Most popular programming languages
May 12 2019
Hacking the ‘Unhackable’ eyeDisk USB stick with Wireshark
The paradox, the USB stick eyeDisk that uses iris recognition to unlock the drive could reveal the device’s password in plain text in a simple way.
Source: Hacking the ‘Unhackable’ eyeDisk USB stick with Wireshark
May 09 2019
7 Types of Experiences Every Security Pro Should Have
As the saying goes, experience is the best teacher. It’ll also make you a better and more well-rounded security pro.
Source: 7 Types of Experiences Every Security Pro Should Have
May 09 2019
Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware
Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware
Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper
Follow the numbers in blue to understand each step.
Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper
Source: Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware
DISC InfoSec 🔒 securing the business 🔒 Learn more…
May 07 2019
ICS-CERT warns of several flaws in the GE Communicator software
ICS-CERT is warning of several vulnerabilities in the GE Communicator software, including hardcoded credentials and privilege escalation bugs.
Source: ICS-CERT warns of several flaws in the GE Communicator software
May 06 2019
Unsecured SkyMed Database Exposed PII Data Of 137K Individuals
Unsecured SkyMed Database Exposed PII Data Of 137K Individuals
Reportedly, the unsecured SkyMed database exposed huge records having medical and personal information of US citizens online.
Source: Unsecured SkyMed Database Exposed PII Data Of 137K Individuals
ISO/IEC 27018:2014, 1st Edition: Information technology – Security techniques – Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
NIST Special Publication 800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)
May 05 2019
Belgian programmer solves cryptographic puzzle
Belgian programmer solves cryptographic puzzle – 15 years too soon!
Belgian coder Bernard Fabrot just finished a 3.5-year computational marathon, solving a fascinating cryptopuzzle set at MIT back in 1999.
Source: Belgian programmer solves cryptographic puzzle – 15 years too soon!
May 03 2019
Creating A Cyber Secure Home
May 01 2019
Lagging behind: why government organisations need to upgrade their email security -TEISS® : Cracking Cyber Security
Organisations need to upgrade their email security
Maor Hizkiev, CTO and co-founder, BitDam, explains how and why government organisations are lagging behind in implementing standard email security measures and what needs to be done to improve the state of security in the public sector.
Email Security with Cisco IronPort
Email Security Awareness
Apr 30 2019
Facebook funds research on the impact of social media on elections
Impact of social media on elections
Facebook is going to fund academic research on the impact of social media on elections, aimed at preventing manipulation of these platforms.
Source: Facebook funds research on the impact of social media on elections
Apr 29 2019
Tech Support Scammers Freeze Browsers Using Iframes
Tech Support Scammers Freeze Browsers Using Iframes
Tech support scammers are using iframes to lock web browsers and to trick people into calling their support hotlines posing as legitimate services to have their computers fixed after being presented with a “computer has been blocked” alert.
Source: Tech Support Scammers Freeze Browsers Using Iframes
The Browser Hacker’s Handbook
Apr 25 2019
Computer security training courses
Computer security training courses – Online cyber security courses
Build your cyber security awareness and InfoSec career to keep your cyber security skills relevant. Learn how to protect your information assets against today’s cyber threats with best online cyber security training courses.
DISC InfoSec cyber security training curriculum includes specialized InfoSec training and general cyber security courses for all levels.
Security Penetration Testing (The Art of Hacking Series) LiveLessons
Linux Security and Hardening, The Practical Security Guide
CISSP LiveLessons
Red Hat Certified Engineer (RHCE) with Virtual Machines LiveLessons
Fundamentals of nerc cip
Cyber Security – Online Scams & How to Avoid Them
Disaster Recovery and Risk Management
 |
|
|
|---|---|---|
| Penetration Testing | AWS Security | |
- InfoSec books from Amazon
- InfoSec books from IT Governance
- InfoSec books from eBay
- InfoSec books from Wordery
Apr 24 2019
Social Engineering Red Flags
Social Engineering Red Flags
22 Social Engineering Red Flags
We recommend EVERYONE to review the 22 social engineering red flags to watch out for in any email. It might be a good idea to print out this PDF and pass it along to family, friends, and coworkers. Remember to always think before you click!
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/04/22RedFlags.pdf”]
Apr 23 2019
The best antivirus software of 2019
Apr 23 2019
Ten Must-Have CISO Skills
Source: Ten Must-Have CISO Skills – By Darren Death
CISO should have answers to these questions before meeting with the senior management.
- What are the top risks
- Do we have inventory of critical InfoSec assets
- What leading InfoSec standards and regulations apply to us
- Are we conducting InfoSec risk assessment
- Do we have risk treatment register
- Are we testing controls, including DR/BCP plans
- How do we measure compliance with security controls
- Do we have data breach response plan
- How often we conduct InfoSec awareness
- Do we need or have enough cyber insurance
- Is security budget appropriate to current threats
- Do we have visibility to critical network/systems
- Are vendor risks part of our risk register
Apr 21 2019
Stuxnet Malware Analysis
Stuxnet Malware Analysis By Amr Thabet
- Stuxnet videos library
- History of Stuxnet – Previous articles | DISC InfoSec blog
- What is Stuxnet, who created it and how does it work? | CSO Online
- GitHub – micrictor/stuxnet: Open-source decompile of Stuxnet/myRTUs
- Stuxnet Source Code Released Online – Download Now
- Stuxnet Family Tree Grows
Apr 20 2019
Every Linux Networking Tool
Apr 19 2019
Malware Analysis
Malware Analysis
Introduction to Malware Analysis | SANS Lenny Zeltser
Five Awesome Tools to perform Behavioural Analysis of Malware
Apr 18 2019
What CISO does for a living
What CISO does for a living by Louis Botha
It’s based on the CISO mindmap by Rafeeq Rehman, updated for 2018 and adding the less technical competencies
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/04/CISO-does-for-living.pdf” title=”CISO does for living”]
Download of What CISO does for a living (pdf)
CISO MindMap 2018 – What Do InfoSec Professionals Really Do?
CISO should have answers to these questions before meeting with the senior management.
- What are the top risks
- Do we have inventory of critical InfoSec assets
- What leading InfoSec standards and regulations apply to us
- Are we conducting InfoSec risk assessment
- Do we have risk treatment register
- Are we testing controls, including DR/BCP plans
- How do we measure compliance with security controls
- Do we have data breach response plan
- How often we conduct InfoSec awareness
- Do we need or have enough cyber insurance
- Is security budget appropriate to current threats
- Do we have visibility to critical network/systems
- Are vendor risks part of our risk register
« Previous Page — Next Page »
