InfoSec Institute Resources

Syndikovat obsah
IT Security Training & Resources by Infosec
Aktualizace: 24 min 57 sek zpět

Network traffic analysis for IR: Data collection and monitoring

3 Prosinec, 2019 - 18:49

Introduction Data collection and analysis for use by network engineers, security professionals and incident response has only exploded over the years with the growth of cloud-based services, mobile devices and tablets, remote workforces, interconnected applications and global enterprises. In fact, research has found that 41 percent of organizations claim that they were collecting significantly more […]

The post Network traffic analysis for IR: Data collection and monitoring appeared first on Infosec Resources.

Network traffic analysis for IR: Data collection and monitoring was first posted on December 3, 2019 at 11:49 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Network traffic analysis for Incident Response (IR): TLS decryption

3 Prosinec, 2019 - 15:02

Introduction to TLS When the internet was being created, security wasn’t much of an issue. The internet (and the Arpanet before it) was primarily being used by trusted parties and hacking wasn’t really a thing yet. As a result, many of the protocols used today weren’t developed for security. Potentially sensitive data was sent in […]

The post Network traffic analysis for Incident Response (IR): TLS decryption appeared first on Infosec Resources.

Network traffic analysis for Incident Response (IR): TLS decryption was first posted on December 3, 2019 at 8:02 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Malware spotlight: What is a Remote Access Trojan (RAT)?

3 Prosinec, 2019 - 15:00

Introduction A Remote Access Trojan (RAT) is a type of malware that allows covert surveillance, a backdoor for administrative control and unfettered and unauthorized remote access to a victim’s machine. The RAT is very dangerous because it enables intruders to get remote control of the compromised computer. Attackers can use the exploited machines to perform […]

The post Malware spotlight: What is a Remote Access Trojan (RAT)? appeared first on Infosec Resources.

Malware spotlight: What is a Remote Access Trojan (RAT)? was first posted on December 3, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Cybersecurity needs in megacorporations | Cyber Work Podcast

2 Prosinec, 2019 - 22:00

Gene Yoo, CEO of Resecurity, and Cyber Work podcast host Chris Sienko, discuss the specific needs for megacorporations, how to recover from cyber attacks, career strategies, and gender parity in cybersecurity. – View the transcript, additional episodes and promotional offers: https://www.infosecinstitute.com/podcast – Join us in the fight against cybercrime: https://www.infosecinstitute.com About the Cyber Work Podcast Knowledge is […]

The post Cybersecurity needs in megacorporations | Cyber Work Podcast appeared first on Infosec Resources.

Cybersecurity needs in megacorporations | Cyber Work Podcast was first posted on December 2, 2019 at 3:00 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Hack the Box (HTB) machines walkthrough series — Celestial

2 Prosinec, 2019 - 19:45

Today, we will be continuing with our exploration of Hack the Box (HTB) machines as seen in previous articles. This walkthrough is of an HTB machine named Celestial. HTB is an excellent platform that hosts machines belonging to multiple OSes. It also has some other challenges as well. Individuals have to solve the puzzle (simple […]

The post Hack the Box (HTB) machines walkthrough series — Celestial appeared first on Infosec Resources.

Hack the Box (HTB) machines walkthrough series — Celestial was first posted on December 2, 2019 at 12:45 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Knowledge and Skills Related to Applied Cryptography and Cryptanalysis

2 Prosinec, 2019 - 17:16

Introduction to applied cryptography Cryptography is widely used in modern technology, particularly in software. The primary purpose of cryptography is to provide confidentiality of data, but it is also used for authentication, and to verify data integrity. However, cryptography is fragile, and a single error in design or implementation can render it completely useless. Cryptography […]

The post Knowledge and Skills Related to Applied Cryptography and Cryptanalysis appeared first on Infosec Resources.

