Secjuice (Page 27)

Sign in Subscribe

Predicting 2018's Bah Humbug

Predicting 2018's Bah Humbug

Christmas infosec predictions, the hopelessly generic forecasts, the bland Christmas-themed attacks and outdated predictions recycled from three Christmases ago.

My Journey To The Google Hall Of Fame

My Journey To The Google Hall Of Fame

This is the story of the how Abartan Dhakal managed to get into the Google Hall of Fame, along a path strewn with failure and invalid vulnerabilities.

Social Engineering 0x01 ~ An Introduction to Hacking People

Social Engineering 0x01 ~ An Introduction to Hacking People

The most vulnerable thing about your workplace is the people in it. We, as humans, do not have things like security hot-fixes or patches, yet we have some of the biggest flaws ever seen.

How Not to CISO - Tools Before Capabilities

How Not to CISO - Tools Before Capabilities

Tools are stepping stones in maturity and capability within an organization. In this article we take a look at how not to approach investing in infosec tools.

How To Handle A Data Breach Crisis

How To Handle A Data Breach Crisis

‘Crisis’ is not a word that sensible people like and is best avoided altogether. Let's imagine that a cybersecurity crisis ambushes you when you least expect it.

Secure Password Handling in Depth

Secure Password Handling in Depth

Infosec never gets bored of talking about passwords. In this article we deep dive into the consensus around web application password handling.

Using Serverless Frameworks - Part 1

Using Serverless Frameworks - Part 1

Serverless has become a movement in application development because it allows developers to focus on code and leave infrastructure to the providers.

Getting Started With Objection + Frida

Getting Started With Objection + Frida

How to get started assessing iOS apps on a nailed device using Objection. which enables us to assess an iOS app in an environment using Frida.

Quantum Computing 101 - Part One

Quantum Computing 101 - Part One

Quantum Physics studies the behavior of matter & energy at the molecular, atomic & nuclear levels and it will have a huge impact on secure computing.

False Flags In Threat Attribution

False Flags In Threat Attribution

The entire concept of threat attribution is tremendously flawed argues security researcher Matt Telfer. In this article we take a closer look at false flags.

The Browser Is A Bitch

The Browser Is A Bitch

We love browsers, they are our window to the world, we love browsers so much that we have fought wars over them, but sadly the browser is not your friend.

Lets Talk About Ciphers

Lets Talk About Ciphers

Ciphers have been used since ancient times for sending encrypted messages which could not be read if they were intercepted by a third party.

Flaring The Blue Team - When You Confuse Them You Lose Them

Flaring The Blue Team - When You Confuse Them You Lose Them

In this article, we take a closer look at a flaring script for report-uri, one that we will use to confuse and distract the blue team by sending them random false positives. #flaring

Beyond Buzzword Bingo: A Measured Discussion of AI and Cybersecurity

Beyond Buzzword Bingo: A Measured Discussion of AI and Cybersecurity

Within the infosec community, AI is either dismissed like vegan turkey or praised as the industry's magical elixir. In this article Jamie Collier delves into how the conversation can be improved.

How To Build A Hash Cracking Rig

How To Build A Hash Cracking Rig

In this article security researcher Sebastian Bicchi teaches us how to build a low-cost, but high quality cracking rig by repurposing a hardware crypto mining rig.

Playing In The Dark Corners Of Windows With Alternative Data Streams

Playing In The Dark Corners Of Windows With Alternative Data Streams

In this article we look at the exploitation of ADS in the NTFS file system to conceal data secretly using the Stealth Alternative Data Stream, which cannot easily be detected.

Small Businesses Face More Cyber Risk Now Than They Ever Have

Small Businesses Face More Cyber Risk Now Than They Ever Have

It’s a jungle out there, one with cybercriminals hiding behind every bush and the small business has become a top target for cybercriminals

What Does A Cryptocurrency B2B Scam Look Like?

What Does A Cryptocurrency B2B Scam Look Like?

With the arrival of new technologies, cryptocurrency scams are catching a second wind. Take a closer look at the scams targetting businesses.

Malware Analysis Using Memory Forensics

Malware Analysis Using Memory Forensics

Malware analysis can be very simple or very complex. The goal of this article is to introduce a process of using free tools that entry-level analysts can use to collect data.

An Introduction To Binary Exploitation

An Introduction To Binary Exploitation

Interested in binary exploitation? Then welcome to a very detailed beginners guide and introduction to help you start your journey's in binary exploitation!

From Passwords To Web Authentication

From Passwords To Web Authentication

Passwords safe aren't here to stay. Yet they are still needed. Read where we are with web authentication and where we are going.

Passive Reconnaissance Using OSINT

Passive Reconnaissance Using OSINT

This article explores the basics and core aspects of OSINT from a reconnaissance perspective, in which we map out the entire public facing infrastructure of a target.

Apache Struts2 CVE-2018-11776 POC

Apache Struts2 CVE-2018-11776 POC

Learn about the Struts2 Remote Code Execution vulnerability CVE-2018-11776, how to exploit and how to create a Proof of Concept (POC) with docker.

Cryptocurrency Double Spending

Cryptocurrency Double Spending

An introduction to cryptocurrency and a closer look at double spending, one of the many attacks affecting the security of some cryptocurrencies.

Passwords & Human Psychology

Passwords & Human Psychology

The problem with humans is that we want to protect our data but are not willing to make any effort to protect it, a good example is the passwords we choose.