All Articles

Ordered by Date Received : Year: "2021" Month: "06"
Page: << < 193 (of 221) > >>

Total Articles in this collection: 11,093

Navigation Help at the bottom of the page

Article: Asset Management – Back To The Roots - published over 3 years ago.
Content: Asset management is one of the core components of many successful security programs. I am an advisor to Panaseer, a startup in the continuous compliance management space. I recently co-authored a blog post on my favorite security metric that is related to asset management: How many assets are in the environment? A simple number. A number that tells a c...
https://raffy.ch/blog/2021/03/31/asset-management-back-to-the-roots/
Published: 2021 03 31 13:47:25
Received: 2021 06 06 09:04:46
Feed: Security Intelligence and Big Data
Source: Security Intelligence and Big Data
Category: Cyber Security
Topic: Cyber Security

Get your Free Scan and Score Certificate

Article: A Security Product Reference Model - published over 3 years ago.
Content: On a recent consulting engagement with Cynergy Partners, we needed to decipher the security product market to an investment firm that normally doesn’t invest in cyber security. One of the investor’s concerns was that a lot of cyber companies are short-lived businesses due to the threats changing so drastically quick. One day it’s ransomware X, the next day i...
https://raffy.ch/blog/2021/04/16/a-security-product-reference-model/
Published: 2021 04 16 21:30:24
Received: 2021 06 06 09:04:46
Feed: Security Intelligence and Big Data
Source: Security Intelligence and Big Data
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Free Score Certificate

Article: Taking Inventory – Where Do We Stand With AI and ML in Cyber Security? - published over 3 years ago.
Content: Before diving into cyber security and how the industry is using AI at this point, let’s define the term AI first. Artificial Intelligence (AI), as the term is used today, is the overarching concept covering machine learning (supervised, including Deep Learning, and unsupervised), as well as other algorithmic approaches that are more than just simple statisti...
https://raffy.ch/blog/2021/05/19/taking-inventory-where-do-we-stand-with-ai-and-ml-in-cyber-security/
Published: 2021 05 19 22:04:11
Received: 2021 06 06 09:04:46
Feed: Security Intelligence and Big Data
Source: Security Intelligence and Big Data
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Summary

Get your Free Scan and Score Certificate

Cyber Tzar Free Score Certificate

Article: How To Drive Value with Security Data - published over 3 years ago.
Content: We have been collecting data to drive security insights for over two decades. We call these tools log management solutions, SIMs (security information management), and XDRs (extended detection and response) platforms. Some companies have also built their own solutions on top of big data technologies. It’s been quite the journey. At the upcoming ThinkIn co...
https://raffy.ch/blog/2021/06/03/how-to-drive-value-with-security-data/
Published: 2021 06 03 16:55:18
Received: 2021 06 06 09:04:46
Feed: Security Intelligence and Big Data
Source: Security Intelligence and Big Data
Category: Cyber Security
Topic: Cyber Security

Get your repeat Free Scan and Score Certificate

Article: Shell Shock Rapid 7 Threatsweeper - published about 10 years ago.
Content: By now, you may have heard about CVE-2014-6271, also known as the “bash bug“, or even “Shell Shock”, that may affect your organisation. It’s rated the maximum CVSS score of 10 for impact and ease of exploitability. The affected software, Bash (the Bourne Again SHell), is present on most Linux, BSD, and Unix-like systems, including Mac OS X. New packages were...
https://penturalabs.wordpress.com/2014/09/26/shell-shock-rapid-7-threatsweeper/
Published: 2014 09 26 09:27:31
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Article: New security flaw uncovered in WordPress - published about 10 years ago.
Content: Researchers have revealed a potentially serious flaw in WordPress software, that allows hackers to search for abandoned or inactive WordPress sites before mounting phishing attacks aimed at enticing users to install infected updates. Hackers can then quickly hijack the website and direct visitors to deliver malicious content. WordPress is by far the most po...
https://penturalabs.wordpress.com/2014/10/03/new-security-flaw-uncovered-in-wordpress/
Published: 2014 10 03 14:19:49
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Gold Score Certificate

Get your repeat Free Scan and Score Certificate

Cyber Tzar Score Summary

Article: AT&T suffers insider data breach - published about 10 years ago.
Content: AT&T has become the latest multinational company to suffer a data breach after one of its own employees gained access to customer data. The US mobile telecoms giant has started informing around 1,600 customers in Vermont that their personal data was breached in August. In a letter posted on the Vermont government’s website, AT&T confirmed that a form...
https://penturalabs.wordpress.com/2014/10/09/att-suffers-insider-data-breach/
Published: 2014 10 09 14:32:02
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Security Made Simple

Article: Kmart hit by card hack attack - published about 10 years ago.
Content: It’s been revealed that a data breach at US retail chain Kmart that compromised card details lasted over a month. The discount department store said that the malware was discovered last week but had been operating since early September. Based on its investigation so far, the company said that it believes credit and debit cards were exposed but that no person...
https://penturalabs.wordpress.com/2014/10/22/kmart-hit-by-card-hack-attack/
Published: 2014 10 22 15:20:17
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Analysis

Article: Research Reveals Cost of Online Fraud to UK - published about 10 years ago.
Content: This week has been Get Safe Online Week and to coincide with the event, the National Fraud Intelligence Bureau researched cyber-crime in the UK. The research found that over the last year, the ten biggest online scams cost victims over £670m – although the actual figure is thought to be significantly higher than that due to unreported crimes. A separate poll...
https://penturalabs.wordpress.com/2014/10/30/research-reveals-cost-of-online-fraud-to-uk/
Published: 2014 10 30 10:21:43
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Impact Distribution

Cyber Security Made Simple

Cyber Tzar Your Score Explained

Article: Most businesses do not understand data breach risks - published about 10 years ago.
Content: Research by HP has uncovered a lack of understanding among businesses of the risks associated with data breaches. More than 70% of US and UK executives surveyed by the Ponemon Institute said that their organisation does not understand fully the dangers of breaches, while less than half of top executives and board members are kept informed about the response ...
https://penturalabs.wordpress.com/2014/11/07/most-businesses-do-not-understand-data-breach-risks/
Published: 2014 11 07 16:19:54
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Platform Highlights

