InfoSec Institute Resources

Syndikovat obsah
IT Security Training & Resources by InfoSec Institute
Aktualizace: 20 min 10 sek zpět

Top 5 Strategies to Avoid Getting Hacked Online

5 hodin 1 min zpět

While we are becoming increasingly more reliant on technology and storing our information online, this trend increases the quantity and desire of hackers to try and acquire your sensitive information such as passwords and files. Your computer getting infected with a malicious virus can give the hacker the ability to access your computer and can […]

The post Top 5 Strategies to Avoid Getting Hacked Online appeared first on InfoSec Resources.

Kategorie: Hacking & Security

PHP Lab: Analyze the code and spot the vulnerability

16 Srpen, 2017 - 14:00

Introduction and background: A penetration test has been conducted on the following URL, and a SQL Injection vulnerability was identified. http://192.168.56.101/webapps/sqli/sqli.php The developers were notified about the vulnerability, and they were asked to fix the vulnerability. After fixing the vulnerability, the new code has been promoted to the following URL. http://192.168.56.101/webapps/sqli/sqliv2.php Analyze the fixed code […]

The post PHP Lab: Analyze the code and spot the vulnerability appeared first on InfoSec Resources.

Kategorie: Hacking & Security

HBO Hacked, Game of Thrones script leaked on the Internet

15 Srpen, 2017 - 19:34

Early August, hackers announced to have breached the systems of the television network HBO that is owned by the giant Time Warner. Crooks claimed to have stolen 1.5 terabytes of data from HBO, including information on the current season of Game of Thrones and a script that is reportedly for the upcoming fourth episode of Game of Thrones Season 7. […]

The post HBO Hacked, Game of Thrones script leaked on the Internet appeared first on InfoSec Resources.

Kategorie: Hacking & Security

PHP Lab: PHP Double Submit Problem.

14 Srpen, 2017 - 14:00

Introduction and background If a user refreshes a page after submitting a form, he may accidentally post the content again resulting in duplicate submission, thus causing undesired results. This is known as double submit problem. In this lab, we will programmatically understand why this problem occurs and how to fix this. Lets begin The application […]

The post PHP Lab: PHP Double Submit Problem. appeared first on InfoSec Resources.

Kategorie: Hacking & Security

PHP Lab: File Upload Vulnerabilities:

11 Srpen, 2017 - 14:00

Many websites require file upload functionality for their users. Social networking websites, such as Facebook and Twitter allow their users to upload profile pictures. Job portals allow their users to upload their resumes. File upload functionality is crucial for many web applications. At the same time, it is a big risk to the application as […]

The post PHP Lab: File Upload Vulnerabilities: appeared first on InfoSec Resources.

Kategorie: Hacking & Security

How Security Awareness Training Can Save You From the Horror of Malware

10 Srpen, 2017 - 23:47

Introduction The first impression of cybersecurity usually refers to the technical aspect. Computer science jargon ranging from software development, network configuration, database management and hardware manufacturing are not easy to be comprehended by average computer users. These fields require specialist knowledge as well as significant theoretical and practical training. Certainly, security issues take place in […]

The post How Security Awareness Training Can Save You From the Horror of Malware appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Identity Comes of Age

10 Srpen, 2017 - 00:17

I remember going to the Internet Identity Workshop at the Computer History Museum back in 2009. It was an “unconference,” which meant that anyone could present as long as you got your idea up on the board quickly. I presented on the topic of “Information Cards.” Information Cards were an identity framework brought to fruition […]

The post Identity Comes of Age appeared first on InfoSec Resources.

Kategorie: Hacking & Security

SecurityIQ Product Update: August 2017

9 Srpen, 2017 - 20:39

This week’s SecurityIQ feature release includes several exciting new capabilities for improved functionality. Updates include data-housing capabilities for European clients, improved reporting tools and simplified language preference management. Read on for complete release details. Download the complete SecurityIQ features overview. Increased Learner-Privacy Controls to Further Comply with EU-US Privacy Shield European SecurityIQ clients now have […]

The post SecurityIQ Product Update: August 2017 appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Online Tools and Services for Wannabe Criminals: A Dangerous Trend

9 Srpen, 2017 - 14:00

Hackshit PhaaS platform Today it is quite easy to conduct any kind of attack without specific knowledge, for example, phishing campaigns using tools like Hackshit. The Hackshit crimeware-as-a-service was discovered by the experts from Netskope Threat Research Labs in July; It is a Phishing-as-a-Service (PhaaS) platform that offers low cost, “automated solution for the beginner scammers.” The […]

The post Online Tools and Services for Wannabe Criminals: A Dangerous Trend appeared first on InfoSec Resources.

Kategorie: Hacking & Security

PHP Lab: File Inclusion attacks

9 Srpen, 2017 - 14:00

Introduction File inclusion is one of the popular yet old vulnerabilities that are often seen in websites. PHP websites that make use of include() function in an insecure way become vulnerable to file inclusion attacks. Before going ahead with file inclusion vulnerabilities, let us understand, what include() function does. A developer can include the content […]

The post PHP Lab: File Inclusion attacks appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Privacy in the Era of IoT

9 Srpen, 2017 - 00:08

Once upon a time, computer privacy was something along the lines of making sure no one was peeking over your shoulder while you wrote a letter on your desktop. Then things changed. Something called the Internet appeared. In terms of privacy, the Internet was a little like opening the stable door and letting the horse […]

The post Privacy in the Era of IoT appeared first on InfoSec Resources.

Kategorie: Hacking & Security

The Importance of C-Level Security Awareness Training

8 Srpen, 2017 - 23:54

As a CEO, it’s important for you to understand a harsh and terrifying reality: Your company is under constant attack from hackers, thieves, and other cybercriminals. They are looking for a way into your network so they can steal information or money, spy on you, and possibly cause havoc up and down the line. And […]

The post The Importance of C-Level Security Awareness Training appeared first on InfoSec Resources.

Kategorie: Hacking & Security

WannaCry, The Aftermath: How WannaCry Could Have Been WannaSmile

7 Srpen, 2017 - 15:28

I have been working in the field of cyber security and related areas for over 20 years. In that time there have been many cyber incidents. Those that instantly spring to mind include the ‘I Love You’ virus, the OpenSSL security vulnerability ‘HeartBleed’, and the viral worm ‘Nimbda’. All of them are consumer level awareness […]

The post WannaCry, The Aftermath: How WannaCry Could Have Been WannaSmile appeared first on InfoSec Resources.

Kategorie: Hacking & Security

PHP Lab: Exploiting SQL Injection

7 Srpen, 2017 - 14:00

Identifying SQL Injection vulnerabilities The first step in exploiting a SQL injection is to identify the vulnerability. This first section of this lab walks you through the basics of how we can identify SQL Injection vulnerabilities in Web Applications. Open up the following URL in Kali Linux. http://192.168.56.101/webapps/sqli/sqli.php It shows the following web page. Users […]

The post PHP Lab: Exploiting SQL Injection appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Does History Need to Repeat Itself? Lessons Learned From WannaCry

5 Srpen, 2017 - 00:23

Often, at the end of a project, especially a long and complicated one, there will be a ‘lessons learned’ session held. These sessions usually bring together either the internal team or consortia teams, to discuss what went wrong and what went right with the project. The discussions are a way of analyzing events. If done […]

The post Does History Need to Repeat Itself? Lessons Learned From WannaCry appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Three Different Kinds of Online Scams

4 Srpen, 2017 - 18:27

There are countless ways and endless criminals online looking to steal your personal information or gain access to your financial accounts. Being able to identify the most common types of online scams and the tactics used by scammers to gain the information they seek is the first step in defending against it. Refraining from being […]

The post Three Different Kinds of Online Scams appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Election-Hacking: Time for Forensics

4 Srpen, 2017 - 18:00

Is it possible that an electronic vote-count manipulation determined who won the 2016 United States’ elections? Depending on which political side you interview, the answer varies. President Trump said he won the Nov. 8 vote fairly and rebutted any talks of interference. At the same time, Russian officials denied accusations of any meddling in America’s […]

The post Election-Hacking: Time for Forensics appeared first on InfoSec Resources.

Kategorie: Hacking & Security

How Security Awareness Training Can Protect the Military

4 Srpen, 2017 - 01:10

Introduction There stills seems to be no true consensus on the need for or importance of security training in the workplace. There are people on both sides of the argument who are making valid points for their stances. Though the majority of security professionals agree that security education is important, many question whether it is […]

The post How Security Awareness Training Can Protect the Military appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Why Do Educators Need Security Awareness Training?

4 Srpen, 2017 - 00:41

The answer to the article title is really simple: There is no shortage of examples where schools or universities have fallen victims to cyberattacks, such as the recent wave of malicious codes (i.e., ransomware). For instance, the Horry County School District had to pay a $10,000 ransom to decrypt their files, and this has happened […]

The post Why Do Educators Need Security Awareness Training? appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Security Awareness for IT Employees

4 Srpen, 2017 - 00:29

Stating that information security is everyone’s job is not something new; just try asking any person in charge of awareness efforts how many times they have done so. Even if your company has a dedicated security team, it is very important to let every employee know that they have a shared responsibility for the company’s […]

The post Security Awareness for IT Employees appeared first on InfoSec Resources.

Kategorie: Hacking & Security