
- Feds Warn About Snatch Ransomwareby Zachary PelkaUS Agency Advisory Sheds Light on the Group’s Activities According to a new alert issued by U.S. authorities, the Snatch ransomware group is targeting a wide range of critical infrastructure sectors, including the defense industrial base, food and agriculture, and information technology. The group first appeared in 2018 and operates on a ransomware-as-a-service model, conducting … Read more
- What is SSO? | How single sign-on worksby Zachary PelkaSingle sign-on (SSO) is a vital cloud security technology that reduces all user application logins to one login for greater security and convenience. What is single sign-on (SSO)? Single sign-on (SSO) is a technology that combines several different application login screens into one. With SSO, users only have to enter their login credentials (username, password, … Read more
- What is multi-factor authentication (MFA)?by Zachary PelkaMulti-factor authentication checks multiple aspects of a person’s identity before allowing them access to an application or database instead of just checking one. It is much more secure than single-factor authentication. What is MFA (multi-factor authentication)? Multi-factor authentication, or MFA, is a way to verify user identity that is more secure than the classic username-password combination. MFA … Read more
- What is a threat intelligence feed?by Zachary PelkaA threat intelligence feed is a data stream about potential attacks (known as “threat intelligence”) from an external source. Organizations can use threat intelligence feeds to keep their security defenses updated and ready to face the latest attacks. A news feed on a journalism website or a social media platform shows continual updates: new content, … Read more
- What is STIX/TAXII?by Zachary PelkaSTIX/TAXII is a joint global initiative to drive threat intelligence sharing and collaboration among organizations. STIX/TAXII is a global initiative designed to mitigate and prevention of cyber threats. Launched in December 2016 by the United States Department of Homeland Security (DHS), the organization is now managed under OASIS, a nonprofit organization that advances the development, … Read more
- What is threat intelligence?by Zachary PelkaThreat intelligence is information about potential attacks. It helps organizations take action to defend themselves against these attacks. Threat intelligence is information about the potential attacks an organization may face and how to detect and stop those attacks. Law enforcement sometimes distributes “Wanted” posters with information about suspects; similarly, cyber threat intelligence contains information about … Read more
- What are indicators of compromise (IoC)?by Zachary PelkaIndicators of compromise (IoC) are evidence left behind by an attacker or malicious software that can be used to identify a security incident. Indicators of compromise (IoCs) are information about a specific security breach that can help security teams determine if an attack has occurred. This data can include details about the attack, such as … Read more
- What is Ryuk ransomware?by Zachary PelkaRyuk is a type of ransomware that attackers have used to extort money from businesses since 2018. The parties who operate Ryuk pursue bigger targets and charge heftier ransoms than most ransomware attackers. Ryuk attacks are unusual in that they involve considerable surveillance and manual effort to infect their targets. (For typical ransomware groups, putting so … Read more
- Heuristics Definitionby Zachary PelkaHeuristics came to public attention when Daniel Kahneman published his best-selling book “Thinking, Fast and Slow”. In it, Kahneman summarized the findings from his decades-long collaboration with his research partner Amos Tversky and got people interested in heuristics and their applications to decision-making, relationships, business, and more. What is a Heuristic? Definition A heuristic is … Read more
- Personally Identifiable Information (PII)by Zachary PelkaPersonally Identifiable Information (PII) is the term used for data that can be traced back to one specific user. Examples of PII are names, social security numbers, biometrics, and other information that, in combination with other data, could be enough to identify a user. “Personally Identifiable Information” also has a legal definition, depending on the … Read more
- What is a zero-day exploit?by Zachary PelkaA zero-day exploit is an attack that takes advantage of a mostly unknown security vulnerability. What is a zero-day exploit? A zero-day exploit (also called a zero-day threat) is an attack that takes advantage of a security vulnerability that does not have a fix in place. It is called a “zero-day” threat because the developer … Read more
- What is a next-generation firewall (NGFW)?by Zachary PelkaA next-generation firewall (NGFW) is a security appliance that processes network traffic and applies rules to block potentially dangerous traffic. NGFWs evolve and expand upon the capabilities of traditional firewalls. They do all that firewalls do, but more powerfully and with additional features. Consider two airport security agencies. One check to ensure passengers are not on … Read more