Article: [IRCCloud] Inadequate input validation on API endpoint leading to self denial of service and increased system load - published about 9 years ago.
Content: So as you do, I was just looking around, manually fuzzing some Web Sockets requests, seeing if I could get any sort of XSS, Remote IRC Command Injection or SQLi mainly – ended up that I didn’t find much there that worse worth noting. So I started seeing if their logic was all alright, so one of their requests looked similar to: {“_reqid”:1234, “cid”:5678, “t...
https://penturalabs.wordpress.com/2015/10/13/fuzzing-for-fun-and-profit/
Published: 2015 10 13 12:04:47
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Impact Assesment

Article: [IRCCloud] History and Another XSS Bug Bounty - published about 9 years ago.
Content: Personally, I have been a user of IRC since 2004 on some private networks and some other well-known ones such as Freenode. However, it was always inconvenient to have to set up an IRC Bouncer, so when IRCCloud came around, I was excited to try it and see if it provided me with a method of staying connected to all the required networks without having to downl...
https://penturalabs.wordpress.com/2015/10/14/irccloud-history-and-another-xss-bug-bounty/
Published: 2015 10 14 10:50:15
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Cyber Tzar Platform Highlights

Cyber Tzar Gold Score Certificate

Article: Finding and Exploiting Same Origin Method Execution vulnerabilities - published almost 9 years ago.
Content: Recently it came to my attention that it was possible to abuse JSONP callbacks using a vulnerability known as SOME – Same Origin Method Execution which can be used by an attacker to widely abuse a user’s trust between the web application and the intended flow of execution. For example, using the SOME attack it is possible for an attacker to trick a user to v...
https://penturalabs.wordpress.com/2015/12/30/finding-and-exploiting-same-origin-method-execution-vulnerabilities/
Published: 2015 12 30 23:37:46
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Sites

Article: SNMPPLUX - published over 8 years ago.
Content: Pentura continually develop new tools and scripts to improve the effectiveness of the team. One such tool called SNMPPLUX is an offshoot of a larger development project (ORR). SNMPPLUX is a USM compliant SNMPv1, SNMPv2c and SNMPv3 authentication scanner powered by pysnmp, re, sys, getopt, array, time and multiprocessing python modules. As well as providin...
https://penturalabs.wordpress.com/2016/04/01/snmpplux/
Published: 2016 04 01 08:21:28
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Groups Explained

Article: Regulator fines COVID-19 tracker for turning contact data into sales leads - published over 3 years ago.
Content:
https://nakedsecurity.sophos.com/2021/05/19/regulator-fines-covid-19-tracker-for-turning-contact-data-into-sales-leads/
Published: 2021 05 19 18:53:54
Received: 2021 06 06 09:04:45
Feed: Naked Security - Sophos
Source: Naked Security - Sophos
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Cyber Tzar Sites

Cyber Tzar Score Analysis

Article: S3 Ep33: Eufy camera leak, Afterburner crisis, and AirTags (again) [Podcast] - published over 3 years ago.
Content:
https://nakedsecurity.sophos.com/2021/05/20/s3-ep33-eufy-camera-leak-afterburner-crisis-and-airtags-again-podcast/
Published: 2021 05 20 18:59:14
Received: 2021 06 06 09:04:45
Feed: Naked Security - Sophos
Source: Naked Security - Sophos
Category: Cyber Security
Topic: Cyber Security

Developer? Secuity Assesor? Risk Manager? Actary? We can help, whatever you need

Article: Naked Security Live – Jacked and hacked: how safe are tracking tags? - published over 3 years ago.
Content:
https://nakedsecurity.sophos.com/2021/05/24/naked-security-live-jacked-and-hacked-how-safe-are-tracking-tags/
Published: 2021 05 24 18:48:27
Received: 2021 06 06 09:04:45
Feed: Naked Security - Sophos
Source: Naked Security - Sophos
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: Eight suspects busted in raid on “home delivery” scamming operation - published over 3 years ago.
Content:
https://nakedsecurity.sophos.com/2021/05/25/eight-suspects-busted-in-raid-on-home-delivery-scamming-operation/
Published: 2021 05 25 01:15:41
Received: 2021 06 06 09:04:45
Feed: Naked Security - Sophos
Source: Naked Security - Sophos
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Developer? Secuity Assesor? Risk Manager? Actary? We can help, whatever you need

Cyber Tzar Risk Impact Distribution

Article: Apple patches dangerous security holes, one in active use – update now! - published over 3 years ago.
Content:
https://nakedsecurity.sophos.com/2021/05/25/apple-patches-dangerous-security-holes-one-in-active-use-update-now/
Published: 2021 05 25 18:30:33
Received: 2021 06 06 09:04:45
Feed: Naked Security - Sophos
Source: Naked Security - Sophos
Category: Cyber Security
Topic: Cyber Security

Learn more about our products

Article: S3 Ep34: Apple bugs, scammers busted, and how crooks bypass 2FA [Podcast] - published over 3 years ago.
Content:
https://nakedsecurity.sophos.com/2021/05/26/s3-ep34-apple-bugs-scammers-busted-and-how-crooks-bypass-2fa-podcast/
Published: 2021 05 26 18:56:50
Received: 2021 06 06 09:04:45
Feed: Naked Security - Sophos
Source: Naked Security - Sophos
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: “Unpatchable” vuln in Apple’s new Mac chip – what you need to know - published over 3 years ago.
Content:
https://nakedsecurity.sophos.com/2021/05/27/unpatchable-vuln-in-apples-new-mac-chip-what-you-need-to-know/
Published: 2021 05 27 18:59:00
Received: 2021 06 06 09:04:45
Feed: Naked Security - Sophos
Source: Naked Security - Sophos
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Learn more about our products

Cyber Tzar Risk Impact Assesment

Article: “Have I Been Pwned” breach site partners with… the FBI! - published over 3 years ago.
Content:
https://nakedsecurity.sophos.com/2021/06/02/have-i-been-pwned-breach-site-partners-with-the-fbi/
Published: 2021 06 02 18:55:00
Received: 2021 06 06 09:04:45
Feed: Naked Security - Sophos
Source: Naked Security - Sophos
Category: Cyber Security
Topic: Cyber Security

View our available products

Article: S3 Ep35: Apple chip flaw, Have I Been Pwned, and Covid tracker trouble [Podcast] - published over 3 years ago.
Content:
https://nakedsecurity.sophos.com/2021/06/03/s3-ep35-apple-chip-flaw-have-i-been-pwned-and-covid-tracker-trouble-podcast/
Published: 2021 06 03 18:34:23
Received: 2021 06 06 09:04:45
Feed: Naked Security - Sophos
Source: Naked Security - Sophos
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: How to hack into 5500 accounts… just using “credential stuffing” - published over 3 years ago.
Content:
https://nakedsecurity.sophos.com/2021/06/04/how-to-hack-into-5500-accounts-just-using-credential-stuffing/
Published: 2021 06 04 18:09:26
Received: 2021 06 06 09:04:45
Feed: Naked Security - Sophos
Source: Naked Security - Sophos
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Re-Score Report

