Category: Security

Keeping safe

Cracking linux full disc encryption, luks with hashcat.

Luks (linux unified key system), and dm-crypt are the standard that linux, and many others use for doing whole disk encryption. When implemented correctly, it can be nearly impossible to brute force. However when using

5 of the Best VPN Services for WordPress Users (Or Anyone Else, Too!)

In this post, we compare the 5 best VPN services for WordPress users (or really anyone else). That is, while we’ll focus on how VPNs can help WordPress users, most of the things that make

What is 2-Factor Authentication and Why You Should Care

In the digital world that we live in, our virtual identity has become as important as the real one. We are becoming more and more aware of our virtual presence, social activity and how we

WordPress Activity Log – 7 Things You Should Be Tracking

When your WordPress website is small, it’s easy to keep tabs on everything that happens within it. However, as it grows in size and complexity it can become a lot harder to keep up. This

54% of Cryptocurrency Exchanges Have Security Holes

Exchange security report by ICORating.com Over the years, digital thieves have stolen millions of dollars’ worth of cryptocurrency from various exchanges. The crypto market attracts a huge number of investors and everyone hopes to get

How to Use Fail2ban to Secure Your Linux Server

Improving your server security should be one of your top priorities, when it comes to managing a linux server. By reviewing your server logs, you may often find different attempts for brute force login, web

Tomb – A File Encryption and Personal Backup Tool for Linux

Tomb is a free open source, small, powerful and simple tool for encrypting files on GNU/Linux. At the time of this writing, it comprises of a shell script (zsh) using generic filesystem GNU tools and

Magecart 2.0: Architecture of a What-If

This case study was developed by Jscrambler’s Research team. During the past few weeks, we’ve been seeing an alarming number of attacks targeting several eCommerce and ticketing companies, stealing their clients’ credit card data. Behind these

Redirecting all variants of your domain to https Version

Assuming that I have a domain example.com I would like to redirect all the variations of this domain to the https version. There can be six variationsexample.com, www.example.com, http://example.com, http://www.example.com, https://example.com, https://www.example.com. I want to

Are Dating Apps Killing Romance?

Swipe, swipe, swipe, swipe… This sums up dating apps today. Endless swiping leading to a few matches, then less matches you decide to have a meaningful conversation with and eventually one or two people you

Managing Multi-User Access In Your Hosting Account

If you operate a business or manage large projects you know how important a multi-user environment can be. In this post I’d like to give some tips and tricks on how you can operate a

WPScan – A Black Box WordPress Vulnerability Scanner

WordPress is all over the web; it’s the most popular and most used content management system (CMS) out there. Is your website or blog is powered by WordPress? Did you know that malicious hackers are

Install and Configure ConfigServer Security & Firewall (CSF) in Linux

If you look at IT-related job postings anywhere, you will notice a steady demand for security pros. This does not only mean that cybersecurity is an interesting field of study, but also a very lucrative

Malware Analysis using Osquery | Part 2

In the first part of this series, we saw how you can use Osquery to analyze and extract valuable information about malware’s behavior. In that post, we followed the activity of the known Emotet loader,

Is WordPress Secure? Here’s What the Data Says

WordPress is, by far, the most popular way to build a website. That popularity has the unfortunate side effect of also making WordPress sites a juicy target for malicious actors all across the world. And

InfoSec Career Paths vs Programming Skills — The Basics

Image from https://www.2-sec.com/2017/08/day-life-2-sec-penetration-tester/ I’ve recently was asked for a numerous time?—?“Is being a great developer vital when choosing information security as a professional career?”, so I decided to write a more in-depth answer to the

How to Fix Your Connection is Not Private Error in Chrome (16 Tips)

Kinsta works with thousands of different WordPress sites on a daily basis, so when it comes to different types of errors, we’ve pretty much seen it all. From database connection errors to the white screen

Entering God Mode — The Kernel Space Mirroring Attack

How Alibaba are researching using the hardware features of ARM MMU to enable God Mode in Android 8 terminals Wang Yong, a.k.a. Thomas King, is a researcher from Alibaba Security’s Pandora Lab. The lab focuses

Universal Logon Framework: Another Blockchain Technology Disruption

The world as we see it today has no doubts become digitized. Nearly almost all transactions are carried out online. From booking an airplane ticket, international money transfers to ordering for foods and even booking