SecureList

MARCH 12, 2024

During one of the projects, an SQL injection into an application that was open to signup by any internet user let us obtain the credentials of an internal system administrator. Mitigation: use parameterized SQL queries in application source code instead of combining them with a SQL query template.

Passwords 116

Passwords Authentication Architecture Risk 116

IT Security Guru

JANUARY 12, 2021

I wrote this article in an attempt to answer the most common questions that people have about making a career in cybersecurity. IoT (Internet of Things) Security. System Administrator (or, sysadmin). Weighing in on the most common questions. Secure Software Development. Secure DevOps. Web/Mobile Application security.

Cybersecurity 67

Cybersecurity Government IoT Penetration Testing 67

Spinone

DECEMBER 26, 2018

In this article we will learn how to address and effectively respond to major enterprise cybersecurity threats and provide tips to mitigate IT security risk. Today, c yber security incidents lead to significant damage, alarming organizations of all types and sizes in different geographic locations.

Security Awareness 40

Security Awareness Risk Cyber threats Cyber Risk 40

Digital Shadows

AUGUST 17, 2021

It could be a system administrator who has access to sensitive defense information and recently just met an attractive fitness influencer on social media (hello, Iran !). A compromised customer account might use business email compromise tactics to phish everyone in that customer’s circle.

Phishing 52

Phishing Accountability Social Engineering Mobile 52

eSecurity Planet

MAY 19, 2022

This article looks at the security functionality of SD-WAN solutions and how to bolster SD-WAN cybersecurity. This cloud-centric model offers administrators granular network management opportunities while leveraging the bandwidth and reducing the cost of service delivery. Jump ahead for a technical review on SD-WAN. SDN vs SD-WAN.

Firewall 57

Firewall Architecture Software Backups 57

eSecurity Planet

MARCH 25, 2022

This article looks at the remote desktop protocol, how RDP attacks work, best practices for defense, the prevalence of RDP attacks today, and how remote desktop software vendors are securing their clients. Also read : Best Internet Security Suites & Software. Defending Against RDP Attacks: Best Practices.

VPN 120

VPN Software Authentication Encryption 120

SiteLock

MARCH 10, 2022

In this article, we look at a simple and obvious stylesheet injection attack and discuss how this could have been a lot worse. However, in combination with the techniques we found in last month’s article , this could have been significantly harder to detect. Background. Overall, this injection was dangerous but easy to spot.

Malware 52

Malware System Administration Internet Internet 52

SecureList

OCTOBER 12, 2023

In this article, we’ll describe their new toolset, the malware used to steal and exfiltrate data, and the techniques used by this group to move laterally and conduct espionage operations. SCRIPT_NAME%.ps1

Encryption 127

Encryption Passwords Malware Firewall 127

ForAllSecure

MAY 26, 2022

He was indicted on charges of stealing millions of academic articles and journals from a digital archive at MIT. Vamosi: In 2002, I wrote an article for ZDNET titled “Jail Time is Not The Answer to Cyber Crime.” But MIT didn’t press charges. So it's kind of a business model, right? It's part of it.

Hacking 52

Hacking Technology InfoSec Media 52

Security Boulevard

JUNE 20, 2022

Historically, Microsoft recommended using the Enhanced Security Admin Environment (ESAE) architecture to provide a secure environment for AD administrators to prevent full compromise of a production forest in case of compromise of non-admin users. As an example, this article explains how to detect users added to Domain Admins.

Accountability 52

Accountability Risk Authentication Passwords 52