How to Become an Ethical Hacker

How to Become an Ethical Hacker – Ethical hacking is the perfect career choice for those interested in problem solving, communication and IT security. Here’s what it takes to become a white hat hacker. How to Become an Ethical Hacker An essential guide to becoming an ethical hacker I receive lots of emails asking for guidance on how to become an ethical hacker. Most requests are on how to become a black hat hacker which are usually ignored. Let’s take a look at the definition of an ethical hacker. How…

Read More

Digitally Signed Bandook Malware Once Again Targets Multiple Sectors

A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan. Check Point Research called out hackers affiliated with a group named Dark Caracal in a new report published yesterday for their efforts to deploy “dozens of digitally signed variants” of the Bandook Windows Trojan over the past year, thus once again “reigniting interest in this old malware family.” The different verticals singled out by the threat actor…

Read More

What is Key Server in Cryptography?

What is Key Server in Cryptography? – At last we turn to key management. This is, without a doubt, the most difficult issue in cryptographic systems, which is why we left it to near the end. We’ve discussed how to encrypt and authenticate data, and how to negotiate a shared secret key between two participants. Now we need to find a way for Alice and Bob to recognize each other over the Internet. As you will see, this gets very complex very quickly. Key management is especially difficult because it…

Read More

2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software

cPanel, a provider of popular administrative tools to manage web hosting, has patched a security vulnerability that could have allowed remote attackers with access to valid credentials to bypass two-factor authentication (2FA) protection on an account. The issue, tracked as “SEC-575” and discovered by researchers from Digital Defense, has been remedied by the company in versions 11.92.0.2, 11.90.0.17, and 11.86.0.32 of the software. cPanel and WHM (Web Host Manager) offers a Linux-based control panel for users to handle website and server management, including tasks such as adding sub-domains and performing…

Read More

What is Message Authentication Codes?

What is Message Authentication Codes? – A message authentication code, or MAC, is a construction that detects tampering with messages. Encryption prevents Eve from reading the messages but does not prevent her from manipulating the messages. This is where the MAC comes in. Like encryption, MACs use a secret key, K, known to both Alice and Bob but not to Eve. Alice sends not just the message m, but also a MAC value computed by a MAC function. Bob checks that the MAC value of the message received equals the…

Read More

Vulnerability Scanning

Vulnerability Scanning – Vulnerability discovery is an integral part of any security assessment. While we prefer manual, specialized tasks that leverage our knowledge and experience during a security audit, automated vulnerability scanners are nonetheless invaluable when used in proper context. In this module, we will provide an overview of automated vulnerability scanning, discuss its various considerations, and focus on both Nessus and Nmap as indispensable tools. Vulnerability Scanning How Vulnerability Scanners Work Vulnerability scanner implementations vary, but generally follow a standard workflow. Most automated scanners will: Detect if a target…

Read More

Prevention DoS/DDoS Attacks

Prevention DoS/DDoS Attacks – Distributed attack tools leverage bandwidth from multiple systems on diverse networks to produce potent denial-of-service attacks. To a victim, an attack may appear from different source addresses, whether or not the attacker employs IP source address spoofing. Responding to a distributed attack requires a high degree of communication among Internet sites. Prevention is not straightforward because of the interdependency of site security on the Internet; the tools are typically installed on compromised systems that are outside of the administrative control of future denial-of-service attack targets. Prevention…

Read More

How WPA Works

How WPA Works – WPA, or Wi-Fi Protected Access, was developed as “WEP’s replacement.” There are two versions of Wi-Fi Protected Access: WPA and WPA2. The original WPA standard was intended as a temporary replacement for WEP while the 802.11i (WPA2) standard was being developed. Because of the way WPA works, it was able to run on most existing wireless cards and access points through a simple firmware update. The technology that allows WPA to work on existing hardware is TKIP, the Temporal Key Integrity Protocol. We won’t go too…

Read More

Types Of Phishing Attacks

Types Of Phishing Attack – Phishing is an Internet scam where the user is convinced to divulge personal and confidential information. Phishers trick users with offers of money or other inducements in order to get users to give them personal information. The main purpose of phishing is to get access to the customer’s bank accounts, passwords, and other security information. Types Of Phishing Attack Man-In-The-Middle Attacks In this attack, the attacker’s computer is placed between the customer’s computer and the real Web site. This helps the attacker track communications between…

Read More

What Is DarkNet?

What Is DarkNet? – The secret world of the Darknet isn’t entered via any gate, but throughout the TOR: TOR stands for “The Onion Router”. The term “onion” identifies the layers that have to be penetrated from the information, unlike ordinary browsing, the pc doesn’t connect directly to the server where the site is situated. Rather, a complete chain of servers take part with the link so as to produce the best possible anonymity. What Is DarkNet? The first Coating: Entry-Point The entrance Stage (Server 1) to the TOR system…

Read More