tracked as CVE-2021-3156 in Sudo, could allow unprivileged local users to gain root privileges on a vulnerable host
Most common MITRE ATT&CK tactics and techniques: CISA shares most common RVAs
CISA has released a list of Risk and Vulnerability Assessments, or RVAs, to the MITRE ATT&CK Framework and have released their findings to the public...
Using MITRE ATT&CK with cyber threat intelligence
MITRE ATT&CK® is a framework. It’s designed as a store of knowledge about the possible ways that cyber attackers might create a plan or execute that...
Deception technologies: 4 tools to help you identify threats and mitigate risks
Deception technologies have come a long way from the days when honeypots were used to analyze attacker behavior. Today’s deception tools contain advanced...
Threat hunting with Kolide and osquery
In this article, we’ll discuss how we can use Kolide Fleet for threat-hunting purposes. This article is not intended to be an introductory piece, but rather...
Smart Toys and Their Cybersecurity Risks: Are Our Toys Becoming a Sci-Fi Nightmare? [updated 2021]
As smart toys get more advanced, they bring more cybersecurity risk with them.
Japan’s IoT scanning project looks for vulnerable IoT devices
The Internet of Things (IoT) is still a baby compared to other computing technologies, but the market has already exploded and continues to expand at a healthy...
Cryptocurrency Enforcement Framework: Impacts on digital forensic investigations
A new Cryptocurrency Enforcement Framework was recently released. Learn how it may impact cryptocurrency, cybersecurity and digital forensics investigations.
Blockchain and hash functions
Hash functions are cryptographic algorithms designed to protect the integrity of data. Hash functions have a few useful properties, including:
One-way:...
Engineering a Twitter spearphishing bot from machine learning
Spearphishing on Twitter has proven to be dangerous and effective through the use of machine learning and bots.
Machine learning for social engineering
Social engineering is a form of communication that aims at gaining people’s trust at first and then prompting them to share sensitive information or do something...
Insider threat report: Tesla employee thwarts $1 million bribery attempt
Tesla’s near insider threat situation response is a good model to follow if faced with a similar situation.
Insider threat report: Former Twitter employees charged with spying for Saudi Arabia
Insider threats are malicious threats to an organization that come from employees and other people working at that organization. This type of threat is particularly...
ICS cyber ranges: Hands-on training for industrial control system security teams
Incident response has been a pillar of cybersecurity for decades. But plans to account for the unique risks surrounding the specialized command and control...
Purple team cyber ranges: Hands-on training for red and blue teams
Businesses are always adapting and innovating when it comes to cybersecurity. While the use of layered defenses and red and blue teams used to be enough, many...
Applying NIST Cybersecurity Framework to positioning, navigation and timing systems
A NIST framework for secure positioning, navigation and timing can improve security.
NIST CSF: Cybersecurity basics — Foundation of CSF
The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is all about the security of critical Infrastructure. NIST SP 800-30,...
PenTest+: DoDD 8570 overview
In November 2020, the US Department of Defense (DoD) has selected CompTIA PenTest+ as an approved certification for military personnel and defense contractors...
Introduction to the DoD Cyber Workforce Framework (DCWF)
In response to the ever-changing world, including the increased focus on cyberspace as a theater of war, the US Department of Defense (DoD) decided that it...
Two ways to build a cybersecurity team using the NICE Framework
Using the NICE Framework for Cybersecurity will help you structure your team against cyberthreats.
Close Your Skills Gap: Putting the NICE Workforce Framework for Cybersecurity to Work
If you’re looking for a blueprint that classifies, manages and explains cybersecurity work, the National Initiative for Cybersecurity Education (NICE) has...