View our available products

Cyber Tzar Your Score Explained

Article: Apple releases iOS 8 with 56 security patches - published about 10 years ago.
Content:
http://www.livehacking.com/2014/09/18/apple-releases-ios-8-with-56-security-patches/
Published: 2014 09 18 07:22:43
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

View our product reports

Article: Shellshock: Code injection vulnerability found in Bash - published about 10 years ago.
Content:
http://www.livehacking.com/2014/09/26/shellshock-code-injection-vulnerability-found-in-bash/
Published: 2014 09 26 06:54:53
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Source code for BadUSB vulnerability posted on GitHub - published about 10 years ago.
Content:
http://www.livehacking.com/2014/10/07/source-code-for-badusb-vulnerability-posted-on-github/
Published: 2014 10 07 11:10:03
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

View our product reports

Cyber Tzar Risk Groups Explained

Article: Alleged Dropbox hack underlines danger of reusing passwords - published about 10 years ago.
Content:
http://www.livehacking.com/2014/10/15/alleged-dropbox-hack-underlines-danger-of-reusing-passwords/
Published: 2014 10 15 08:03:16
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Our principles

Article: Apple release iOS 8.1 and Apple TV 7.0.1 with new security patches - published about 10 years ago.
Content:
http://www.livehacking.com/2014/10/21/apple-release-ios-8-1-and-apple-tv-7-0-1-with-new-security-patches/
Published: 2014 10 21 06:46:28
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Email addresses stolen from CurrentC - published about 10 years ago.
Content:
http://www.livehacking.com/2014/10/31/email-addresses-stolen-from-currentc/
Published: 2014 10 31 10:07:54
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Our principles

Cyber Tzar Change Over Time (Extended)

Article: Apple patches security flaws in iOS 8, OS X 10.10 and Apple TV 7 - published about 10 years ago.
Content:
http://www.livehacking.com/2014/11/18/apple-patches-security-flaws-in-ios-8-os-x-10-10-and-apple-tv-7/
Published: 2014 11 18 07:15:30
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Read our FAQ

Article: Sony hack shows that the company kept passwords stored in a folder called “Password” - published almost 10 years ago.
Content:
http://www.livehacking.com/2014/12/05/sony-hacks-shows-that-the-company-kept-passwords-stored-in-a-folder-called-password/
Published: 2014 12 05 10:48:59
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Microsoft fixes 24 security vulnerabilities in December’s Patch Tuesday - published almost 10 years ago.
Content:
http://www.livehacking.com/2014/12/10/microsoft-fixes-24-security-vulnerabilities-in-decembers-patch-tuesday/
Published: 2014 12 10 07:34:11
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Read our FAQ

Cyber Tzar Change Over Time (Extended)

Article: Apple updates OS X’s NTP server to address recently disclosed NTP vulnerabilities - published almost 10 years ago.
Content:
http://www.livehacking.com/2014/12/23/apple-updates-os-xs-to-address-ntp-vulnerabilities/
Published: 2014 12 23 08:39:04
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

How we calculate your Cyber Risk Score

Article: Microsoft to fix Windows vulnerability that Google publicly disclosed last week - published almost 10 years ago.
Content:
http://www.livehacking.com/2015/01/13/microsoft-to-fix-windows-vulnerability-that-google-publicly-disclosed-last-week/
Published: 2015 01 13 07:43:54
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Google discloses three more zero-day vulnerabilities, this time for OS X - published almost 10 years ago.
Content:
http://www.livehacking.com/2015/01/23/google-discloses-three-more-zero-day-vulnerabilities-this-time-for-os-x/
Published: 2015 01 23 07:45:27
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

How we calculate your Cyber Risk Score

Cyber Tzar Change Over Time (Extended)

Article: Apple updates iOS, OS X and Apple TV in monster patch release - published almost 10 years ago.
Content:
http://www.livehacking.com/2015/01/28/apple-updates-ios-os-x-and-apple-tv/
Published: 2015 01 28 12:56:01
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Understand your Cyber Tzar Risk Groups

Article: Cross Site Scripting vulnerability found in IE 11 - published almost 10 years ago.
Content:
http://www.livehacking.com/2015/02/04/cross-site-scripting-vulnerability-found-in-ie-11/
Published: 2015 02 04 09:46:59
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Google backpedals on its arbitrary vulnerability disclosure policy - published almost 10 years ago.
Content:
http://www.livehacking.com/2015/02/14/google-backpedals-on-its-arbitrary-vulnerability-disclosure-policy/
Published: 2015 02 14 10:58:46
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Understand your Cyber Tzar Risk Groups

Cyber Tzar Change Over Time (Extended)

Article: WP-Slimstat vulnerability exposes WordPress websites to SQL injection attacks - published over 9 years ago.
Content:
http://www.livehacking.com/2015/02/25/wp-slimstat-vulnerability/
Published: 2015 02 25 11:37:19
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Using the Cyber Tzar platform; easy as 1, 2, 3, 4.

Article: FREAK vulnerability weakens secure Web sites - published over 9 years ago.
Content:
http://www.livehacking.com/2015/03/04/freak/
Published: 2015 03 04 09:24:02
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Marketplace Benchmark

Article: The OpenSSL project releases new versions of its software to squash 12 security vulnerabilities - published over 9 years ago.
Content:
http://www.livehacking.com/2015/03/19/new-versions-openssl-to-squash-12-security-vulnerabilities/
Published: 2015 03 19 14:56:46
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Benchmark Summary

Using the Cyber Tzar platform; easy as 1, 2, 3, 4.