Knowledge and Skills Related to Applied Cryptography and Cryptanalysis was first posted on December 2, 2019 at 10:16 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Cybercrime investigator salary

2 Prosinec, 2019 - 16:01

Introduction Cybercrime investigators play an exciting and valuable role in solving crimes perpetrated online. If it involves fraud, identity theft, money laundering or cyber-harassment, there’s a team of cybercrime investigators working behind the scenes to recover evidence and bring it to court. These versatile individuals have a highly technical skill set in digital forensics in […]

The post Cybercrime investigator salary appeared first on Infosec Resources.

Cybercrime investigator salary was first posted on December 2, 2019 at 9:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Cybercrime certifications

2 Prosinec, 2019 - 15:50

Introduction Cybercrime is the fastest-growing type of crime in the U.S. That means the days of detectives in deerstalker caps are gone, and in their place are tech-savvy cybercrime experts. Cybercrime investigation is a fascinating field because it straddles the line between cybersecurity and law enforcement. Succeeding in this unique field means having a versatile […]

The post Cybercrime certifications appeared first on Infosec Resources.

Cybercrime certifications was first posted on December 2, 2019 at 8:50 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Cybersecurity needs in megacorporations | Cyber Work Podcast

2 Prosinec, 2019 - 09:00

Gene Yoo, CEO of Resecurity, and Cyber Work podcast host Chris Sienko, discuss the specific needs for megacorporations, how to recover from cyber attacks, career strategies, and gender parity in cybersecurity. – View the transcript, additional episodes and promotional offers: https://www.infosecinstitute.com/podcast – Join us in the fight against cybercrime: https://www.infosecinstitute.com About the Cyber Work Podcast Knowledge is […]

The post Cybersecurity needs in megacorporations | Cyber Work Podcast appeared first on Infosec Resources.

Cybersecurity needs in megacorporations | Cyber Work Podcast was first posted on December 2, 2019 at 2:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

MITRE ATT&CK vulnerability spotlight: Credentials in registry

27 Listopad, 2019 - 15:03

Introduction MITRE is a U.S. government federally-funded research and development center (FFRDC). Its purpose is to act as a trusted third-party for the U.S. government, perform research and development, and provide unbiased audits of commercial tools, processes and more for the government. As part of MITRE’s research and development efforts, they have developed the MITRE […]

The post MITRE ATT&CK vulnerability spotlight: Credentials in registry appeared first on Infosec Resources.

MITRE ATT&CK vulnerability spotlight: Credentials in registry was first posted on November 27, 2019 at 8:03 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Cyber Work podcast: The current state of AI in cybersecurity

27 Listopad, 2019 - 15:01

Introduction Eric Stevens, vice president of engineering and principal architect at ProtectWise, gave the Cyber Work with Infosec podcast an insider view of the use of artificial intelligence (AI) in cybersecurity. Eric talked us through his own experience in AI, as well as some of the findings of ProtectWise’s latest report about AI in cybersecurity, […]

The post Cyber Work podcast: The current state of AI in cybersecurity appeared first on Infosec Resources.

Cyber Work podcast: The current state of AI in cybersecurity was first posted on November 27, 2019 at 8:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Penetration testing certifications

27 Listopad, 2019 - 15:00

Introduction In our digital world, cybersecurity is of the utmost importance. Most businesses are connected through fragile networks. Compromising them via cyberattacks may jeopardize internet banking, e-commerce and sensitive data transmission.  Penetration testing is a method used by penetration testers to evaluate the security of information systems by simulating the attack from a malicious source. […]

The post Penetration testing certifications appeared first on Infosec Resources.

Penetration testing certifications was first posted on November 27, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Election security: Cybersecurity concerns for future elections

26 Listopad, 2019 - 15:03

The election security landscape APTs like Cozy Bear have a history of interfering with major elections in the U.S. and other countries. With the 2020 election season rapidly approaching, the possibility of interference by cyberthreat actors is a serious concern. As a democracy, the United States’ electoral process can be influenced in a number of […]

The post Election security: Cybersecurity concerns for future elections appeared first on Infosec Resources.