- What is load balancing? | How load balancers workby Zachary PelkaLoad balancing distributes traffic among multiple servers to improve a service or application’s performance and reliability. Load balancing is the practice of distributing computational workloads between two or more computers. Load balancing is often employed on the Internet to divide network traffic among several servers. This reduces the strain on each server and makes the … Read more
- What is a firewall? How network firewalls workby Zachary PelkaA firewall sits between a network and the Internet, controlling data flow in and out of the network to stop potential security threats. What is a firewall? A firewall is a security system that monitors and controls network traffic based on security rules. Firewalls usually sit between a trusted network and an untrusted network; frequently, … Read more
- Why use TLS 1.3?by Zachary PelkaTLS 1.3 improves over previous versions of the TLS (SSL) protocol in several essential ways. What is the difference between TLS 1.3 and TLS 1.2? TLS 1.3 is the latest version of the TLS protocol. TLS, which is used by HTTPS and other network protocols for encryption, is the modern version of SSL. TLS 1.3 dropped support for older, less … Read more
- What is a computer port? | Ports in networkingby Zachary PelkaPorts are virtual places within an operating system where network connections start and end. They help computers sort the network traffic they receive. A port is a virtual point where network connections start and end. Ports are software-based and managed by a computer’s operating system. Each port is associated with a specific process or service. … Read more
- What is SSL? | SSL definitionby Zachary PelkaSecure Sockets Layer (SSL) is a security protocol that provides privacy, authentication, and integrity to Internet communications. SSL eventually evolved into Transport Layer Security (TLS). SSL, or Secure Sockets Layer, is an encryption-based Internet security protocol. Netscape was first developed in 1995 to ensure privacy, authentication, and data integrity in Internet communications. SSL is the predecessor to … Read more
- How does keyless SSL work?by Zachary PelkaKeyless SSL allows organizations that cannot share their private keys to move to the cloud while maintaining SSL/TLS encryption. What is keyless SSL? Keyless SSL is a service for companies that use a cloud vendor for SSL encryption. Usually, this would mean that the cloud vendor has to know the company’s private key, but keyless SSL is … Read more
- What is TLS (Transport Layer Security)?by Zachary PelkaTLS is a security protocol that provides privacy and data integrity for Internet communications. Implementing TLS is standard practice for building secure web apps. What is Transport Layer Security (TLS)? Transport Layer Security, or TLS, is a widely adopted security protocol designed to facilitate privacy and data security for communications over the Internet. A primary use case … Read more
- What is DNS security?by Zachary PelkaDNS was not designed with security in mind, and many types of attacks were created to exploit vulnerabilities in the DNS system. What is DNS security? DNS security protects DNS infrastructure from cyber attacks to keep it performing quickly and reliably. An effective DNS security strategy incorporates several overlapping defenses, including establishing redundant DNS servers, applying security … Read more
- What is HTTPS?by Zachary PelkaHypertext transfer protocol secure (HTTPS) is the secure version of HTTP, the primary protocol used to send data between a web browser and a website. HTTPS is encrypted to increase the security of data transfer. This is particularly important when users transmit sensitive data by logging into a bank account, email service, or health insurance provider. … Read more
- What happens in a TLS handshake? | SSL handshakeby Zachary PelkaIn a TLS/SSL handshake, clients and servers exchange SSL certificates, cipher suite requirements, and randomly generated data for creating session keys. TLS is an encryption and authentication protocol designed to secure Internet communications. A TLS handshake is the process that kicks off a communication session that uses TLS. During a TLS handshake, the two communicating sides … Read more
- What is a domain name registrar?by Zachary PelkaA domain name registrar is a business that handles the reservation of domain names and the assignment of IP addresses for those domain names. Domain names are alphanumeric aliases used to access websites. For example, The IP address would be something like 192.0.2.1 (just an example). Domain names make it easier to access websites without memorizing and entering … Read more
- Ethical Hacking Tools For Reconby Zachary PelkaThis is an excellent breakdown of the tools used in an ethical hacker’s toolkit.