Cyber Tzar Change Over Time (Extended)

Article: Apple fixes security vulnerabilities in Safari, OS X, iOS and Apple TV - published over 9 years ago.
Content:
http://www.livehacking.com/2015/04/09/apple-fixes-security-vulnerabilities-in-safari-os-x-ios-and-apple-tv/
Published: 2015 04 09 07:37:20
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Validation is required for our most comprehensive scans

Article: Nmap 7 Released! - published about 9 years ago.
Content:
http://www.livehacking.com/2015/11/23/nmap-7-released/
Published: 2015 11 24 02:40:11
Received: 2021 06 06 09:04:45
Feed: LIVE HACKING
Source: LIVE HACKING
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Basic)

Article: The NCSAM Campaign - published about 4 years ago.
Content: For October’s National Cyber Security Awareness month, I put together a few videos and blogs. In my mind it formed a campaign, but for various reasons, the timings were a bit inconsistent and the different resources ended up on different places. So as a recap – I put everything from this year into this one blog post. Hey just because the month is over doesn...
https://javvadmalik.com/2020/11/19/the-ncsam-campaign/
Published: 2020 11 19 09:29:12
Received: 2021 06 06 09:04:45
Feed: J4vv4D
Source: J4vv4D
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

Validation is required for our most comprehensive scans

Cyber Tzar Change Over Time (Extended)

Article: Middle Brothers - published about 4 years ago.
Content: When we talk about privacy and surveillance, discussions usually involve talk of Governments keep the population under manners. But unlike the good old days of the eighteenth century, Governments aren’t the only ones with skin in the population monitoring, control, and profiteering business. We now have a whole slew of middle brothers aka big tech wanti...
https://javvadmalik.com/2020/11/25/middle-brothers/
Published: 2020 11 25 18:54:44
Received: 2021 06 06 09:04:45
Feed: J4vv4D
Source: J4vv4D
Category: Cyber Security
Topic: Cyber Security

The Cyber Tzar technology stack

Article: My Top 5 Blogs of the Year - published almost 4 years ago.
Content: I saw Cygenta posted their top 5 blogs of the year on Twitter and thought that it was a wonderful idea to rip off / borrow / be inspired by. So, I proudly present, my top 5 read blogs during the course of 2020. From my blog that is. I’ve written many other articles on other sites this year, and I’m sure some of them have been read more. Anyhow – on t...
https://javvadmalik.com/2020/11/27/my-top-5-blogs-of-the-year/
Published: 2020 11 27 17:16:52
Received: 2021 06 06 09:04:45
Feed: J4vv4D
Source: J4vv4D
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

Article: My top 5 videos of the year - published almost 4 years ago.
Content: Following on from last weeks post in which I summed up my top 5 blogs of the year, the sequel that one person asked me for was, what were the most watched videos of mine during 2020? Well, wonder no more, as I give you the top 5 in reverse order, cue the Top of the Pops intro! 5: Social Distance Club Nothing to do with security and all to do with...
https://javvadmalik.com/2020/12/04/my-top-5-videos-of-the-year/
Published: 2020 12 04 15:48:41
Received: 2021 06 06 09:04:45
Feed: J4vv4D
Source: J4vv4D
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

The Cyber Tzar technology stack

Cyber Tzar Re-Score Report

Article: Winding down 2020 - published almost 4 years ago.
Content: From a creative perspective, 2020 hasn’t been a bad year for me. I ended up writing, 80 blog posts (most of which were published elsewhere) created 54 videos, 48 podcasts, and 48 presentations and webinars. I guess lockdown gave me more time to mull on things and be more productive. Despite the fact that I am far more productive than the average per...
https://javvadmalik.com/2020/12/14/winding-down-2020/
Published: 2020 12 14 12:47:56
Received: 2021 06 06 09:04:45
Feed: J4vv4D
Source: J4vv4D
Category: Cyber Security
Topic: Cyber Security

Why Cyber Tzar?

Article: I’ve made it! - published almost 4 years ago.
Content: First off, happy new year! (Well if the tax man can start the new year in April, I can start it on Feb 11th!) Secondly, Infosecurity Magazine was ever so kind as to feature an interview with me in the Q1, 2021, Voume 18, Issue 1 edition. (the link should take you to the digital version if you’re so inclined). Of course, I won’t miss any opportuni...
https://javvadmalik.com/2021/02/11/ive-made-it/
Published: 2021 02 11 13:10:22
Received: 2021 06 06 09:04:45
Feed: J4vv4D
Source: J4vv4D
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

Article: Don’t run that code - published over 3 years ago.
Content: Hear the blog narrated The dangers of downloading untrusted code from the internet is well documented. You never know what is contained within someone else’s code, be it sloppy coding, or malicious intent. If it is a snippet of code that you can easily read, it can be relatively risk free. Because, why put in the effort to reinvent the wheel when the...
https://javvadmalik.com/2021/03/09/dont-run-that-code/
Published: 2021 03 09 10:29:48
Received: 2021 06 06 09:04:45
Feed: J4vv4D
Source: J4vv4D
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar SSL Certificate Health Check

Why Cyber Tzar?

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Fisherian Runaway - published over 3 years ago.
Content: Today I learn the phrase Fisherian Runaway, which was a term coined by mathematical biologist Ronald Fisher to account for the evolution of exaggerated male ornamentation, e.g. peacocks with their big tails. I wonder if we’ve fallen into the same trap within cyber security – especially when it comes to what gets researched, reported, and presented at ev...
https://javvadmalik.com/2021/03/10/fisherian-runaway/
Published: 2021 03 10 09:16:00
Received: 2021 06 06 09:04:45
Feed: J4vv4D
Source: J4vv4D
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar: Our Vision

Article: Leaving WhatsApp – Treating the Symptom, Not the Cause - published over 3 years ago.
Content: A few months ago, many people were riled up over the proposed updates to WhatsApp terms and conditions. The popular messaging service which was acquired by Facebook in 2014 for $16bn, was apparently updating its Ts and Cs which users had to either accept or choose to leave. While the whole thing seems to have fizzled out and people have forgotten ev...
https://javvadmalik.com/2021/04/07/leaving-whatsapp-treating-the-symptom-not-the-cause/
Published: 2021 04 07 11:31:38
Received: 2021 06 06 09:04:45
Feed: J4vv4D
Source: J4vv4D
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar SSL Certificate Health Check

Article: How I pwned an ex-CISO and the Smashing Security Podcast - published over 3 years ago.
Content: Disclaimer, this was a bit of fun with consent. But there are some worthwhile things to bear in mind. If you’re predictable, then criminals can take advantage of that. If someone knows what your pattern is to set passwords e.g. FacebookPassword1, TwitterPassword1, then you can easily guess what your other passwords are. Similarly, if you use the same na...
https://javvadmalik.com/2021/04/09/how-i-pwned-an-ex-ciso-and-the-smashing-security-podcast/
Published: 2021 04 09 15:12:52
Received: 2021 06 06 09:04:45
Feed: J4vv4D
Source: J4vv4D
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar SSL Certificate Health Check

