InfoSec Institute Resources

Syndikovat obsah
IT Security Training & Resources by Infosec
Aktualizace: 56 min 33 sek zpět

What does dark web monitoring really do?

14 Listopad, 2019 - 15:03

Introduction The dark web has earned a reputation as the internet’s shadowy underbelly. Hidden from search engines and only reachable with an encrypted web browser, it’s become a haven for cybercriminals and illicit activity.  What makes the dark web so appealing to fraudsters is the total anonymity it affords them. By masking IP addresses, cybercriminals […]

The post What does dark web monitoring really do? appeared first on Infosec Resources.

What does dark web monitoring really do? was first posted on November 14, 2019 at 8:03 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Be aware of these 20 new phishing techniques

14 Listopad, 2019 - 15:01

Most of us have received a malicious email at some point in time, but phishing is no longer restricted to only a few platforms. The evolution of technology has given cybercriminals the opportunity to expand their criminal array and orchestrate more sophisticated attacks through various channels. Here are 20 new phishing techniques to be aware […]

The post Be aware of these 20 new phishing techniques appeared first on Infosec Resources.

Be aware of these 20 new phishing techniques was first posted on November 14, 2019 at 8:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

10 factors for implementing successful and effective security awareness training

14 Listopad, 2019 - 15:00

“… And that is why for the next five to six hours we will be providing a comprehensive plan of how to show that you are at risk for phishing. If you’ll all turn to page eight hundred and twenty-four of your guidebooks, we will begin silent reading …”  Sound familiar? Employee engagement is an […]

The post 10 factors for implementing successful and effective security awareness training appeared first on Infosec Resources.

10 factors for implementing successful and effective security awareness training was first posted on November 14, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

The ROI of Security Awareness Training

14 Listopad, 2019 - 09:00

Security awareness programs help organizations achieve the ultimate goal of fewer security incidents, but how do the benefits compare to the costs and time requirements? A new study by Osterman Research uses data from 230 organizations to answer this question and quantify the ROI of security awareness training for both large and small organizations. This […]

The post The ROI of Security Awareness Training appeared first on Infosec Resources.

The ROI of Security Awareness Training was first posted on November 14, 2019 at 2:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Cybersecurity is everyone’s responsibility, and the C-suite needs to understand that

13 Listopad, 2019 - 15:03

Introduction The idea that cybersecurity should exclusively be the domain of a single department is highly outdated. We live in an era of hyperconnectivity, where anyone can access sensitive information from anywhere. The protection of corporate systems and data cannot be a one-team (or, as is the case in some organizations, one-person) responsibility. While your […]

The post Cybersecurity is everyone’s responsibility, and the C-suite needs to understand that appeared first on Infosec Resources.

Cybersecurity is everyone’s responsibility, and the C-suite needs to understand that was first posted on November 13, 2019 at 8:03 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

CASP+: overview of domains [2019 update]

13 Listopad, 2019 - 15:02

Introduction Whether you are an IT security professional or a security analyst who wants to advance their career in cybersecurity, the CompTIA Advanced Security Practitioner (CASP+) certification provides a way to work in one of the fastest-growing fields in the U.S. The master-level CASP+ sets the benchmark for what a cybersecurity analyst needs to know […]

The post CASP+: overview of domains [2019 update] appeared first on Infosec Resources.

CASP+: overview of domains [2019 update] was first posted on November 13, 2019 at 8:02 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Network Traffic Analysis for IR: Address Resolution Protocol (ARP) with Wireshark

13 Listopad, 2019 - 15:01

Introduction to the Address Resolution Protocol  The Address Resolution Protocol (ARP) was first defined in RFC 826. As the name suggests, it is designed to resolve IP addresses into a form usable by other systems within a subnet. Network addressing works at a couple of different layers of the OSI model. At Layer 2, computers […]

The post Network Traffic Analysis for IR: Address Resolution Protocol (ARP) with Wireshark appeared first on Infosec Resources.

Network Traffic Analysis for IR: Address Resolution Protocol (ARP) with Wireshark was first posted on November 13, 2019 at 8:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Phishing in academic environments

12 Listopad, 2019 - 15:02

Introduction Higher education is a popular target for phishing scams. However, the industry’s vulnerability is often overlooked by both cybersecurity specialists and university administrators alike. And the threat is serious: The education sector ranked #3 for the highest number of data breaches, according to the Symantec Internet Security Threat Report for 2015 Higher education data […]

The post Phishing in academic environments appeared first on Infosec Resources.

Phishing in academic environments was first posted on November 12, 2019 at 8:02 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

MITRE ATT&CK: Replication through removable media

12 Listopad, 2019 - 15:01

Introduction The progression of information security has been heavily focused on the internet as the primary source of threats. What may be overlooked is the specter that was around during the early days of computing that has always been and remains with us — the threat posed by removable media. While information security measures and […]

The post MITRE ATT&CK: Replication through removable media appeared first on Infosec Resources.

MITRE ATT&CK: Replication through removable media was first posted on November 12, 2019 at 8:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Network traffic analysis for IR: Alternatives to Wireshark

12 Listopad, 2019 - 15:00

Introduction It is almost impossible to leave a conversation with a cybersecurity professional, take an introductory networking class, or break into ethical hacking without hearing about Wireshark. Wireshark is arguably the most popular tool and likely the gold standard when it comes to network protocol capture and analysis.  From the moment the software runs, Wireshark […]

The post Network traffic analysis for IR: Alternatives to Wireshark appeared first on Infosec Resources.

