INFOSEC

A Beginners Guide To The Dark Net & Protecting Yourself When Using It

You already know about the surface web, it is the home of websites like Amazon, Google, and YouTube, but have you ever been to the dark web?

INFOSEC

Chinese Threat Intelligence: Part Three

In part three of Viking Sec's series on Chinese threat intelligence, we look at how China evolved from starving farmers into APT1.

A Hacking Methodology Explainer

In this explainer I will attempt to explain hacking methodology in simple terms, because it can often be difficult for infosec outsiders to understand even the most commonly used terms.

CYBERSEC

Chinese Threat Intelligence: Part 2

In part two of this three part series on Chinese threat intelligence we learn about Chinese Nationalism and the Chinese nation state hacking scene.

TECHNICAL

Introduction To Serverless Security: Part 2 - Input Validation

Infosec writer Miguel A. Calles illustrates the importance of input validation in serverless environments where there are multiple input sources.

CYBERSEC

Secure Browsing: My Personal Journey

Infosec writer Miguel A. Calles shares his journey to secure web browsing and a review on a service that helped him achieve his browsing strategy with remote browser isolation.

INFOSEC

Chinese Threat Intelligence: Part 1

A modern primer on threat intelligence in China and a non-specific inventory of the threats we're facing from China. Part one of a three part series.

TECHNICAL

How To Technically Deal With An Intrusion On A Windows System

It's late in the evening, you're getting ready to sleep when your phone rings, it's one of your relatives, "I think someone hacked into my computer, I need help". What's your next move?

TECHNICAL

Introduction To Serverless Security: Part 1 - Dependencies

Infosec writer Miguel A. Calles argues it is a good idea to review which packages you import, the dependency tree, and known vulnerabilities when writing your serverless application.

INFOSEC

Small Businesses Need Remote Browsers More Than The Enterprise

Small businesses need the protection of remote browser isolation more than large businesses, because their cost of failure is catastrophically higher.

TECHNICAL

PowerShell Logging and Security

This tutorial aims to help you get PowerShell logs from your endpoints into your SIEM to protect you from modern PowerShell abuse.

TECHNICAL

Homegrown Cyber Threat Intelligence With STIX2 and Couchbase

Threat intelligence is an important part of incident response and vulnerability management, in this article we show you how to create and archive threat intelligence, without paying vendors, using STIX and Couchbase.

INFOSEC

Furious Fapping & Your Privacy

The UK's PORN BLOCK is bringing back the embarrassing old days of buying dirty magazines at the newsagents for the new digital generation.

INFOSEC

Someone May be Listening To You Through Your Smart Speaker

The best way to protect your privacy with smart speakers is not to have one, because when you speak to it a stranger might be listening in.

INFOSEC

How To Choose A Virtual Private Network (VPN) Provider

This article will help you cut through the VPN vendor marketing confusion and help you choose a provider who is serious about your privacy.

INFOSEC

The Mental Health Hackers

We rarely talk about mental health issues in the infosec space, but it is both healthy and positive for everyone if we can talk about them openly, without judgement.

INFOSEC

Tips For Awesome Infosec Conferences

Security researcher Abartan Dhakal just returned from his first infosec CON's, here are his top tips for getting the best out of your conference trips.

INFOSEC

SAST Isn't Code Review

Static Application Security Test (SAST) is useful for checking your source code to find potential security vulnerabilities, but it isn't Code Review.

The Eternal Password Riddle

Despite constant technological innovation going on all around us, password management still feels like a riddle, a good excuse to deep dive into information entropy.

TECHNICAL

Curling With Hack The Box

A fantastic technical write up of the Curling box challenge from Hack The Box and security researcher aPirateMoo.

INFOSEC

Never Post A Picture Of Your Boarding Pass On Social Media

Posting your boarding pass on social media may seem like a cool thing to do, but here are a ton of reasons why you shouldn't.

CYBERSEC

Credential Stuffing Attacks Are Rising In Popularity, But They're Easy to Stop

Why have rudimentary attacks such as credential stuffing become so common? Because hackers prefer to spend their time using more efficient and less costly attack methods.

INFOSEC

Disclosure of Origin IP of The Exploits Trading Platform 0day.today

Ever wondered where the origin server for the popular zero day exploit platform 0day-today is?

TECHNICAL

Powershell CLM Bypass Using Runspaces

Learn about Powershell's CLM and one of the ways you can bypass the Constrained Language Mode (CLM) using Runspaces.

INFOSEC

How To Train Your Social Team To Deal With Security Researchers

A guide for leaders who want to train their social media teams to deal with researchers reporting cyber security issues.