Cyber Tzar: Our Vision

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Elon Musk and Tesla-related BTC giveaway scams are back in season in a fraud combo - published over 3 years ago.
Content: Threat actors are relentless when it comes to recycling old ruses to fool internet users and steal their money. While the ongoing pandemic and vaccination campaigns ushered in a new wave of creative scams, some malicious actors prefer to stick to old-fashioned scams that have proven efficient in the past. Tesla’s CEO, Elon Musk, is a favorite among cyber...
https://hotforsecurity.bitdefender.com/blog/elon-musk-and-tesla-related-btc-giveaway-scams-are-back-in-season-in-a-fraud-combo-25864.html
Published: 2021 05 24 08:00:00
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Goals

Article: FBI Analyst Accused of Stealing and Hoarding Classified Data, Including on Cyber Threats - published over 3 years ago.
Content: A federal grand jury indicted an employee of the FBI’s Kansas City Division for taking classified documents at home, for years on end, related to counterterrorism procedures, counterintelligence and cyber threats. One of the dangers security companies always warn about goes by the name of “insider threat.” Whether it’s intentional or by mistake, the resu...
https://hotforsecurity.bitdefender.com/blog/fbi-analyst-accused-of-stealing-and-hoarding-classified-data-including-on-cyber-threats-25873.html
Published: 2021 05 24 16:14:38
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar SSL Certificate Health Check

Article: Spikes in Holiday Fraud Expected as Travel Restrictions Ease in the UK, Action Fraud Warns - published over 3 years ago.
Content: As travel restrictions begin to ease, the UK’s national reporting center for fraud and cybercrime is warning the British public to watch out for holiday fraud. According to the latest public alert, holiday fraud has been a very lucrative business during the 2020-2021 financial year, inflicting losses of £2.2 million. Action Fraud says it had received 1,9...
https://hotforsecurity.bitdefender.com/blog/spikes-in-holiday-fraud-expected-as-travel-restrictions-ease-in-the-uk-action-fraud-warns-25875.html
Published: 2021 05 25 10:46:45
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Free Score Certificate

Cyber Tzar Goals

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Handling Pandemic Burnout While Balancing Digital Lifestyles and Cybersecurity - published over 3 years ago.
Content: We’re 15 months into the pandemic, and although many have learned to embrace work-from-home and social distancing measures, the struggles of isolation and lack of social contact have carved deep wounds into our psyche. Stuck at home with limited social interactions, individuals have found refuge online, spending hours in front of their screens. People go...
https://hotforsecurity.bitdefender.com/blog/handling-pandemic-burnout-while-balancing-digital-lifestyles-and-cybersecurity-25879.html
Published: 2021 05 25 10:58:19
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Twitter

Article: Malware exploited macOS zero-day flaw to secretly take screenshots. Update to Big Sur 11.4 now - published over 3 years ago.
Content: Apple Mac users are being advised to update their operating system as a matter of priority, after malicious hackers have discovered a way of bypassing the privacy protections built into Apple Macs. The vulnerability, allows attackers to gain permissions on vulnerable Macs without users’ granting explicit consent. Specifically, as security researchers ...
https://hotforsecurity.bitdefender.com/blog/malware-exploited-macos-zero-day-flaw-to-secretly-take-screenshots-update-to-big-sur-11-4-now-25884.html
Published: 2021 05 25 13:59:56
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Summary

Article: Microsoft to Pull the Plug on Internet Explorer 11 in 2022 - published over 3 years ago.
Content: Microsoft is preparing to retire the Internet Explorer 11 browser on June 15, 2022, but there are a few important caveats. If we consider those exceptions, it looks like IE will be around in some capacity even past then. Everyone knew the day would come when Microsoft finally ditched the old Internet Explorer browser. The company has been working towards...
https://hotforsecurity.bitdefender.com/blog/microsoft-to-pull-the-plug-on-internet-explorer-11-in-2022-25888.html
Published: 2021 05 25 14:25:25
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Cyber Tzar Twitter

Cyber Tzar Top Ten Vulnerabilities Explained

Article: FBI Issues Flash Advisory on Conti Ransomware Attacks Impacting Healthcare and First Responder Networks - published over 3 years ago.
Content: The Federal Bureau of Investigation has said in a flash announcement that the Conti ransomware group is responsible for at least 16 attacks targeting US healthcare and first responder networks within the last year. The victim organizations include law enforcement agencies, emergency medical services, 911 dispatch centers and municipalities, according to ...
https://hotforsecurity.bitdefender.com/blog/fbi-issues-flash-advisory-on-conti-ransomware-attacks-impacting-healthcare-and-first-responder-networks-25892.html
Published: 2021 05 26 08:44:14
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar LinkedIn page

Article: US Government Whips Pipeline Owners into Shape with New Cybersecurity Directive - published over 3 years ago.
Content: The US Transportation Security Administration (TSA) this week announced a directive that seeks to thwart cyber-attacks aimed at the oil & gas industry. Two weeks after the resounding ransomware attack on the largest gasoline pipeline in the US, the Department of Homeland Security’s Transportation Security Administration has announced a security direc...
https://hotforsecurity.bitdefender.com/blog/us-government-whips-pipeline-owners-into-shape-with-new-cybersecurity-directive-25894.html
Published: 2021 05 28 13:56:15
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Gold Score Certificate

Article: British Police Arrest Eight People in Smishing Fraud Case - published over 3 years ago.
Content: City of London and Metropolitan Police arrested eight men for allegedly sending fake messages and trying to trick people into paying a fee to retrieve a parcel, stealing their login credentials in the process. If you’ve ever wondered about the mechanism behind one of these spam campaigns, take a look at the investigation that ended with the arrest of sev...
https://hotforsecurity.bitdefender.com/blog/british-police-arrest-eight-people-in-smishing-fraud-case-25899.html
Published: 2021 05 28 16:29:58
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Analysis

Cyber Tzar LinkedIn page

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Interpol Thwarts Online Fraud Intercepting $83 Million Illicit Funds in the Asia-Pacific Region - published over 3 years ago.
Content: Amid increasing cyber-enabled financial crimes, Interpol announced its latest successful operation, which intercepted a whopping $83 million in illicit funds. According to a press release, law enforcement agencies in the Asia Pacific region opened more than 1,400 investigations between September 2020 and March 2021 Over six months, the Interpol-coordi...
https://hotforsecurity.bitdefender.com/blog/interpol-thwarts-online-fraud-intercepting-83-million-illicit-funds-in-the-asia-pacific-region-25905.html
Published: 2021 05 31 14:20:39
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Facebook page

Article: CISA and FBI Warn of New Spearphishing Campaign Targeting Government Organizations and NGOs - published over 3 years ago.
Content: The Cybersecurity and Infrastructure Security Agency (CISA) and FBI announced that a spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental organizations (NGOs) is now active, affecting hundreds of different entities. While the U.S. agencies said that they hadn’t attributed this spearphishi...
https://hotforsecurity.bitdefender.com/blog/cisa-and-fbi-warn-of-new-spearphishing-campaign-targeting-government-organizations-and-ngos-25908.html
Published: 2021 05 31 16:31:29
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Impact Distribution

Article: Russian Citizen Will Serve 30 Months Behind Bars for Running Dark Web Marketplace for Stolen Personal Data - published over 3 years ago.
Content: Russian citizen Kirill Victorovich Firsov will serve 30 months in prison for administrating an underground website that fueled the cybercriminal community for nearly seven years. According to a press release, the defunct platform DEER.IO hosted around 3,000 shops that sold stolen credit card information, phone numbers, Social Security numbers, and servic...
https://hotforsecurity.bitdefender.com/blog/russian-citizen-will-serve-30-months-behind-bars-for-running-dark-web-marketplace-for-stolen-personal-data-25912.html
Published: 2021 06 02 12:49:25
Received: 2021 06 06 09:04:45
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Impact Assesment

Cyber Tzar Facebook page

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Babuk ransomware gang says it’s no longer interested in encrypting data, would rather kidnap it instead - published over 3 years ago.
Content: In the early days of ransomware things were fairly simple: malware would infect your company’s infrastructure, encrypting your valuable data with a secret key that was only known to your attackers. If you had shown the foresight of making secure backups in advance, you could get back up and running again. But if you had no backups, your only chance of ge...
https://hotforsecurity.bitdefender.com/blog/babuk-ransomware-gang-says-its-no-longer-interested-in-encrypting-data-would-rather-kidnap-it-instead-25910.html
Published: 2021 06 02 12:56:05
Received: 2021 06 06 09:04:44
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar's Cyber Security Risk Score

Article: Pipeline Companies Will Be Fined $7,000 per Day if They Fail to Report a Breach – Reports - published over 3 years ago.
Content: TSA’s new directive mandating pipeline operators take cybersecurity seriously is being met with skepticism by experts. That includes rumors of a $7,000 penalty for each day that a breach goes unreported. Last week, the US Department of Homeland Security’s Transportation Security Administration announced a directive to “better identify, protect against, a...
https://hotforsecurity.bitdefender.com/blog/pipeline-companies-will-be-fined-7000-per-day-if-they-fail-to-report-a-breach-reports-25904.html
Published: 2021 06 02 13:21:28
Received: 2021 06 06 09:04:44
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Article: CISA Issues New Guidance to Help Admins Map Threat Actor Moves Based on MITRE ATT&CK Framework - published over 3 years ago.
Content: The Cybersecurity & Infrastructure Security Agency (CISA) has released a set of best practices for mapping threat actor moves based on the MITRE ATT&CK framework. The objective is to encourage a common language in threat actor analysis, showing system administrators how to map adversary behavior through instructions and examples. CISA created the...
https://hotforsecurity.bitdefender.com/blog/cisa-issues-new-guidance-to-help-admins-map-threat-actor-moves-based-on-mitre-attck-framework-25921.html
Published: 2021 06 03 13:54:50
Received: 2021 06 06 09:04:44
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Groups Explained

Cyber Tzar's Cyber Security Risk Score

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Facebook Says WhatsApp Users Can Still Use the App if They Don’t Accept the New Terms - published over 3 years ago.
Content: Facebook announced that WhatsApp won’t limit the app’s functionality for users who don’t accept the company’s proposed policy changes, backtracking on an earlier announcement saying the messaging app would slowly become unusable. Facebook’s original announcement regarding the WhatsApp policy changes miffed many users. They were told they had to agree to ...
https://hotforsecurity.bitdefender.com/blog/facebook-says-whatsapp-users-can-still-use-the-app-if-they-dont-accept-the-new-terms-25924.html
Published: 2021 06 03 14:25:30
Received: 2021 06 06 09:04:44
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

More than just a Cyber Risk Score

Article: Planning Your Summer Vacation? Here’s What You Need to Know to Avoid Holiday Booking Fraud - published over 3 years ago.
Content: As countries across the globe ease Covid-19 restrictions for travel, consumers are preparing for a much-anticipated summer vacation. However, as the hospitality sector is off to a steady reboot, it’s not just vacationers who are excited about the prospects of relaxing at a beachside villa. Fraudsters and scammers are in full attack mode as they prepare t...
https://hotforsecurity.bitdefender.com/blog/planning-your-summer-vacation-heres-what-you-need-to-know-to-avoid-holiday-booking-fraud-25927.html
Published: 2021 06 04 09:15:09
Received: 2021 06 06 09:04:44
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: White House Tells US Businesses to Deploy EDR in Wake of Ransomware Spat - published over 3 years ago.
Content: The Biden administration is calling on businesses to take measures against a growing ransomware threat across the United States, urging both private and public organizations to raise effective defenses against threat actors. In an open letter to corporate executives and business leaders, Anne Neuberger, Deputy Assistant to the President and Deputy Nation...
https://hotforsecurity.bitdefender.com/blog/white-house-tells-us-businesses-to-deploy-edr-in-wake-of-ransomware-spat-25930.html
Published: 2021 06 04 10:49:04
Received: 2021 06 06 09:04:44
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

More than just a Cyber Risk Score

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Currently Active WordPress Plugin Vulnerability Lets Attackers Take Full Control, Research Finds - published over 3 years ago.
Content: Security researchers have identified a vulnerability in the Fancy Product Designer plugin for WordPress that attackers are using right now in the wild, allowing them to upload malware to websites that use the plugin. Countless malware campaigns use vulnerable websites to distribute compromised files or extract data. One way attackers do this is by taking...
https://hotforsecurity.bitdefender.com/blog/currently-active-wordpress-plugin-vulnerability-lets-attackers-take-full-control-research-finds-25932.html
Published: 2021 06 04 10:54:13
Received: 2021 06 06 09:04:44
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Suppliers and just a Supply Chain Management