- Rhysida ransomware behind recent attacks on healthcareby Zachary PelkaThe Rhysida ransomware operation is making a name for itself after a wave of attacks on healthcare organizations has forced government agencies and cybersecurity companies to pay closer attention to its operations. Following a security bulletin by the U.S. Department of Health and Human Services (HHS), CheckPoint, Cisco Talos, and Trend Micro have all released … Read more
- What is an on-path attacker?by Zachary PelkaAn on-path attacker places themselves between victims and the services they are trying to reach, often to steal data. On-path attackers place themselves between two devices (often a web browser and a web server) and intercept or modify communications. The attackers can then collect information and impersonate either of the two agents. In addition to websites, … Read more
- What is a VPN?by Zachary PelkaA virtual private network (VPN) lets a user remotely access a private network for privacy and security. A virtual private network (VPN) is an Internet security service that allows users to access the Internet as though they were connected to a private network. This encrypts Internet communications as well as providing a substantial degree of … Read more
- TryHackMe.com – Pentest plus learning pathway – Completedby Zachary PelkaStudying this one in “The Background” is not going to work. I did make it this far, however! Progress, not perfection! One Day/Test At A Time.
- Message in a bottle – 21st Century Styleby Zachary PelkaTalk about advances in technology and sending messages. You can now pay to have your DNA sent to the moon for archive reasons… WEIRD. Cyber Security Note – Never pick up a random USB drive and plug it into your machine. It could be a trap. Just look at STUXNET and Mr. Robot for examples.
- Kevin Mitnick, Once the ‘Most Wanted Computer Outlaw,’ Dies at 59by Zachary PelkaBest known for an audacious hacking spree in the 1990s involving the theft of data and credit card numbers, he later became a security consultant and public speaker. Kevin Mitnick, who at the dawn of widespread internet usage in the mid-1990s became the nation’s archetypal computer hacker — obsessive but clever, shy but mischievous and … Read more
- NetCat (NCat) in a Server Rackby Zachary PelkaAwe, isn’t that cute! We have a “NetCat” stowed away in a mini server rack. Maybe it was cold, or maybe it was looking for the USB mouse. Ncat is a feature-packed networking utility which reads and writes data across networks from the command line. Ncat was written for the Nmap Project as a much-improved … Read more
- I Told You I Was Coming For You! THM-26JUN23by Zachary PelkaI told you I was coming for you! This was not a threat. This was a promise! Dedication pays off! I was determined to obtain this 30 day hacking streak badge, and it is now mine! Try Hack Me dedication! But, it doesn’t stop here, there is a 45 day badge I am now putting … Read more
- How to encrypt a file with symmetric encryption – GnuPGby Zachary PelkaIn this guide, you’ll learn how to encrypt a file using symmetric encryption. 1. Install GnuPG First, you need to install GnuPG on your operating system. GnuPG, or GPG as it’s often called, is a free software program based on the PGP encryption standard that allows users to encrypt, sign data, and even manage keys. 2. Encrypt … Read more
- Apple Releases Rapid Security Response Updates for iOS 16.4.1 and macOS 13.3.1by Zachary PelkaiOS 16.4.1 (a): Apple Suddenly Releases 1st-Ever iPhone Rapid Security Response Update. Never can be too safe to update! This is new. For the very first time, Apple has released a Rapid Security Response (RSR) update to iPhone users, with a corresponding RSR for the Mac. It represents a change in how Apple will launch … Read more
- What is browser isolation?by Zachary PelkaBrowser isolation protects users from untrusted, potentially malicious websites and apps by confining browsing activity to a secured environment separated from user devices and organizational networks. What is browser isolation? Browser isolation is a technology that keeps browsing activity secure by separating the process of loading webpages from the user devices displaying the webpages. This … Read more
- Zero Trust security | What is a Zero Trust network?by Zachary PelkaZero Trust is a security model based on maintaining strict access controls and not trusting anyone by default, even those already inside the network perimeter. What is Zero Trust security? Zero Trust security is an IT security model that requires strict identity verification for every person and device trying to access resources on a private … Read more
