TECHNICAL Featured

How To Exploit PHP Remotely To Bypass Filters & WAF Rules

Learn about the possibilities that PHP gives us to exploit and execute code remotely in order to bypass filters, input sanitization, and WAF rules.

CYBERSEC

FedBounty - A Federally Sponsored National Bug Bounty Program

A federally sponsored, national bug bounty program covering every business in the US and nurturing a new generation of security researchers.

CYBERSEC

The Road To Reverse Engineering Malware

Security researcher Pablo Ramos has prepared a structured guide to malware reverse engineering resources for those interested in getting started.

INFOSEC

Implications Of Iran’s Cyber Capabilities

In this article security analyst Christopher Olsen takes a closer look at the implications of Iran's burgeoning cyber capabilities for the US & her allies.

INFOSEC

Defining a Security Strategy - WHY

The first step to defining a security strategy is starting with WHY, in this article Francesco Cippollone explains how you start with WHY.

CYBERSEC

Weaponizing CoAP For DDoS Attacks

In his latest article Security Researcher Francseco Cipollone covers a little history of DoS and DDoS attacks and explains how the IoT CoAP protocol can be weaponized for DDoS attacks.

CYBERSEC Featured

JetBlue Vulnerability - How Not To CISO

In this article security researchers Dylan English and Benjamin Scotsman reveal a vulnerability at a major US airline and castigate their airlines CISO.

INFOSEC

How To Access and/or Memorialize Online Accounts When Someone Dies

What you need to know about online account access for someone who has died.

TECHNICAL

How To Upload Any File To Amazon's Free Unlimited Photo Storage Space

Have you ever wondered how to use Amazon Photos unlimited space for your own personal files? Wonder no longer, Alessandro Innocenzi has it all figured out and Amazon says it's fine.

TECHNICAL

Metasploit Community CTF 2018

"Remembering Aaron Swartz" came second at this year's metasploit CTF. Most of us played for the first time and it was a unique experience.

TECHNICAL

Access Control - Cloud vs Traditional (Part 2)

The second in a series of articles from Security Chief Francesco Cipollone of NSC42 that deep dives into the subject of access control, authentication and compliance.

INFOSEC

A Short History Of Internet Access & Internet Service Providers (ISP's)

Many of us remember the days before the internet, even if it now seems like a distant and forgotten dream. Learn about the history of the internet and the ISP market in this short history.

CYBERSEC

Black Hat 2018: USA Report

An overview over the world's leading Las Vegas information security event in its 21st year given by Francesco Cipollone with his personal impressions and thoughts.

INFOSEC

Make Hacking Great Again

Stop gate keeping, start helping each other for good! Charles Shirer with an important piece on the current state of the hacking community and how we can improve it.

CYBERSEC

Artificial Intelligence & OSINT : Part 1

In this article from Nidal Morrison we take a closer look at how AI can be leveraged in OSINT as a way of reducing workflows and speeding up detections in investigations.

INFOSEC

Hack-The-Box Starter Pack

Have you been marveling at those hacky hack people chiseling away at HTB challenges and wondered if you can hack the box too? Step right up!

CYBERSEC

Dumping On Dummies

Join security researcher Keiose in her exploration into the notion that there is insufficient testing in kinetic based weapons systems across the US military.

TECHNICAL

Access Control : Cloud vs Tradition

A closer look at access control systems and the difference between cloud bases access controls and the more traditional on-prem versions.

CYBERSEC

Predicting 2018's Bah Humbug

Christmas infosec predictions, the hopelessly generic forecasts, the bland Christmas-themed attacks and outdated predictions recycled from three Christmases ago.

TECHNICAL

My Journey To The Google Hall Of Fame

This is the story of the how Abartan Dhakal managed to get into the Google Hall of Fame, along a path strewn with failure and invalid vulnerabilities.

CYBERSEC

Social Engineering 0x01 ~ An Introduction to Hacking People

The most vulnerable thing about your workplace is the people in it. We, as humans, do not have things like security hot-fixes or patches, yet we have some of the biggest flaws ever seen.

INFOSEC

How Not to CISO - Tools Before Capabilities

Tools are stepping stones in maturity and capability within an organization. In this article we take a look at how not to approach investing in infosec tools.

CYBERSEC

How To Handle A Data Breach Crisis

‘Crisis’ is not a word that sensible people like and is best avoided altogether. Let's imagine that a cybersecurity crisis ambushes you when you least expect it.

CYBERSEC

Secure Password Handling in Depth

Infosec never gets bored of talking about passwords. In this article we deep dive into the consensus around web application password handling.

TECHNICAL

Using Serverless Frameworks - Part 1

Serverless has become a movement in application development because it allows developers to focus on code and leave infrastructure to the providers.