Election security: Cybersecurity concerns for future elections was first posted on November 26, 2019 at 8:03 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

MITRE ATT&CK vulnerability spotlight: Credentials in files

26 Listopad, 2019 - 15:01

Introduction MITRE is a federally-funded research and development center (FFRDC) for the U.S. government. As part of its duties as an FFRDC, it performs research and development in a variety of different fields, including cybersecurity. One of MITRE’s efforts in the field of cybersecurity is the development and maintenance of the MITRE ATT&CK matrix. This […]

The post MITRE ATT&CK vulnerability spotlight: Credentials in files appeared first on Infosec Resources.

MITRE ATT&CK vulnerability spotlight: Credentials in files was first posted on November 26, 2019 at 8:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Cybersecurity architect certifications

26 Listopad, 2019 - 15:00

Introduction If you are planning to become a cybersecurity architect, certifications are a good way to validate your skills in designing, building, implementing and overseeing cybersecurity architecture. These will be your prime responsibilities.  Every organization today relies heavily on technology, which is why IT is a fundamental part of any strong business strategy. These certifications […]

The post Cybersecurity architect certifications appeared first on Infosec Resources.

Cybersecurity architect certifications was first posted on November 26, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Train or entertain? Do both with this security awareness program plan

25 Listopad, 2019 - 18:20

Security awareness and training is a vital part of any cybersecurity strategy. After all, human error is the root cause of a quarter of all breaches. For years, organizations have opted for mandatory, annual training that covers every cybersecurity topic under the sun, but does little more than check a compliance box, annoy employees and […]

The post Train or entertain? Do both with this security awareness program plan appeared first on Infosec Resources.

Train or entertain? Do both with this security awareness program plan was first posted on November 25, 2019 at 11:20 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

The Need For Secure Coding

25 Listopad, 2019 - 16:23

The software security landscape The quantity of software used every day is continually growing. Consumers and businesses are increasingly vulnerable to cyberattack the more they rely on technology. Most software contains vulnerabilities which leave it open to exploitation.  The average web application contains 33 vulnerabilities, including six high-severity ones. Nearly 22,000 new vulnerabilities were discovered […]

The post The Need For Secure Coding appeared first on Infosec Resources.

The Need For Secure Coding was first posted on November 25, 2019 at 9:23 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Best practices to ensure your organization is focused on the right types of risk

25 Listopad, 2019 - 15:02

Introduction All organizations face some type of risk. Risks are determined by organization type, clients, workers, vendors and logistics, among many other potential factors. Basically, anything that is part of the organization, associated with the organization or contributes to operations represents some level of risk to the organization. In order to properly evaluate potential risk, […]

The post Best practices to ensure your organization is focused on the right types of risk appeared first on Infosec Resources.

Best practices to ensure your organization is focused on the right types of risk was first posted on November 25, 2019 at 8:02 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Malware spotlight: What is rogue security software?

25 Listopad, 2019 - 15:01

Introduction Remember before you became security-conscious? Or maybe you always have been — either way, you most likely have been faced with this scenario. You sit down at your PC, fire it up and are soon faced with a scary-looking warning seemingly informing you that your computer has been infected with malware or a virus. […]

The post Malware spotlight: What is rogue security software? appeared first on Infosec Resources.

Malware spotlight: What is rogue security software? was first posted on November 25, 2019 at 8:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

MITRE ATT&CK vulnerability spotlight: Brute force

25 Listopad, 2019 - 15:00

Introduction The MITRE ATT&CK matrix is a tool developed by MITRE, a U.S. government federally-funded research and development center (FFRDC). It is designed to help with formalizing the development of cyber defenses and performing penetration testing by breaking down the attack life cycle into discrete stages and describing the methods by which each stage can […]

The post MITRE ATT&CK vulnerability spotlight: Brute force appeared first on Infosec Resources.

MITRE ATT&CK vulnerability spotlight: Brute force was first posted on November 25, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security