Introduction Whether your organization is tired of being held back by the cybersecurity workforce skills gap or your management team has watched the worst that a cyberattack could do to a peer organization, the time has come to do something about it. One of the best decisions your organization can make is to explore how [β¦]
The post How to pick the best cyber range for your cybersecurity training needs and budget appeared first on Infosec Resources.
Introduction If youβre sending instant messages at work, chances are youβre using Slack, the business-oriented analog of WhatsApp or Discord. Slack currently boasts over 12 million users worldwide, and as more businesses turn to remote or hybrid work environments, that number is only expected to grow. But Slackβs popularity raises a very important question: exactly [β¦]
The post Monitoring business communication tools like Slack for data infiltration risks appeared first on Infosec Resources.
The Lyceum/Hexane Cybercrime Group Lyceum and Hexane are two industry designations for an APT group that was discovered in August 2019 and was operating without detection for at least a year and possibly since April 2018. The Lyceum/Hexane APT focuses their attacks on companies within the oil, gas and telecommunications industries operating in the Middle [β¦]
The post Inside the Lyceum/Hexane malware appeared first on Infosec Resources.
Introduction There is a myth that good security solutions are necessarily expensive, but the truth is that there are many options, not only at low cost, but even excellent free tools that can be employed to protect most businesses. A good example of this is OWASPβs list of free for Open Source Application Security Tools, [β¦]
The post Are open-source security tools secure? Weighing the pros and cons appeared first on Infosec Resources.
Introduction When it comes to cyberthreats, it is not a matter of if, but when an organization is going to be targeted by cybercriminals. Will you and your organization be ready? Fortunately, the real thing does not have to be the first time that you or your team has their skills put to the test. [β¦]
The post What is a cyber range? appeared first on Infosec Resources.
Introduction The Microsoft Azure Fundamentals (AZ-900) certification exam is a great way for someone new to the field of cloud computing to demonstrate knowledge, interest and experience to current or potential employers. In this article, we will offer an overview of Microsoft Azureβs most popular certification β the Microsoft Certified Azure Fundamentals certification. We will [β¦]
The post Microsoft Azure Fundamentals (AZ-900) Domains Overview appeared first on Infosec Resources.
Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is the first half of an HTB machine named Cascade. HTB is an excellent platform that hosts machines belonging to multiple OSes. It also has some other challenges as well. Individuals have to solve [β¦]
The post Hack the Box (HTB) machines walkthrough series β Cascade (Part 1) appeared first on Infosec Resources.
Introduction The global COVID-19 pandemic has forced individuals and organizations to adopt new ways of doing daily tasks, from working to learning. It has also accelerated the journey to the cloud for many organizations; for others, it has made them more reliant on the cloud. With that move comes a demand for professionals with cloud [β¦]
The post Microsoft Azure Certification: Overview And Career Path appeared first on Infosec Resources.
Introduction In modern networks, security is not an afterthought. You need to know how to build secure networks from the outset. Security has to be woven into the very fabric of the network.Β The 200-301 CCNA exam covers security fundamentals among a broad range of networking topics. This article describes what you need to know [β¦]
The post CCNA certification prep: Security fundamentals appeared first on Infosec Resources.
Introduction In this article, we will solve a Capture the Flag (CTF) challenge that was posted on the VulnHub website by AndrΓ© Henrique. Per the description given by the author, you must βHelp Morpheus to leave the Matrix and return to Zion.β To do so, we have to find and read two flags (user and [β¦]
The post ZION: 1.2 β VulnHub CTF walkthrough (part 1) appeared first on Infosec Resources.
Introduction It has been said that a picture is worth a thousand words. In the world of malware, a picture is worth an infection β in other words, a picture can actually be the malware (ransomware, specifically in this case) that initially infects the compromised machine. This malware is called Tycoon and it uses an [β¦]
The post Tycoon malware: What it is, how it works and how to prevent it | Malware spotlight appeared first on Infosec Resources.
Introduction to dark web phishing kits The internet is like an iceberg: there is a lot more to it than can be seen from the surface. In addition to the surface web (what can be accessed and indexed by search engines), there is the deep web (gated content on internet-connected computers) and the darknet or [β¦]
The post Cybercrime at scale: Dissecting a dark web phishing kit appeared first on Infosec Resources.
Introduction The CCNP, or Cisco Certified Network Professional, is a certification endorsing IT professionals who have the knowhow and skill to set up, configure and manage local and wide-area networks within an enterprise. CCNP certification takes you through video, voice, wireless and advanced security issues. Since the training module and examinations for the CCNP certification [β¦]
The post Average CCNP salary 2020 appeared first on Infosec Resources.
