HackDig : Dig high-quality web security articles for hacker

How to troubleshoot Kubernetes OOM and CPU Throttle

Experience Kubernetes OOM kills can be very frustrating. Why is my application struggling if I have plenty of CPU in the node? Managing Kubernetes pod resources can be a challenge. Many issues can arise, possibly due to an incorrect configuration of Kubernetes limits and requests. In this article, we will try to help you detect the most common i
Publish At:2020-01-30 11:50 | Read:302 | Comments:0 | Tags:Kubernetes OpenShift Prometheus Sysdig Monitor Uncategorized

Targeted Active Directory Host Enumeration

Current Problem When working in an unknown network, some of the most important pieces of information to have are appraisals of current assets and information contained on them. This is important for any security professional, from tester to defender. Given the prevalence of Active Directory (AD) in most Windows environments, gaining a clear inventory of t
Publish At:2020-01-23 14:50 | Read:287 | Comments:0 | Tags:Uncategorized

From the Desk of the CEO: Securing the Future – Junior and Internship Programs

When TrustedSec first started, the vision was to build a team of amazing individuals that were passionate, dedicated, and focused on helping organizations fix the issues they face in cybersecurity. While we may have accomplished this, there’s always more to do. At TrustedSec, our mission to contribute to the industry and community has always remained strong.
Publish At:2020-01-16 19:50 | Read:326 | Comments:0 | Tags:Uncategorized

Hunting for beacons

Author: Ruud van Luijk Attacks need to have a form of communication with their victim machines, also known as Command and Control (C2) [1]. This can be in the form of a continuous connection or connect the victim machine directly. However, it’s convenient to have the victim machine connect to you. In other words: It has to communicate back. This blog describ
Publish At:2020-01-15 09:55 | Read:210 | Comments:0 | Tags:Uncategorized

Alarming Number of UC Browser Users Vulnerable to MiTM Attacks

A staggering number of UC Browsers and mini Android apps of the same name may have been vulnerable to Man-in-the-middle or MiTM attacks. This happened when they downloaded an APK, Android Package Kit from an unauthorized or third-party server over insecure channels. Hackers can use MiTM to spy on the devices and change or intercept any communications. This
Publish At:2020-01-12 17:05 | Read:564 | Comments:0 | Tags:Uncategorized

5 Major Cybersecurity Trends for 2020

5 Major Cybersecurity Trends for 2020 January 8th, 2020 No Comments anti-phishing, Mobile Security, Online Safety, PC security, Ransomware, Uncategorized 2019 is gone and a new decade is in sight. 2020 is said to be a year that will bring on many ch
Publish At:2020-01-08 10:05 | Read:551 | Comments:0 | Tags:anti-phishing Mobile Security Online Safety PC security Rans

How to Protect Yourself (& your family) against Identity Theft During the Holidays

How to Protect Yourself (& your family) against Identity Theft During the Holidays December 24th, 2019 No Comments Holidays, identity theft, Mobile Security, Online Privacy, Online Safety, PC security, Uncategorized The holidays are a great tim
Publish At:2019-12-24 05:05 | Read:746 | Comments:0 | Tags:Holidays identity theft Mobile Security Online Privacy Onlin

What’s new in Kubernetes 1.17?

Kubernetes 1.17 is about to be released! This short-cycle release is focused on small improvements and house cleaning. There are implementation optimizations all over the place, new features like the promising topology aware routing, and improvements to the dual-stack support. Here is the list of what’s new in Kubernetes 1.17. This is what’s new in #
Publish At:2019-12-06 23:50 | Read:642 | Comments:0 | Tags:Uncategorized Kubernetes Release Notes

A Team of Hackers Created an Advanced Scheme Using SMS’s to Attack Smartphones by Phishing

Every new user with a smashing new device will surely get a SIM card to get it working correctly as soon as possible. Depending on the SIM card being used, the new carrier would be handing over all his data automatically after configuration. And all it takes is a simple SMS that will plant malicious malware on your device without you noticing. The scheme is
Publish At:2019-11-26 22:05 | Read:715 | Comments:0 | Tags:Uncategorized

Naked Security needs an intern! Here’s how to apply

byCharlotte WilliamsWe are looking for a student to join our team for a 12-month internship at our Abingdon, UK, headquarters.If you’re currently studying marketing, business or another relevant field, and have strong written, project management and organisational skills, we want you!As part of the Content Marketing internship, you’ll work on the Naked Secur
Publish At:2019-11-26 12:35 | Read:416 | Comments:0 | Tags:Uncategorized Content Marketing Internship

Inline Image Scanning for AWS CodePipeline and AWS CodeBuild

In this blog post you’ll learn how to set up image vulnerability scanning for AWS CodePipeline and AWS CodeBuild using Sysdig Secure DevOps Platform. AWS provides several tools for DevOps teams: CodeCommit for version control, CodeBuild for building and testing code, and CodeDeploy for automatic code deployment. The block on top of all these tools is
Publish At:2019-11-26 11:50 | Read:432 | Comments:0 | Tags:Uncategorized AWS Kubernetes Sysdig Secure

Creating Honey Credentials with LSA Secrets

As an attacker, I frequently leverage LSASecrets to escalate privileges within the context of an ongoing compromise. Generally, the attack path is something like this: Gain Initial Foothold > Escalate to Limited User > Dump LSASecrets on Systems Where Credentials are Administrator A pretty slick way to identify targets to dump LSASecrets on is to
Publish At:2019-11-21 15:40 | Read:425 | Comments:0 | Tags:Uncategorized

Securing Google Cloud Run serverless workloads

Google Cloud Run is a serverless compute platform that automatically scales your stateless containers. In this post we are going to showcase how to secure the entire lifecycle of your Cloud Run services. Sysdig provides a secure DevOps workflow for Cloud Run Platforms that embeds security, maximizes availability and validates compliance across the ser
Publish At:2019-11-14 23:50 | Read:347 | Comments:0 | Tags:Uncategorized Google Cloud Sysdig Secure Cloud

How to Hack an Instagram Account – Newbie Friendly Tutorial (2019 Methods)

Instagram is without doubts a leading social network of nowadays. Millions of people from all over the world are browsing trough its news feed daily, posting moments from their life, following other users, celebrities and stuff what interest them. With a huge rise of Instagram’s popularity, with hundreds of thousands daily active users, it’s a common thing t
Publish At:2019-11-14 15:50 | Read:795 | Comments:0 | Tags:Uncategorized

How to Hack a Twitter Account – Working Methods of 2019

Many Twitter users across the world got themselves in situation of losing their account password at least once in their lifetime. This problem may occur due to many reasons. One can simply forget or save their password somewhere safe, and after some time you can’t remember it. Some Twitter accounts are also getting hacked and lost forever. In most situation
Publish At:2019-11-11 22:05 | Read:379 | Comments:0 | Tags:Uncategorized

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud