Implementing a zero-trust model: The key to securing microservices
Introduction Organizations are increasingly integrating microservices into their software development processes. As noted by DZone, microservices break down software into multiple component services, thereby enabling organizations to deploy parts of an application ...
Typo 1: VulnHub CTF walkthrough (part 1)
In this article, we will solve a Capture the Flag (CTF) challenge that was posted on the VulnHub website by an author named Akanksha Sachin Verma. As per the description given by ...
Open-source application security flaws: What you should know and how to spot them
Introduction Open-source software helped to revolutionize the way that applications are built by professionals and enthusiasts alike. Being able to borrow a non-proprietary library to quickly prototype and build an application not ...
How to avoid getting locked out of your own account with multi-factor authentication
Multi-factor authentication (MFA) is one of the most popular authentication security solutions available to organizations today. It really comes as no surprise, as the multi-factor authentication benefits of enhanced security go beyond ...
Source 1: VulnHub CTF walkthrough
In this article, we will solve a Capture the Flag (CTF) challenge that was posted on the VulnHub website by an author named darkstar7471. Per the description given by the author, this ...
Troystealer malware: What it is, how it works and how to prevent it | Malware spotlight
We are living in an era where malware is part of our daily lives. Emergent campaigns are increasing, each more sophisticated and harder to detect than the last. Malware can reveal itself ...
How to create a subdomain enumeration toolkit
Introduction A domain name is an important part of the reconnaissance process during a security assessment or even for many bug bounty challenges. In this article, we’ll look at how a domain ...
Japan’s IoT scanning project looks for vulnerable IoT devices
The growing world of IoT — and security concerns The Internet of Things (IoT) is still a baby compared to other computing technologies, but the market has already exploded and continues to ...
How to find weak passwords in your organization’s Active Directory
Introduction Confidentiality is a fundamental information security principle. According to ISO 27001, it is defined as ensuring that information is not made available or disclosed to unauthorized individuals, entities or processes. There ...
Fake STOP/DJVU decryptor malware: What it is, how it works and how to prevent it
Introduction Imagine a situation where criminals steal access to your property. They offer you a seemingly valid solution in the way of a tool that will give you your access back. But ...