Network traffic analysis for IR: Alternatives to Wireshark was first posted on November 12, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

How to prepare for a ransomware attack

11 Listopad, 2019 - 19:39

The threat of ransomware Ransomware has become a common and well-known threat to organizations. Its success is largely based on the fact that it is a simple yet effective way for an attacker to make money from a target organization. By denying people access to their (valuable) data, an attacker can demand an average of […]

The post How to prepare for a ransomware attack appeared first on Infosec Resources.

How to prepare for a ransomware attack was first posted on November 11, 2019 at 12:39 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

MITRE ATT&CK: Command-line interface

11 Listopad, 2019 - 18:29

Introduction Try to remember the first time you sat at a PC. What was one of the seemingly high-level features about it that impressed you? Chances are that one of these features was the command-line interface. With a simple click, you could glimpse a vestige of DOS where a GUI is nonexistent and sophisticated functions […]

The post MITRE ATT&CK: Command-line interface appeared first on Infosec Resources.

MITRE ATT&CK: Command-line interface was first posted on November 11, 2019 at 11:29 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Network traffic analysis for IR: Statistical analysis

11 Listopad, 2019 - 18:08

Introduction to statistical analysis Statistical analysis is one of the three main categories of analysis that can be performed on network traffic data. It provides a much more detailed analysis than simple connection analysis and takes a different approach to identifying potential indicators of compromise than event-based analysis. Statistical analysis is typically geared toward performing […]

The post Network traffic analysis for IR: Statistical analysis appeared first on Infosec Resources.

Network traffic analysis for IR: Statistical analysis was first posted on November 11, 2019 at 11:08 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Hyperspecialization in cybersecurity | Cyber Work Podcast

11 Listopad, 2019 - 09:00

John Wheeler, Vice President of Security at Topcoder, and Cyber Work host Chris Sienko discuss hyperspecialization in cybersecurity and coding. – View the transcript, additional episodes and promotional offers: https://www.infosecinstitute.com/podcast – Join us in the fight against cybercrime: https://www.infosecinstitute.com About the Cyber Work Podcast Knowledge is your best defense against cybercrime. Each week on Cyber Work, host […]

The post Hyperspecialization in cybersecurity | Cyber Work Podcast appeared first on Infosec Resources.

Hyperspecialization in cybersecurity | Cyber Work Podcast was first posted on November 11, 2019 at 2:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Network traffic analysis for incident response (IR): What incident responders should know about networking

7 Listopad, 2019 - 15:03

Introduction In this article, we’ll discuss the various things that incident responders must know about the operation of a network and how this can help improve how their security teams respond to incidents. We’ll look at common attacks that organization networks suffer today and how they can be mitigated against. We’ll also discuss some network […]

The post Network traffic analysis for incident response (IR): What incident responders should know about networking appeared first on Infosec Resources.

Network traffic analysis for incident response (IR): What incident responders should know about networking was first posted on November 7, 2019 at 8:03 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Network traffic analysis for IR: Event-based analysis

7 Listopad, 2019 - 15:02

Introduction to event-based analysis Event-based analysis, as its name suggests, focuses on analysis of specific events that occur on the monitored network. This is accomplished by defining the event of interest, like malware detected within a phishing email, in such a way that a “hit” can be easily differentiated from a false positive. If an […]

The post Network traffic analysis for IR: Event-based analysis appeared first on Infosec Resources.

Network traffic analysis for IR: Event-based analysis was first posted on November 7, 2019 at 8:02 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

MITRE ATT&CK: Network sniffing

7 Listopad, 2019 - 15:00

Introduction Network sniffing may conjure images of a network-based bloodhound to some, but in the world of information security, it means the ability to capture or monitor information sent over a network. Attackers and malicious hackers use network sniffing to help them in the discovery phase of an attack. This method is listed in MITRE’s […]

The post MITRE ATT&CK: Network sniffing appeared first on Infosec Resources.

MITRE ATT&CK: Network sniffing was first posted on November 7, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Network traffic analysis for IR: Connection analysis

6 Listopad, 2019 - 15:02

Introduction to connection analysis Connection analysis is the highest-level type of network analysis that is used in incident response. Rather than developing and scanning with signatures of particular attack types or performing statistical analysis to identify anomalies in a network’s overall traffic profile, connection analysis monitors the connections made by a particular machine. Each computer […]

The post Network traffic analysis for IR: Connection analysis appeared first on Infosec Resources.

Network traffic analysis for IR: Connection analysis was first posted on November 6, 2019 at 8:02 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Malware spotlight: What are backdoors?

6 Listopad, 2019 - 15:01

Introduction Imagine staring down an impregnable fortress or network and determining that there is no conceivable way in without obvious detection. You would probably trade half of the tools in your proverbial toolkit to have a sort of back door into this fortress. Attackers understand this and have developed a specialty type of Trojan for […]

The post Malware spotlight: What are backdoors? appeared first on Infosec Resources.

Malware spotlight: What are backdoors? was first posted on November 6, 2019 at 8:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

MITRE ATT&CK: Input capture

6 Listopad, 2019 - 15:00

Introduction Since the early days of computing, input has been the most basic form of interface with a system. Until attackers find a way to intercept brain communications, input will remain the holy grail of information sources to harvest. Attackers have a way to access this rich source of sensitive information — the input capture […]

The post MITRE ATT&CK: Input capture appeared first on Infosec Resources.

MITRE ATT&CK: Input capture was first posted on November 6, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security