Secjuice (Page 24)

Sign in Subscribe

Introduction To Serverless Security: Part 1 - Dependencies

Introduction To Serverless Security: Part 1 - Dependencies

Infosec writer Miguel A. Calles argues it is a good idea to review which packages you import, the dependency tree, and known vulnerabilities when writing your serverless application.

Small Businesses Need Remote Browsers More Than The Enterprise

Small Businesses Need Remote Browsers More Than The Enterprise

Small businesses need the protection of remote browser isolation more than large businesses, because their cost of failure is catastrophically higher.

PowerShell Logging and Security

PowerShell Logging and Security

This tutorial aims to help you get PowerShell logs from your endpoints into your SIEM to protect you from modern PowerShell abuse.

Homegrown Cyber Threat Intelligence With STIX2 and Couchbase

Homegrown Cyber Threat Intelligence With STIX2 and Couchbase

Threat intelligence is an important part of incident response and vulnerability management, in this article we show you how to create and archive threat intelligence, without paying vendors, using STIX and Couchbase.

Furious Fapping & Your Privacy

Furious Fapping & Your Privacy

The UK's PORN BLOCK is bringing back the embarrassing old days of buying dirty magazines at the newsagents for the new digital generation.

Someone May be Listening To You Through Your Smart Speaker

Someone May be Listening To You Through Your Smart Speaker

The best way to protect your privacy with smart speakers is not to have one, because when you speak to it a stranger might be listening in.

How To Choose A Virtual Private Network (VPN) Provider

How To Choose A Virtual Private Network (VPN) Provider

This article will help you cut through the VPN vendor marketing confusion and help you choose a provider who is serious about your privacy.

The Mental Health Hackers

The Mental Health Hackers

We rarely talk about mental health issues in the infosec space, but it is both healthy and positive for everyone if we can talk about them openly, without judgement.

Tips For Awesome Infosec Conferences

Security researcher Abartan Dhakal just returned from his first infosec CON's, here are his top tips for getting the best out of your conference trips.

SAST Isn't Code Review

SAST Isn't Code Review

Static Application Security Test (SAST) is useful for checking your source code to find potential security vulnerabilities, but it isn't Code Review.

The Eternal Password Riddle

The Eternal Password Riddle

Despite constant technological innovation going on all around us, password management still feels like a riddle, a good excuse to deep dive into information entropy.

Curling With Hack The Box

Curling With Hack The Box

A fantastic technical write up of the Curling box challenge from Hack The Box and security researcher aPirateMoo.

Never Post A Picture Of Your Boarding Pass On Social Media

Never Post A Picture Of Your Boarding Pass On Social Media

Posting your boarding pass on social media may seem like a cool thing to do, but here are a ton of reasons why you shouldn't.

Credential Stuffing Attacks Are Rising In Popularity, But They're Easy to Stop

Credential Stuffing Attacks Are Rising In Popularity, But They're Easy to Stop

Why have rudimentary attacks such as credential stuffing become so common? Because hackers prefer to spend their time using more efficient and less costly attack methods.

Disclosure of Origin IP of The Exploits Trading Platform 0day.today

Disclosure of Origin IP of The Exploits Trading Platform 0day.today

Ever wondered where the origin server for the popular zero day exploit platform 0day-today is?

Powershell CLM Bypass Using Runspaces

Powershell CLM Bypass Using Runspaces

Learn about Powershell's CLM and one of the ways you can bypass the Constrained Language Mode (CLM) using Runspaces.

How To Train Your Social Team To Deal With Security Researchers

How To Train Your Social Team To Deal With Security Researchers

A guide for leaders who want to train their social media teams to deal with researchers reporting cyber security issues.

How To Harden Your Docker Containers

How To Harden Your Docker Containers

Properly securing your containers can be time consuming. This technical walkthrough will guide you through the steps involved in hardening your containers.

What You Don't Know Can Hurt You

What You Don't Know Can Hurt You

“What you don’t know can't hurt you” is an old saying which does not really apply to infosec.

The Stoic Approach To OSINT

The Stoic Approach To OSINT

The deep thinkers approach to OSINT. What if all you had was a search engine? A complete and total focus on observable evidence linked by inferences.

Investigation - A Fraudulent App With Some Dangerous Permissions

Investigation - A Fraudulent App With Some Dangerous Permissions

A security researcher is hot on the trail of the creators of a fraudulent Android app with some dangerous permissions, in this ongoing investigation and analysis.

The Poetry Of Infosec

The Poetry Of Infosec

Let it never be said that the information security space does not have a poetic side, this Valentines day we saw an outpouring of romantic prose.

HackTheBox Giddy Write Up

HackTheBox Giddy Write Up

Join security researcher Shaksham Jaiswal on a technical deep dive into HackTheBox's Giddy CTF.

DNS over HTTPS (+ModSecurity WAF)

DNS over HTTPS (+ModSecurity WAF)

One of the problems with DNS is that a query is sent over an unencrypted connection, anyone listening to the packets knows the websites you visit.

Long Live Non-Profit's

Long Live Non-Profit's

The infosec community faces a unique challenge in persuading young talent not to do anything dumb or illegal and helping them positively harness their skills.