HackDig : Dig high-quality web security articles for hackers

What Does Data Privacy Mean to Consumers and Corporations?

January 28 is Data Privacy Day (DPD)! I know, you’re so excited that you’ve got a party planned to get your executives, Marketing and Sales personnel to spend all day reviewing and revising your Privacy Policy (especially now that Privacy Shield is invalid).The general focus of DPD is to inform consumers about the need to maintain the privacy of
Publish At:2021-01-27 00:20 | Read:113 | Comments:0 | Tags:IT Security and Data Protection

Ghidra 101: Decoding Stack Strings

In this blog series, I will be putting the spotlight on some useful Ghidra features you might have missed. Each post will look at a different feature and show how it helps you save time and be more effective in your reverse engineering workflows. Ghidra is an incredibly powerful tool, but much of this power comes from knowing how to use it effectively.In thi
Publish At:2021-01-27 00:20 | Read:45 | Comments:0 | Tags:Cyber Security IT Security and Data Protection compilers Ghi

Google Chrome wants to fix your unsafe passwords

Most security breaches are the result of one thing: sloppy password practices. Too many people make the mistake of choosing weak passwords, or reusing passwords that they have used elsewhere on the internet – making life too easy for malicious hackers trying to gain unauthorised access.So I was pleased to see Google announce that over the coming weeks
Publish At:2021-01-21 09:00 | Read:109 | Comments:0 | Tags:Cyber Security IT Security and Data Protection Google Google

Data Classification Is Data Storage

‘Business’ is a verb that practically means the movement of data. If you aren’t sharing data – keeping the books, sharing ideas and stats about sales, getting the correct information regarding the customer or data to the customer – then you aren’t doing much business. But organizations need to protect their data along the way.Infosec has so many ways of prot
Publish At:2021-01-20 00:38 | Read:168 | Comments:0 | Tags:IT Security and Data Protection data classification data pro

8 Cloud Security Best Practice Fundamentals for Microsoft Azure

In a previous blog, I discussed securing AWS management configurations by combating six common threats with a focus on using both the Center for Internet Security (CIS) Amazon Web Services Foundations benchmark policy along with general security best practices.Now I’d like to do the same thing for Microsoft Azure. I had the privilege of being involved in the
Publish At:2021-01-13 08:44 | Read:194 | Comments:0 | Tags:Cloud Featured Articles IT Security and Data Protection AWS

More Lessons Learned About Trying Harder and Passing the Offensive Security Certified Professional Exam (OSCP)

On February 11, 2020, Offensive Security introduced a major overhaul and update to their already fantastic course: Penetration Testing with Kali Linux. Those changes included updates to their lab environment.The study materials were substantially updated, with additional material including entire new sections on Bash Scripting, Active Directory Attacks, and
Publish At:2021-01-13 00:56 | Read:181 | Comments:0 | Tags:IT Security and Data Protection OSCP training security

Ghidra 101: Slice Highlighting

In this blog series, I will be putting the spotlight on useful Ghidra features you may have missed. Each post will look at a different feature and show how it helps you save time and be more effective in your reverse engineering workflows. Ghidra is an incredibly powerful tool, but much of this power comes from knowing how to use it effectively.In this post,
Publish At:2021-01-07 00:38 | Read:184 | Comments:0 | Tags:Cyber Security IT Security and Data Protection Ghidra slice

Fighting Cybercrime: We Are Stronger Together than We Are Individually

As a cybersecurity professional, how numb have you become to vendors who try to scare you with frightening statistics in an effort to sell you a new product? It is understandable that a vendor has to present as much information in a limited amount of attention-grabbing time, so their doomsday technique makes some sense. Perhaps the vendors’ approac
Publish At:2021-01-05 01:50 | Read:177 | Comments:0 | Tags:IT Security and Data Protection cyberattack cybercrime cyber

A Review of Ransomware in 2020

As if dealing with COVID-19 were not enough, 2020 turned out to be a banner year for another troublesome strain of virus— ransomware. Malicious actors grew more sophisticated, daring and brutal. They also hit a number of high-profile targets.For those of you who didn’t keep up with all of the developments in the ransomware space, we’ve broken down some of th
Publish At:2020-12-29 06:02 | Read:206 | Comments:0 | Tags:IT Security and Data Protection Cyberattacks cybercrime malw

Don’t Let Your Stored Procedures Lack Integrity

Unfamiliar territoryAs a security analyst, engineer, or CISO, there are so many aspects of the field that require immediate attention that one cannot possibly know everything.  Some of the common areas of security knowledge include topics such as where to place a firewall, configuration and patch management, physical and logical security, and legal and
Publish At:2020-12-28 06:38 | Read:268 | Comments:0 | Tags:IT Security and Data Protection database Integrity SQL

Privacy in 2020 and What to Expect for the Year Ahead

2020 was dominated by news of the pandemic and anchored by reality that we all found ourselves in – entire families logging in remotely, trying to keep school and work feeling “normal.” While we tested the limits of what a home office could sustain, the privacy and security of a fully remote world was put front and center. In this piece, we take a look
Publish At:2020-12-28 06:38 | Read:390 | Comments:0 | Tags:IT Security and Data Protection data privacy data protection

Continue Clean-up of Compromised SolarWinds Software

Last week, the United States Cybersecurity & Infrastructure Security Agency (CISA) advised on initial steps to take in response to the SolarWinds software that was compromised by advanced persistent threat actors. While federal agencies were under a deadline to complete certain actions, this issue will require continued clean-up and longer-term efforts t
Publish At:2020-12-21 14:44 | Read:197 | Comments:0 | Tags:Featured Articles IT Security and Data Protection configurat

Could Universities’ Use of Surveillance Software Be Putting Students at Risk?

Life for university students has changed massively during the coronavirus pandemic, as it has for all of us. While some in-person lectures and seminars are still taking place, there has been a big shift to remote learning. This has, perhaps understandably, led to concerns about how well students are engaging with this way of studying.Many universities have s
Publish At:2020-12-18 00:56 | Read:280 | Comments:0 | Tags:Featured Articles IT Security and Data Protection data priva

Survey: 78% of Retailers Took Additional Security Precautions Ahead of the 2020 Holidays

Coronavirus 2019 (COVID-19) stopped many things in 2020. While in-store holiday shopping may be greatly reduced for some, there’s still a lot of shopping happening online. Near the end of November 2020, Statista revealed that holiday retail sales were expected to grow approximately 3.6% over the previous year. And Adobe Analytics reported that online sales w
Publish At:2020-12-15 06:38 | Read:304 | Comments:0 | Tags:IT Security and Data Protection Holiday online shopping reta

PLEASE_READ_ME Ransomware Campaign Targeting MySQL Servers

Digital attackers launched a new ransomware campaign dubbed “PLEASE_READ_ME” in an effort to target MySQL servers.Guardicore first spotted the attack back in January 2020. After that, it witnessed a total of 92 attacks emanate from 11 IP addresses, with most based in Ireland and the United Kingdom at the time of analysis.The security firm found t
Publish At:2020-12-14 11:08 | Read:193 | Comments:0 | Tags:IT Security and Data Protection Latest Security News MySQL P

Tools

Tag Cloud