TECHNICAL DNS over HTTPS (+ModSecurity WAF) One of the problems with DNS is that a query is sent over an unencrypted connection, anyone listening to the packets knows the websites you visit.
INFOSEC Long Live Non-Profit's The infosec community faces a unique challenge in persuading young talent not to do anything dumb or illegal and helping them positively harness their skills.
CYBERSEC NiceHash Miner Software Vulnerability There is a vulnerability in the NiceHash crypto miner software which can leak miners personal information to observers.
INFOSEC From Idea to Cyber Law Security researcher Roy Shomake takes a closer look into how cyber laws begin and the process by which they become law.
INFOSEC A Guide To Protecting Your Digital Self Learn how to protect your digital self online with tips from cybersecurity chief Francesco Cipollone.
TECHNICAL How To Deploy AdBlocker for Enterprise Learn how to deploy ad-blocking software to your computers in order to protect your users from malvertising.
CYBERSEC Thunderson's Journey To The OSCP Learn about security researcher ThunderSon's journey to the OSCP and get some free bonus learning resource links!
CYBERSEC Researcher Assaulted By A Vendor After Disclosing A Vulnerability Following a serious vulnerability disclosure affecting casinos globally, an executive at Atrient has allegedly assaulted the researcher who first disclosed the vulnerability.
CYBERSEC The 'Cyber Defense For SMBs' Program The Cyber Defense For SMB's program is an initiative from the Florida Center For Cybersecurity to help small businesses improve their cybersecurity posture.
INFOSEC An OWASP AppSec California Conference Review (2019) A review of the the OWASP AppSec California 2019 conference with notes from infosec writer Miguel Calles.
TECHNICAL Uncover Infected Website Visitors Using Content Security Policies Security researcher Andrea Menin discovered that thousands of his website visitors were infected by using a content security policy.
CYBERSEC TryHackMe - A New Platform For Teaching And Learning Cybersecurity TryHackMe is a new platform for learning about and teaching cybersecurity, covering everything from the deeply technical to social engineering.
INFOSEC Covert Comms: GDB Satellite Pager Looking for the ultimate in covert communication devices? Look no further, this satellite pager has you covered if you can afford it.
TECHNICAL Insecure Direct Object Reference (IDOR) A short guide to Insecure Direct Object Reference (IDOR), how to defend against it and how to exploit it, from security researcher Abartan Dhakal.
CTF The Matrix Write Up I had a great time with this box and it is with great pleasure I present my definitive Matrix write up covering one of my favorite Vulnhub boxes.
TECHNICAL Building A Red Team WiFi Attack Car Why drive a normal car when you can drive a red team WiFi attack car? Join security researcher Sebastian Bicchi to build the ultimate wardriving vehicle.
CYBERSEC The Future Of Artificial Intelligence Based Cyber Training There are exciting times ahead for AI fans in the cybersecurity industry and the brightest use case by far is the fusion of artificial intelligence and cyber training.
CTF The Zico 2 Write Up Another excellent write up from security researcher Thunder Son who covers Vulnhub's Zico 2 machine and jumps right into a technical deep dive.
CYBERSEC Defending Against SQL Injection Attacks In this article cybersecurity student Ozan Agdepe gives us some pro tips for defending against SQL injection.
CYBERSEC The 2018 SANS Holiday Hack Challenge A wonderfully comprehensive write up of the SANS 2018 Holiday Hack Challenge from security researcher Roy Shoemake.
TECHNICAL Penetration Testing Scanning 101.3 In part three of his series on penetration testing security researcher Hozaifa Owaisi covers port scanning and the tools used to get the job done.
CTF Vulnhub: Raven 2 Write Up In his latest write up security researcher Thunder Son covers Vulnhub's Raven 2 and deep dives into the challenge.
CYBERSEC How To Deal With A Hacker Finding Holes In Your Security Has a security researcher contacted you to tell you about a security vulnerability? Don't panic! Follow this common sense guide to dealing with hackers who find holes in your security.
TECHNICAL The LazySysAdmin Write-Up LazySysAdmin truly lives up to its name. This machine was configured by a lazy system administrator and thus, one clear thing to be looking for is a misconfigured system.
TECHNICAL Feed Your SIEM With Free Threat Intelligence Feeds Draw down free threat intelligence data to feed your security information and event management (SIEM) platform with these handy Powershell scripts.