What percentage of the exam focuses on network fundamentals? The network fundamentals section is 20% of the CCNA 200-301βs topics. Itβs neither the largest nor the smallest. The fact that the percentage increased from 15% in the previous version indicates that Cisco has emphasized the importance of having a strong base in this topic, on [β¦]
The post CCNA certification prep: Network fundamentals [updated 2020] appeared first on Infosec Resources.
Introduction The CCNA (Cisco Certified Network Associate) is one of the most well-known entry-level certifications within the IT industry. Holding this credential proves your ability to install, configure, manage and support small- to medium-sized networks.Β A study by CompTIA found that 47% of SMBs see the IT skills gap growing. This IT skills gap is [β¦]
The post Average CCNA salary 2020 appeared first on Infosec Resources.
Introduction Cybersecurity in the process industries is a growing concern due to the increasing number of cyber attacks against industrial control systems (ICS) and the presence of a large number of legacy devices that are not designed to be resilient to modern threats.Β In many industrial environments there are a heavy presence of legacy systems. [β¦]
The post BPCS & SIS appeared first on Infosec Resources.
Introduction In order to keep your AWS environment secure while allowing your users to properly utilize resources, you must ensure that users are correctly created with proper permissions. Also, you must monitor your environment to ensure that unauthorized access does not occur and accounts are up to date. User Account Creation and Management AWS IAM [β¦]
The post AWS User Management appeared first on Infosec Resources.
Introduction Browsers have become an inherent part of our virtual life and we all make use of browsers for surfing the internet in some or the other way. Also, browsers can be used not only for surfing, we can make use of browsers for navigating through the file system of the OS. You might have [β¦]
The post Browser Forensics: Google Chrome appeared first on Infosec Resources.
Introduction Browsers have become an inherent part of our virtual life and we all make use of browsers for surfing the internet in some or the other way. Also, browsers can be used not only for surfing, we can make use of browsers for navigating through the file system of the OS. You might have [β¦]
The post Browser Forensics: Firefox appeared first on Infosec Resources.
Introduction Browsers have become an inherent part of our virtual life and we all make use of browsers for surfing the internet in some or the other way. Also, browsers can be used not only for surfing, we can make use of browsers for navigating through the file system of the OS. You might have [β¦]
The post Browser Forensics: IE 11 appeared first on Infosec Resources.
Introduction To understand Network Security, itβs imperative that we understand networking fundamentals and networking basics. In this post, we will be learning about networking basics and fundamentals to get started with Network Security.Β We cannot cover whole networking in a single post so we will be focusing only on core networking concepts needed for network [β¦]
The post Networking fundamentals (for Network security professionals) appeared first on Infosec Resources.
Introduction Wireless networks have become an inherent part of our life and we all use wireless networks in some form in our day to day life. Of all the utilities provided by wireless networks, we use wireless networks widely for connecting to the internet. We connect to the internet wirelessly either by router or using [β¦]
The post Wireless Networks and Security appeared first on Infosec Resources.
Introduction This article provides an overview of how printing functions work and how format strings are used to format the data being printed. Developers often use print functions for a variety of reasons such as displaying data to the users and printing debug messages. While these print functions appear to be innocent, they can cause [β¦]
The post Introduction to Printing and Format Strings appeared first on Infosec Resources.
Introduction In the previous article, we understood how print functions like printf work. This article provides further definition of Format String vulnerabilities. We will begin by discussing how Format Strings can be used in an unusual way, which is a starting point to understanding Format String exploits. Next, we will understand what kind of mistakes [β¦]
The post Format String Vulnerabilities: Use and Definitions appeared first on Infosec Resources.
Introduction In the previous articles, we discussed printing functions, format strings and format string vulnerabilities. This article provides an overview of how Format String vulnerabilities can be exploited. In this article, we will begin by solving a simple challenge to leak a secret from memory. In the next article, we will discuss another example, where [β¦]
The post How to exploit Format String Vulnerabilities appeared first on Infosec Resources.
Copy-paste compromises: Introduction and overview Although the concept of copy-paste compromises is not exactly new, there are now several different forms of the attack. In the version of copy-paste compromise that weβll discuss today, malicious actors use open-source or publicly available exploit code, web shells and other tools to gain information. Recently, Australia has revealed [β¦]
The post Copy-paste compromises appeared first on Infosec Resources.
Introduction to Lockphish Phishing attacks are a common tactic for gaining initial access to a system. If an attacker can convince their target to hand over their login credentials or install and execute malware on their machine, this provides an attacker with a foothold that can be used to expand their access and achieve their [β¦]
The post Lockphish phishing attack: Capturing Android PINs & iPhone passcodes over https appeared first on Infosec Resources.