Article: Google to Scan Extension for Chrome to Weed out Malicious Files - published over 3 years ago.
Content: Google announced that it’s strengthening the security of its Chrome browser by extending the functionality of Enhanced Safe Browsing to let users filter out malicious extensions. One of Google Chrome’s strengths is the ability to install extensions to improve the user experience. Users can also manually install extensions, from outside the official store...
https://hotforsecurity.bitdefender.com/blog/google-to-scan-extension-for-chrome-to-weed-out-malicious-files-25934.html
Published: 2021 06 04 11:55:00
Received: 2021 06 06 09:04:44
Feed: HOTforSecurity
Source: HOTforSecurity
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: Welcome - published about 16 years ago.
Content: Welcome to the HappyPacket.net Blog. I'm hopefully going to be getting some of my content up soon, but I wanted to first do a post to talk about what I hope to put here. My current goal for this blog is to act as a source for new and interesting things in the computer security industry, as well as to post some of the projects that I'm working on. Most rec...
http://blog.happypacket.net/2008/09/welcome.html
Published: 2008 09 18 13:35:00
Received: 2021 06 06 09:04:44
Feed: Happy Packet Blog
Source: Happy Packet Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Suppliers and just a Supply Chain Management

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Fyodor Speaks on Internet DOS Attack - published about 16 years ago.
Content: Fyodor has a great writeup on what's going on with the TCP Resource Exhaustion DOS attack. You can read about it here: http://insecure.org/stf/tcp-dos-attack-explained.html . This makes sense based on what has been talked about. This seems to be a problem that has been around for a while, but as there has been confirmation that these packets can't be forge...
http://blog.happypacket.net/2008/10/fyodor-speaks-on-internet-dos-attack.html
Published: 2008 10 07 04:31:00
Received: 2021 06 06 09:04:44
Feed: Happy Packet Blog
Source: Happy Packet Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar's approach to Security Rating Services

Article: Chris Gates New School Information Gathering - published about 16 years ago.
Content: Chris Gates presentation from ToorconX has been posted on his blog: http://carnal0wnage.blogspot.com/2008/10/new-school-information-gathering.html . This is a great slide-deck. His presentation covers quite a few things from using Maltego through looking at meta data from published documents to discover user names, userids, and file paths. Much of this st...
http://blog.happypacket.net/2008/10/chris-gates-new-school-information.html
Published: 2008 10 07 05:34:00
Received: 2021 06 06 09:04:44
Feed: Happy Packet Blog
Source: Happy Packet Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: BeEF injection with Metasploit Payloads - published about 15 years ago.
Content: Wade Alcorn has released the latest version of the Browser Exploit Framework or BeEF for short. This version has some new features in it, including the code that I worked on for the Security BSides presentation. I encourage you to go over to http://www.bindshell.net and download the latest version of BeEF and try it out. If you don't know how to get star...
http://blog.happypacket.net/2009/09/beef-injection-with-metasploit-payloads.html
Published: 2009 09 20 00:28:00
Received: 2021 06 06 09:04:44
Feed: Happy Packet Blog
Source: Happy Packet Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Cyber Tzar's approach to Security Rating Services

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Thoughts on SecTor - published about 15 years ago.
Content: Last week I had the opportunity to speak at SecTor: Canada's Premier IT Security Conference. I had heard positive feedback regarding the conference from previous years and as the conference is only in its 3rd year the number of attendees was impressive. I have attended a number of other conferences in the past year including ShmooCon, BlackHat and ...
http://blog.happypacket.net/2009/10/thoughts-on-sector.html
Published: 2009 10 12 13:32:00
Received: 2021 06 06 09:04:44
Feed: Happy Packet Blog
Source: Happy Packet Blog
Category: Cyber Security
Topic: Cyber Security

Risk Impact Assessments from Cyber Tzar

Article: PSExec Scanner via Metasploit XMLRPC - published almost 15 years ago.
Content: I was inspired by Jabra's excellent post on creating a PSExec scanner with Metasploit and Perl to demonstrate how this same thing could be done locally or remotely using XMLRPC. The original post by Jabra is also a good way to do this, and can be found here: http://spl0it.wordpress.com/2009/12/17/metasploit-psexec-scanner-via-perl/Python and libxmlrpc make ...
http://blog.happypacket.net/2009/12/psexec-scanner-via-metasploit-xmlrpc.html
Published: 2009 12 17 18:50:00
Received: 2021 06 06 09:04:44
Feed: Happy Packet Blog
Source: Happy Packet Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Re-Score Report

Article: Sharing data remotely through Metasploit - published over 14 years ago.
Content: I've been working on some more XMLRPC stuff for Metasploit, and I wanted to share just a teaser for what is to come in the future. I'm working on some more integration between tools, but for now I have written a db module for Metasploit's XMLRPC engine which allows remote processes to get information from the database. Below is a quick demo of a remote hos...
http://blog.happypacket.net/2010/06/sharing-data-remotely-through.html
Published: 2010 06 17 19:31:00
Received: 2021 06 06 09:04:44
Feed: Happy Packet Blog
Source: Happy Packet Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Risk Impact Assessments from Cyber Tzar

Cyber Tzar Marketplace Benchmark

Article: Fun with Metasploit payload generation - published over 14 years ago.
Content: Tonight has been fun, I have been learning more about how payloads are generated inside Metasploit. My goal was to figure out how to add the msfencode functionality into the generate_simple function that is used by both XMLRPC and the console so that you can encode payloads and all that fun stuff from within Metasploit. I think I have it working now, and on...
http://blog.happypacket.net/2010/07/fun-with-metasploit-payload-generation.html
Published: 2010 07 23 05:39:00
Received: 2021 06 06 09:04:44
Feed: Happy Packet Blog
Source: Happy Packet Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar's Automated Penetration Test

Article: Slides and Code from Vegas - published over 14 years ago.
Content: Thanks to all who came to see me present this week. I had a great time. I have gotten some good feedback from folks, and so I'm going to be updating a lot of code in the near future. Until then, I've put slides and code online for now. As I go through and clean up some stuff and release production versions I will be posting videos online. Until then, her...
http://blog.happypacket.net/2010/08/slides-and-code-from-vegas.html
Published: 2010 08 02 22:16:00
Received: 2021 06 06 09:04:44
Feed: Happy Packet Blog
Source: Happy Packet Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Derbycon - published about 13 years ago.
Content: It's been busy here. I've been getting ready to present at SecTor in Toronto, and at Triangle InfoSec Con in Raleigh next week.But, I wanted to take a few minutes to update the blog about Derbycon. Derbycon was incredible. I am humbled and grateful that the organizers allowed me to participate, and I look forward to being able to attend next year. It was gre...
http://blog.happypacket.net/2011/10/derbycon.html
Published: 2011 10 17 01:02:00
Received: 2021 06 06 09:04:44
Feed: Happy Packet Blog
Source: Happy Packet Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Cyber Tzar's Automated Penetration Test

