Login
IntroductionΒ Iβve been writing cybersecurity articles for many years, and in that time, I have only seen increasingly complex security threats. Cybercriminals take their craft seriously. They treat cybercrime as a business, looking for ways to maximize profit while seeking innovative methods to circumvent our efforts to protect our businesses. The figures speak for themselves. [β¦]
The post Reactive vs. proactive security: Three benefits of a proactive cybersecurity strategy appeared first on Infosec Resources.
Introduction Building and maintaining a brand is an important part of a successful business. Having a recognized brand confers recognition, and if done well, provides a way of developing trust between customers and company. Brand trust and loyalty go hand-in-hand. Research has shown that 80% of US customers look at the trustworthiness of a brand [β¦]
The post Brand impersonation attacks targeting SMB organizations appeared first on Infosec Resources.
Introduction The Verizon Data Breach Investigations Report, or the Verizon Data Breach Report, is an annual report intended for information security professionals. It summarizes 3,950 confirmed data breaches and is a collection of work from 81 contributors spanning 81 countries and has grown more than a little bit since last yearβs twelfth edition.Β Navigating this [β¦]
The post 2020 Verizon Data Breach Investigations Report: Summary and key findings for security professionals appeared first on Infosec Resources.
Introduction Different regulations and laws will slap organizations with fines and penalties for data breaches. This is because the organization did not take the privacy of their data seriously. However, the authorities take this responsibility very seriously and will not hesitate to punish with fines and penalties that are sometimes in the hundreds of millions [β¦]
The post Cost of non-compliance: 8 largest data breach fines and penalties appeared first on Infosec Resources.
Introduction Organizations are increasingly integrating microservices into their software development processes. As noted by DZone, microservices break down software into multiple component services, thereby enabling organizations to deploy parts of an application without compromising the integrity of the entire program.Β This property also allows developers to address a microservice that starts acting up. The other [β¦]
The post Implementing a zero-trust model: The key to securing microservices appeared first on Infosec Resources.
Introduction Open-source software helped to revolutionize the way that applications are built by professionals and enthusiasts alike. Being able to borrow a non-proprietary library to quickly prototype and build an application not only accelerates progress in projects, but also makes things easier to work with. Open-source libraries when creating applications is not the only positive [β¦]
The post Open-source application security flaws: What you should know and how to spot them appeared first on Infosec Resources.
Multi-factor authentication (MFA) is one of the most popular authentication security solutions available to organizations today. It really comes as no surprise, as the multi-factor authentication benefits of enhanced security go beyond the basic password security measures by forcing the user to authenticate with another method that (presumably) only the legitimate user has access to.Β [β¦]
The post How to avoid getting locked out of your own account with multi-factor authentication appeared first on Infosec Resources.
The growing world of IoT β and security concerns The Internet of Things (IoT) is still a baby compared to other computing technologies, but the market has already exploded and continues to expand at a healthy pace. Telecommunications giant Ericsson estimates the number of IoT connections to grow from 10.8 billion in 2019 to 24.9 [β¦]
The post Japanβs IoT scanning project looks for vulnerable IoT devices appeared first on Infosec Resources.
Introduction A domain name is an important part of the reconnaissance process during a security assessment or even for many bug bounty challenges. In this article, weβll look at how a domain can be classified. Within this context, two scenarios of how to take advantage of domain misconfigurations will be analyzed. Finally, weβll discuss building [β¦]
The post How to create a subdomain enumeration toolkit appeared first on Infosec Resources.
Introduction Confidentiality is a fundamental information security principle. According to ISO 27001, it is defined as ensuring that information is not made available or disclosed to unauthorized individuals, entities or processes. There are several security controls designed specifically to enforce confidentiality requirements, but one of the oldest and best known is the use of passwords. [β¦]
The post How to find weak passwords in your organizationβs Active Directory appeared first on Infosec Resources.
Introduction CAPTCHA seems to be everywhere we look. These sloppy characters are on blogs, ticket websites, shopping portals β you name it. Those cars you need to spot in a block of images before you can access a website? Thatβs CAPTCHA too. CAPTCHA was invented to help sites distinguish human users from bots and automated [β¦]
The post How hackers use CAPTCHA to evade automated detection appeared first on Infosec Resources.
Introduction In modern networks, security is not an afterthought. You need to know how to build secure networks from the outset. Security has to be woven into the very fabric of the network.Β The 200-301 CCNA exam covers security fundamentals among a broad range of networking topics. This article describes what you need to know [β¦]
The post CCNA certification prep: Security fundamentals appeared first on Infosec Resources.
Introduction To understand Network Security, itβs imperative that we understand networking fundamentals and networking basics. In this post, we will be learning about networking basics and fundamentals to get started with Network Security.Β We cannot cover whole networking in a single post so we will be focusing only on core networking concepts needed for network [β¦]
The post Networking fundamentals (for Network security professionals) appeared first on Infosec Resources.
Introduction Wireless networks have become an inherent part of our life and we all use wireless networks in some form in our day to day life. Of all the utilities provided by wireless networks, we use wireless networks widely for connecting to the internet. We connect to the internet wirelessly either by router or using [β¦]
The post Wireless Networks and Security appeared first on Infosec Resources.
Introduction: Knowing the Notions Β Industrial Internet of Things (IIoT) incorporates technologies such as machine learning, machine-to-machine (M2M) communication, sensor data, Big Data, etc. This article will focus predominantly on the consumer Internet of Things (IoT) and how it relates to Operational Technology (OT). Operational Technology (OT) is a term that defines a specific category of [β¦]
The post IoT Security Fundamentals: IoT vs OT (Operational Technology) appeared first on Infosec Resources.
FreshRSS 