- What is a social engineering attack?by Zachary PelkaIn social engineering attacks, victims are manipulated into handing over sensitive information that can be used for malicious purposes. What is social engineering? Social engineering is the practice of manipulating people into giving up sensitive information. Social engineering attacks can happen in person, such as a burglar dressed as a delivery man getting buzzed into … Read more
- What is a data breach?by Zachary PelkaA data breach involves the release of sensitive information. Many types of online attacks have a primary goal of causing a data breach to release information such as login credentials and personal financial data. A data breach is releasing confidential, private, or otherwise sensitive information into an unsecured environment. A data breach can occur accidentally … Read more
- What is Data Loss Prevention (DLP)?by Zachary PelkaData loss prevention (DLP) is a set of tools and processes used to ensure that sensitive data is not lost, misused, or unauthorized access. DLP software classifies regulated, confidential, and business-critical data. It identifies violations of policies defined by organizations or within a predefined policy pack, typically driven by regulatory compliance such as HIPAA, PCI-DSS, … Read more
- What is URL filtering?by Zachary PelkaURL filtering enables companies to block individual web pages and files to restrict what content their employees can access over company networks. URL filtering restricts what web content users can access. It does this by blocking specific URLs from loading. Corporations implement URL filtering to prevent the use of company resources, devices, network bandwidth, etc. , … Read more
- What is DNS Filtering?by Zachary PelkaDNS filtering defined DNS filtering (or DNS block) describes a cybersecurity measure used to stop internet users from accessing unapproved websites on a server. Organizations use DNS blocking to secure their environment against phishing attacks and other cyber threats. Through DNS filtering services, businesses assign control over what users can access, limit access to websites potentially posing malware … Read more
- An Example of Data in Transit in Real Lifeby Zachary PelkaThis truck was properly defragged locally and was compressed for data in transit. Data in motion is done effectively and efficiently for transit. For more information on “Data in Transit” or “Data in Motion,” please check out this article.
- When there are problems with the wired LAN.by Zachary PelkaOccasionally you have to switch to WiFi because there is some failure on the “wired network. Network stress test, anyone? Sometimes, the wire wants a break or tries to tell you something. Maybe an intrusion prevention system? A WAF? Maybe you need to switch to a VPN for whom you are trying to access… where … Read more
- Newly discovered spying campaign, Russian hackers targeted European military and transport organizations.by Zachary PelkaRussian military-linked hackers targeted — and in some cases successfully infiltrated — the networks of European military, energy, and transportation organizations in an apparent spying campaign that went undetected for months as the war in Ukraine raged, Microsoft told its customers in a report obtained by CNN. The report demonstrates how, despite the heightened defensive posture of … Read more
- Best Open Source Penetration Testing Toolsby Zachary PelkaKali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics, and Reverse Engineering. This niche prefers that distro; these tools could be manually installed on other Linux Distros, maybe even Windows ports. However, Kali and Parrot Linux are the more popular Linux Distros … Read more
- Anonymous vs. Russia: What can hackers do against Nuclear power?by Zachary PelkaAnonymous has declared cyberwar on Russia in the Ukraine conflict. Meanwhile, several hacker attacks have been on Russia, and Russia has threatened to use nuclear forces. Who can counter this? Can Anonymous do anything against nuclear power? ▸ subscribe to their channel: https://goo.gl/UupwgM #Anonymous #UkraineWar #UkraineRussiaConflict “This operation is not against the people of Russia. … Read more
- Types Of Access Control Systemsby Zachary PelkaWhen we refer to access control systems, we’re talking about providing access to restricted areas of the enterprise. But familiarity and correctly utilizing access control systems to protect proprietary information are two completely different levels of understanding. For example, who gets access to what? What are the rules? How is access tracked? The user must first be … Read more