Cyber Tzar Benchmark Summary

Article: New MSFRPC Post - published almost 13 years ago.
Content: I have posted a new article about using MSFRPC over at http://blog.spiderlabs.com. This post will walk you through how to talk to Metasploit using Python and show off some new code that I released as part of SpiderLabs Git Repo at : https://github.com/SpiderLabs/msfrpc. Let me know if you have thoughts or suggestions.
http://blog.happypacket.net/2012/01/new-msfrpc-post.html
Published: 2012 01 15 01:56:00
Received: 2021 06 06 09:04:44
Feed: Happy Packet Blog
Source: Happy Packet Blog
Category: Cyber Security
Topic: Cyber Security

Pen Testing at Cyber Tzar

Article: Android Browser Same Origin Policy Bypass < 4.4 - CVE-2014-6041 - published about 10 years ago.
Content: IntroductionSame Origin Policy (SOP) is one of the most important security mechanisms that are applied in modern browsers, the basic idea behind the SOP is the javaScript from one origin should not be able to access the properties of a website on another origin. The origin is formed by the combination of Scheme, domain and port with the port being an excepti...
http://www.rafayhackingarticles.net/2014/08/android-browser-same-origin-policy.html
Published: 2014 08 31 09:33:00
Received: 2021 06 06 09:04:44
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Indepth Code Execution in PHP: Part Two - published about 10 years ago.
Content: This is a continued post from Code Execution in PHP; you can read the first post here, so if you haven't read that before please go ahead and read it first or else you would have problem understanding the second part.“…It’s no secret that PHP is an easy language to which anyone with amateur coding skills could work with and as a rule with poor knowledge of b...
http://www.rafayhackingarticles.net/2014/09/indepth-code-execution-in-php-part-two.html
Published: 2014 09 20 18:39:00
Received: 2021 06 06 09:04:44
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Pen Testing at Cyber Tzar

Cyber Tzar Change Over Time (Basic)

Article: A Tale Of Another SOP Bypass In Android Browser < 4.4 - published about 10 years ago.
Content: Since, my recent android SOP bypass [CVE-2014-6041] triggered a lot of eruption among the infosec community, I was motivated to research a bit more upon the android browser, it turns out that things are much worse than I thought, I managed to trigger quite a few interesting vulnerabilities inside of Android browser, one of them being another Same Origin Poli...
http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html
Published: 2014 10 02 11:53:00
Received: 2021 06 06 09:04:44
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Shift Left and SecDevOps Integration

Article: Common Attacks Against Modems - published almost 10 years ago.
Content: 0x01: Introduction to ModemsThe term DSL modem is technically used to describe "a modem which connects to a single computer, through a USB port or is installed in a computer PCI slot". The more common DSL router which combines the function of a DSL modem and a home router is a standalone device which could be connected to multiple computers through multiple ...
http://www.rafayhackingarticles.net/2014/12/common-attacks-against-modems.html
Published: 2014 12 14 19:40:00
Received: 2021 06 06 09:04:44
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Bad Meets evil - PHP meets Regular Expressions - published almost 10 years ago.
Content: twiThis article would briefly discuss the reason why Regular Expressions might not be suitable for filtersand how things could turn miserably bad when PHP comes is used with Regular Expressions. The post would then continue with the write-up of a relevant scenario based challenge, and finally will conclude with the author’s opinion on the topic.Common pitfal...
http://www.rafayhackingarticles.net/2014/12/bad-meets-evil-php-meets-regular.html
Published: 2014 12 25 11:33:00
Received: 2021 06 06 09:04:44
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Shift Left and SecDevOps Integration

Cyber Tzar Port Vulnerability Scan Report

Article: Android Browser Cross Scheme Data Exposure + Intent Scheme Attack - published almost 10 years ago.
Content: tl;dr This exploit is an issue present in Android browser < 4.4 and several other android browsers which allows an attacker to read sqlite cookie database file and hence exposing all cookies. Along with it we also talk about a Cross Scheme Data exposure attack in Android < 4.4.IntroductionDuring my research on ASOP (Stock Browser) I found out that is i...
http://www.rafayhackingarticles.net/2014/12/android-browser-cross-scheme-data.html
Published: 2014 12 29 10:00:00
Received: 2021 06 06 09:04:44
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar's Third Party Risk Management

Article: Android Browser Kitkat Content Spoofing Vulnerability - published over 9 years ago.
Content: The following is a low risk vulnerability that was found few months ago while testing the latest Android Stock browser on Android Kitkat. The issue that was found is commonly referred as Content spoofing Vulnerability or dialog box spoofing vulnerability which could be used to fake an alert message on a legitimate website.In other words, i could display an ...
http://www.rafayhackingarticles.net/2015/03/android-browser-kitkat-content-spoofing.html
Published: 2015 03 12 05:41:00
Received: 2021 06 06 09:04:44
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: CSP 2015 Capture The Flag Writeup - published over 9 years ago.
Content: On 11th April Giuseppe Trotta and myself organized a CTF (Capture The Flag) competition for Cyber Secure Pakistan (A conference that combines all the stakeholders). The challenge was hosted on hack.me and contained 9 different challenges, some challenges itself contained sub-challenges. Overall, we received great feedback from vast majority of participants. ...
http://www.rafayhackingarticles.net/2015/04/csp-2015-capture-flag-writeup.html
Published: 2015 04 18 07:31:00
Received: 2021 06 06 09:04:44
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Cyber Tzar's Third Party Risk Management

Cyber Tzar Port Vulnerability Scan Report

All Articles

Ordered by Date Received : Year: "2021" Month: "06"
Page: << < 193 (of 221) > >>

Total Articles in this collection: 11,093

"All Articles" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
Only Published Date selections use the articles Published Date.
The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
All subsequent pages show fifty items.
Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
"<<" moves you to the first page (aka newest articles)
">>" moves you to the last page (aka oldest articles)
"<" moves you to the previous page (aka newer articles)
">" moves you to the next page (aka older articles)
Return to the top of this page Go Now

Ordered by Date Received : Year: "2021" Month: "06" Page: << < 193 (of 221) > >>

Total Articles in this collection: 11,093

Ordered by Date Received : Year: "2021" Month: "06" Page: << < 193 (of 221) > >>

Total Articles in this collection: 11,093

Navigation Help

Custom HTML Block

Ordered by Date Received : Year: "2021" Month: "06"
Page: << < 193 (of 221) > >>

Ordered by Date Received : Year: "2021" Month: "06"
Page: << < 193 (of 221) > >>