Tag: security
How Did Russian Hackers Phish America’s Power Grid?
The kill chain, the phishing attack and the broken trust graph The Wall Street Journal published an explosive story about how state-sponsored Russian hackers used a variety of techniques and a spider web of compromised accounts …
Who’s Really Behind the World’s Most Popular Free VPNs?
After big names like Whatsapp, Snapchat, and Facebook, VPNs are the most searched-for applications in the world. “VPN” is the second-highest non-branded search term behind “games”, and free apps completely dominate the search results. The …
Data Breaches: The Complete WIRED Guide
Another week, another massive new corporate security breach that exposes your personal data. Names, email addresses, passwords, Social Security numbers, dates of birth, credit card numbers, banking data, passport numbers, phone numbers, home addresses, driver’s …
Cracking linux full disc encryption, luks with hashcat.
Luks (linux unified key system), and dm-crypt are the standard that linux, and many others use for doing whole disk encryption. When implemented correctly, it can be nearly impossible to brute force. However when using …
What is 2-Factor Authentication and Why You Should Care
In the digital world that we live in, our virtual identity has become as important as the real one. We are becoming more and more aware of our virtual presence, social activity and how we …
54% of Cryptocurrency Exchanges Have Security Holes
Exchange security report by ICORating.com Over the years, digital thieves have stolen millions of dollars’ worth of cryptocurrency from various exchanges. The crypto market attracts a huge number of investors and everyone hopes to get …
Magecart 2.0: Architecture of a What-If
This case study was developed by Jscrambler’s Research team. During the past few weeks, we’ve been seeing an alarming number of attacks targeting several eCommerce and ticketing companies, stealing their clients’ credit card data. Behind these …
Redirecting all variants of your domain to https Version
Assuming that I have a domain example.com I would like to redirect all the variations of this domain to the https version. There can be six variationsexample.com, www.example.com, http://example.com, http://www.example.com, https://example.com, https://www.example.com. I want to …
Are Dating Apps Killing Romance?
Swipe, swipe, swipe, swipe… This sums up dating apps today. Endless swiping leading to a few matches, then less matches you decide to have a meaningful conversation with and eventually one or two people you …
How My Email Account Got Hacked and the Steps I Took After Finding Out
How I found out how my email account got hacked and what steps I took to prevent future breaches of privacy. My email account got hacked recently ?. I’ll explained what happened, how it happened, and …
Malware Analysis using Osquery | Part 2
In the first part of this series, we saw how you can use Osquery to analyze and extract valuable information about malware’s behavior. In that post, we followed the activity of the known Emotet loader, …
InfoSec Career Paths vs Programming Skills — The Basics
Image from https://www.2-sec.com/2017/08/day-life-2-sec-penetration-tester/ I’ve recently was asked for a numerous time?—?“Is being a great developer vital when choosing information security as a professional career?”, so I decided to write a more in-depth answer to the …
Entering God Mode — The Kernel Space Mirroring Attack
How Alibaba are researching using the hardware features of ARM MMU to enable God Mode in Android 8 terminals Wang Yong, a.k.a. Thomas King, is a researcher from Alibaba Security’s Pandora Lab. The lab focuses …
Universal Logon Framework: Another Blockchain Technology Disruption
The world as we see it today has no doubts become digitized. Nearly almost all transactions are carried out online. From booking an airplane ticket, international money transfers to ordering for foods and even booking …
What goes into protecting your credit card information on the web?
* This post was originally posted on November 28, 2014, and has been updated for accuracy. Purchases happen with the click of a button, a swipe of a finger, or simply, no human interaction at all. Whether it’s our monthly subscription to Netflix, the plane tickets that just went on flash sale, or the book that we purchased with Prime shipping, our request for immediacy and automation has placed our credit card information all over …
3 Ways to Prevent Email Abuse
* This post was originally posted on July 12, 2016, and has been updated for accuracy. Over 100 billion emails get sent per day. Everything from out-of-office alerts to billing summaries gets transferred across the web, from server to server. While we expect the things we send and deliver to remain secure, we know it isn’t always the case. There are various ways mail servers can be compromised, however, there are also …