HackDig : Dig high-quality web security articles for hacker

A run-time approach for penetration testing of iOS apps Part-I

Hello everybody, This article will cover dynamic run-time penetration testing of iOS applications using objection framework. Objection is a run-time mobile exploration toolkit, powered by Frida. Objection injects uses Frida to injects objects into application run-time in order to execute certain tasks in security context. Objection framework let
Publish At:2019-10-07 07:25 | Read:421 | Comments:0 | Tags:News infosec ios applications iospentesting Mobile Applicati

A run-time approach for pen-testing iOS applications Part-II (Objection in Action)

Objection in Action Once all things go right, we can inject Frida scripts into our target application. Open target application and enter following command in powershell objection -g YOUR-APPLICATION-NAME explore You will now have access to application’s file over device’s shell Test Cases: > Application exploration: 1. To brows
Publish At:2019-10-07 07:25 | Read:347 | Comments:0 | Tags:News infosec ios ios applications iospentesting Mobile Appli

A week in security (September 9 – 15)

Last week  on the Labs blog, we looked at free VPN offerings, how malware can hinder vital emergency services, and explored how the Heartbleed vulnerability is still causing problems. We also talked about a large FTC settlement involving Google, and how to keep an eye out for leaky AWS buckets. Other cybersecurity news The Cobalt Dickens group has returned
Publish At:2019-09-20 11:20 | Read:628 | Comments:0 | Tags:A week in security a week in security infosec malware Mobile

Our Bring Your Own Malware Challenge is Back!

We are hosting the Bring Your Own Malware Challenge at a series of upcoming events. Bring it to InfoSec in London, Gartner Security Summit in Maryland and of course, Black Hat in July. The rules are simple, you have to plan ahead, but we have a cash prize. That’s right. We’ll be hosting our BYOM aka Bring Your Own Malware Challenge once again, and it will
Publish At:2017-05-25 01:00 | Read:4220 | Comments:0 | Tags:Company News Threats challenge endpoint infosec Isolation Ma

Cybersecurity Virtualization Expert Ian Pratt Explains WannaCry Exploit (Video)

Ian Pratt, co-founder of Bromium and a virtualization expert was interviewed by Sky News. The video clip below shows how the malware arrived and how it deployed. This is the first of what will be many likely exploits in the months to come. WannaCry is likely the first of many global cybersecurity events that will put our collective economies at risk. From
Publish At:2017-05-15 01:25 | Read:3564 | Comments:0 | Tags:Breaking News cybersecurity ian pratt infosec interview micr

Justifying the Value of Conference Attendance to Your Boss

Over the weekend, I became immersed in a discussion on Twitter centered around getting more people involved in InfoSec conferences. Here’s the original post by @hacks4pancakes:Lesley’s initial point led to many great responses relating to the value of attending conferences and the process of communicating that value to the powers that be within your organiza
Publish At:2017-03-15 23:30 | Read:3736 | Comments:0 | Tags:Off Topic Conference Infosec networking

A C(I)SO View on RSA 2017: “China Is Hiring in the US”

Two weeks ago, while visiting the yearly security gathering at the RSA conference in San Francisco’s Moscone center complex (and adjacent hotels – it’s growing like mad), I was walking across the North and South Expo halls to check out some vendors (Several I had appointments with, some by curiosity, and a few that were really new kids on the block.) selling
Publish At:2017-02-28 04:55 | Read:3653 | Comments:0 | Tags:Events Featured Articles CISO Infosec RSA security

Make it public or private…how secure is your profile online?

Part 1 Did you ever ask yourself if you care what personal information you give out online or in exchange for a “free” service?  Do you really want to mix your colleagues with a friends or family on social media? Do you really want to leak some information about your life and interests to strangers? (Yes, strangers because you don’t know your online audience
Publish At:2017-02-20 23:05 | Read:3563 | Comments:0 | Tags:InfoSec

Busy Weekend

News coverage can often be like waiting for a bus. You can go a long time when nothing really happens and then suddenly lots of them arrive together. This weekend was one of those occasions when BH Consulting was in various media outlets. Firstly, my latest article for HelpNet Security Magazine was published. The article focuses on the skills shortage that w
Publish At:2017-02-14 01:05 | Read:3786 | Comments:0 | Tags:InfoSec

It Could Happen to Anyone – A CEO Fraud Primer

There has been a lot of media coverage lately over various organisations falling victim to CEO fraud. Basically a scam whereby criminals using email fool a target within an organisation into redirecting funds into bank accounts under their control. We have worked with some companies who have fallen victim to this and we also wrote about the rise in this type
Publish At:2017-02-10 04:40 | Read:3647 | Comments:0 | Tags:InfoSec

Contract Risk Analyst Role Available

Due to our continued expansion and growth, BH Consulting have been engaged by a blue-chip client to recruit a Risk Assessment Analyst. The Risk Assessment Analyst is a strategically important role within this clients organisation with responsibility for executing the risk management methodology in line with the NIST Security Framework, ISO27001 and PCI Stand
Publish At:2017-02-07 03:00 | Read:2974 | Comments:0 | Tags:InfoSec

Does DoD-Level Security Work in the Real World?

I began my career in Information Security working for the Department of Defense, first for a Naval research facility, then Naval Intelligence, and finally with the National Security Agency. Information security for my first assignment meant locking your classified materials in a safe when you left the office at night and making sure the office door was locke
Publish At:2017-02-02 01:45 | Read:4025 | Comments:0 | Tags:Featured Articles IT Security and Data Protection DoD Infose

Setting up DMARC to Defeat Email Abuse

The CERT EU (the Computer Emergency Response Team for the EU institutions, agencies and bodies) released a very informative paper  on how to configure DMARC (Domain-based Message Authentication, Reporting & Conformance) to reduce the level of email abuse. Properly implemented, DMARC can reduce the amount of spoofed emails which according to the whitepap
Publish At:2017-01-14 07:55 | Read:2529 | Comments:0 | Tags:InfoSec

5 Tips to Get an “A” on Research Papers & Advance Your Infosec Career

John Callahan’s October article “4 Reasons to Get Your Masters in Cyber Security” made me think about how to help students and cyber professionals strengthen a critical soft skill: written communication.Research synthesis and analysis papers are common in academic environments. These critical thinking assignments require students to conduct research on speci
Publish At:2017-01-12 08:25 | Read:3393 | Comments:0 | Tags:Off Topic academic browser communication Infosec Patching se

Divining Infosec: Security Experts’ Predictions for 2017

We saw a lot happen in information security over the course of 2016. Some of these events, like the distributed denial-of-service (DDoS) attacks that struck Dyn and Russia’s hacking of the DNC, made the public care about digital security as never before. Those incidents changed the national discourse on information security. As such, they shifted the s
Publish At:2017-01-04 08:51 | Read:4307 | Comments:0 | Tags:Featured Articles DDoS Infosec IoT risk security

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud