Fireship·2yThe Internet's most broken protocol
The Border Gateway Protocol (BGP), a critical component of the Internet, has been at fault for several major outages and security breaches, as it was designed without stringent modern security measures. To mitigate these issues, a new solution involving the Resource Public Key Infrastructure (RPKI) is being implemented to cryptographically sign route announcements, though adoption is varied globally.
David Bombal·2yHacking networks with Python (FREE CCNA 200-301 Course 2024)
The post is part of a CCNA course focused on practical demonstrations using real equipment like Cisco switches and Kali Linux. It covers the concepts of root guard and BPDU guard, showing how these features can protect a network's spanning tree topology. The author uses a Python script to simulate network attacks and demonstrates how to secure the network using these tools. The post highlights the availability of free and paid training materials on Cisco U, where readers can practice along with the demonstrations.
The New Stack·2yMost Dangerous JavaScript Vulnerabilities To Watch For in 2025
JavaScript remains a top programming language but is vulnerable to various security threats. These include advanced XSS attacks, CSRF, server-side JS injection, formjacking, prototype pollution, IDOR, and supply chain attacks. To mitigate these risks, developers need to implement secure coding practices, including correct input validation, use of security tokens, and regular integrity checks.
Semaphore·2yAPI Security Best Practices: Protecting Your Data in Transit
APIs are essential for modern web development, making them prime targets for cyberattacks. Securing APIs involves best practices such as encrypting communication via HTTPS, authenticating endpoints, using API gateways, enforcing fine-grained access control, and implementing rate limiting. Regular audits, penetration tests, and the use of security tools like linters, SCA, and SAST tools are also crucial. Following established security standards, such as those from OWASP, can further fortify API security.
Snyk·2yWhat you should know about PHP security vulnerabilities
PHP is a popular scripting language for web development, which makes it a target for hackers. Developers must understand PHP security risks like SQL Injection and code injection, and use practices like sanitizing inputs, using prepared statements, and regularly updating dependencies to mitigate these risks. Tools like Snyk can automate the process of identifying and fixing vulnerabilities in PHP applications, ensuring compliance and protecting against breaches.
An0n Ali·2yHow to Use AI for OSINT?
Learn how to leverage AI for Open Source Intelligence (OSINT) by automating data scraping from social media profiles and using tools like ChatGPT and Lenso.ai for advanced search and analysis. This guide discusses how AI can help in tasks such as personality analysis, behavior assessment, and even facial recognition from old photos. It also highlights potential misuse and ethical concerns related to AI in OSINT.
strongdm·2y15 Kubernetes Security Best Practices in 2024
Kubernetes has transformed software development but requires rigorous security practices to manage its complexities. Key best practices include implementing Role-Based Access Control (RBAC), using network policies, securing secrets management, enforcing immutable container images, continuously scanning for vulnerabilities, and adopting a Zero Trust Architecture. Other steps include implementing least privilege access, monitoring and auditing activities, using multi-factor authentication, regularly updating clusters, hardening configurations, encrypting data, establishing backup procedures, applying Pod Security Standards, and educating teams on security protocols. Utilizing a Zero Trust PAM solution can facilitate the implementation of these practices effectively.
Hacker News·2yMicrosoft's 'Recall' feature can't be uninstalled after all
Windows 11 users will not be able to uninstall Microsoft's 'Recall' feature despite earlier reports suggesting otherwise. Recall, a feature that takes constant screenshots for easy retrieval of past activities, was listed as removable due to a bug. Microsoft confirmed it will correct this in an upcoming update. The feature has faced criticism for its potential cybersecurity risks and is being investigated for privacy violations. Initially set for a June release, it has now been postponed to October for Windows Insiders testing.
AlternativeTo·2yKali Linux 2024.3 launches with 11 new hacking tools and enhanced Raspberry Pi support
Kali Linux 2024.3 introduces 11 new hacking tools and enhances Raspberry Pi support, including compatibility with the Raspberry Pi 4 Compute Module Wi-Fi and Qualcomm Snapdragon SDM845 SoC devices. Features include tools like graudit for source code auditing, gsocket for cross-network communication, and sprayhound for password spraying, among others. The update also integrates Linux kernel 6.6 LTS for Raspberry Pi 5 and reverts to Linux 6.1 LTS for improved Pinebook compatibility. Enhancements for mobile penetration testing and ARM-based systems are also included.
CSO Online·2y12 dark web monitoring tools
Enterprises can proactively safeguard against data breaches and leaks by using dark web monitoring tools, which scan for compromised data and provide crucial threat intelligence. These tools help detect and respond to cyberattacks, fraud, phishing, and brand spoofing. Various tools like Brandefense, CrowdStrike, CTM360, and others offer specialized functionalities such as real-time threat detection, AI-driven insights, and integration with existing security frameworks, making them essential for comprehensive cybersecurity strategies.
Tech With Tim·2yThese Coding Niches Will Make You $$$$ in 2024
Explore five high-paying coding niches for 2024: artificial intelligence and machine learning, data science, blockchain development, cyber security, and DevOps. From creating algorithms for AI to protecting sensitive data in cyber security, these fields offer lucrative opportunities for tech professionals.
Lobsters·2ySSH Keystroke Obfuscation Bypass
OpenSSH 9.5 introduced keystroke timing obfuscation to mitigate timing attacks via traffic analysis. Despite this, a researcher discovered a bypass that allows keystroke packets to be identified among the obfuscating 'chaff' packets. Using SSHniff and latency analysis tools, the researcher could infer commands typed during an SSH session, highlighting shortcomings in the current obfuscation methods. The bypass involves recognizing larger packet sizes produced during user keystrokes after the chaff has been triggered.
Low Level Learning·2yThis Tool Makes Bug Hunting WAY Too Easy!
The CH341a is a low-cost tool used to easily extract and manipulate firmware from various electronic devices like routers. It allows users to read and flash NOR flash memory without desoldering, making it efficient for bug hunting and security research. The post discusses the process of using this device on a common Wi-Fi router, ethics in firmware reverse engineering, and some basic steps for analyzing the extracted firmware.
Eric Parker·2yHow to Check if your PC is Hacked
Learn how to check if your computer has been hacked, specifically focusing on remote access Trojans (RATs) and info stealers. This guide covers red flags such as disabled administrator functions and tamper protection, how to detect malware using tools like CIS Internals, and steps to take if your system is compromised, including reinstalling Windows and changing all passwords.
David Bombal·2yNever access the Dark Web without doing this! (Tor and Telegram demos)
The post provides insights into safely navigating the dark web, focusing on operational security (OPSEC). It highlights the importance of using secure tools like Tor and Telegram while discussing the risks of encountering illegal content. The post also mentions reputable sources like the Dark Net Marketplace Bible for OPSEC best practices. Additionally, it promotes TCM Security's certifications, which include comprehensive training and practical exams in penetration testing.
The New Stack·2y3 API Vulnerabilities Developers Accidentally Create
Ethical hacker Katie Paxton-Fear highlights common API vulnerabilities that developers often overlook, emphasizing the importance of understanding application logic and prioritizing security. Examples include improper authentication mechanisms and ignoring the necessity of documentation. Paxton-Fear argues that tackling these issues requires a shift in IT culture to prioritize security alongside development tasks.
InfoSec Write-ups·2yLarge-Scale Data Exfiltration: Exploiting Secrets in .env Files to Compromise Cloud Accounts and Inflict Severe Business Degradation
Researchers from Palo Alto Networks’ Unit 42 uncovered a large-scale cyber attack targeting cloud environments by exploiting secrets in .env files. The attack involved five phases: Initial Access, Account Discovery, Privilege Escalation, Malicious Execution, and Data Exfiltration. The attackers gained access to AWS environments, escalated privileges, executed malicious code, and exfiltrated data from S3 buckets, leaving ransom notes. Understanding the structure of AWS IAM roles and implementing security best practices are critical to mitigate such threats.
Eric Parker·2yReverse Engineer malware QUICKLY with a Sandbox
Learn how to quickly reverse engineer malware using a sandbox environment. The tutorial covers various tools and settings, including mitm proxy and fake net, to analyze malware behavior, even when it tries to evade detection. Key features of using a sandbox such as detecting ransomware and capturing network activities are emphasized, providing practical insights into malware analysis.
Latest Hacking News·2yHow to check suspicious links fast?
Cyber attackers are becoming more sophisticated, so it's crucial to use up-to-date tools like ANY.RUN’s Safebrowsing to check suspicious links. This tool allows you to enter a URL into a secure environment for fast analysis. You can navigate the site safely, receive alerts about malicious activities, and generate detailed reports on potential threats. Organizations can empower employees to use these tools to prevent phishing attacks without needing security team intervention.
Descope·2yWhat Are AITM Attacks and How To Protect Against Them
Adversary-in-the-middle (AITM) attacks are sophisticated cyber threats where attackers intercept communication between a user and a legitimate service, often utilizing phishing-as-a-service schemes. These attacks can bypass protections like multi-factor authentication (MFA) and exploit methods like reverse web proxies and browser-in-the-middle (BiTM) programs. Best practices for defense include robust MFA and session security, granular conditional access policies, and continuous monitoring for threats.
freeCodeCamp·2yWhat is Cache Poisoning? How Hackers Manipulate Web Caches and How to Avoid It
Web caches enhance browsing speed by storing copies of web pages and resources, but they can be exploited through cache poisoning, where hackers manipulate stored data to serve malicious content. This can happen via host header attacks, HTTP parameter pollution, and Vary header manipulation. Protection measures include proper input validation, using secure caching headers, controlling cache key settings, and implementing HTTPS.
Low Level Learning·2yThis Hacker Can HEAR YOUR MEMORY?!
A researcher has discovered the Rambo attack, a novel cyber-attack technique that uses electromagnetic signals from a computer's RAM to covertly extract data from air-gapped networks. This method involves writing data to RAM in a particular sequence to create electrical noise, which can then be captured and decoded by an external device. The only effective countermeasures include working in a shielded room or using a Faraday cage.
David Bombal·2yWiFi Hacking Watch (Next Level Stealth)
This post discusses the capabilities of a WiFi hacking smartwatch called the WiFi Commander, which can perform de-auth attacks and beacon attacks to disrupt WiFi networks. It highlights various features of the watch, such as its compact design, 2.4 GHz limitation, and lack of instructions. The author demonstrates how the watch can disconnect devices from a network and create fake access points. Important advice is provided on improving WiFi security against such attacks, including using WPA3, 5 GHz, complex passwords, and other security measures.