- What is a secure web gateway (SWG)?by Zachary PelkaA secure web gateway (SWG) blocks or filters out harmful content and prevents data leakage. All employee Internet traffic passes through the SWG. What is a secure web gateway (SWG)? A secure web gateway (SWG) is a cyber security product that protects company data and enforces security policies. SWGs operate between company employees and the … Read more
- What is Cross-Site Request Forgery (CSRF)?by Zachary PelkaA cross-site request forgery attack is a confused deputy cyber attack that tricks a user into accidentally using their credentials to invoke a state-changing activity, such as transferring funds from their account, changing their email address and password, or some other undesired action. While the potential impact against a regular user is substantial, a successful … Read more
- What is a WAF? | Web Application Firewall explainedby Zachary PelkaA WAF creates a shield between a web app and the Internet; this shield can help mitigate many common attacks. Learning Objectives After reading this article, you will be able to: A WAF or web application firewall helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It covers web applications from … Read more
- Search Engines for Pen-Testersby Zachary PelkaFor education purposes only. Browse with care.
- Honey Potby Zachary PelkaA honeypot is a decoy computer system for trapping hackers or tracking unconventional or new hacking methods. Honeypots are designed to purposely engage and deceive hackers and identify malicious activities performed over the internet. Multiple honeypots can be set on a network to form a honeynet.
- What is credential stuffing? | Credential stuffing vs. brute force attacksby Zachary PelkaIn a credential stuffing attack, collections of stolen login credentials from one service are used to attempt to break into accounts on various other services. What is Credential Stuffing? Credential stuffing is a cyber attack in which credentials obtained from a data breach on one service are used to attempt to log in to another unrelated service. … Read more
- What is a brute force attack?by Zachary PelkaWhat is a brute force attack? A brute force attack is a trial-and-error method used to decode sensitive data. The most common applications for brute force attacks are cracking passwords and cracking encryption keys (keep reading to learn more about encryption keys). Other common targets for brute force attacks are API keys and SSH logins. Brute force … Read more
- DNS amplification attackby Zachary PelkaDNS amplification is a DDoS attack that leverages DNS resolvers to overwhelm a victim with traffic. What is a DNS amplification attack? This DDoS attack is a reflection-based volumetric distributed denial-of-service (DDoS) attack in which an attacker leverages the functionality of open DNS resolvers to overwhelm a target server or network with an amplified amount of traffic, rendering the … Read more
- SYN flood attackby Zachary PelkaAn SYN flood exploits a TCP/IP handshake vulnerability in an attempt to disrupt a web service. What is an SYN flood attack? An SYN flood (half-open attack) is a denial-of-service (DDoS) attack aiming to make a server unavailable to legitimate traffic by consuming all available server resources. By repeatedly sending initial connection request (SYN) packets, … Read more
- What is a DDoS attack?by Zachary PelkaA distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the regular traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic. Exploited machines can include computers … Read more
- What is a Botnet?by Zachary PelkaA bot is a piece of malware that infects a computer to carry out commands under the remote control of the attacker. A botnet (short for “robot network”) is a network of computers infected by malware that is under the control of a single attacking party, known as the “bot-herder.” Each machine under the control of the bot-herder is … Read more
- What is a Man-in-the-Middle Attack?by Zachary PelkaMan-in-the-Middle Attacks Defined A Man-in-the-Middle Attack (MITM) is a form of cyber eavesdropping in which malicious actors insert themselves into a conversation between two parties and intercept data through a compromised but trusted system. The targets are often intellectual property or fiduciary information. MITM aggressors will also use malware to open the communications channel to … Read more
- What is an Advanced Persistent Threat (APT)?by Zachary PelkaAdvanced Persistent Threat Defined and Explained An advanced persistent threat (APT) is a sophisticated, systematic cyber-attack program that continues for an extended period, often orchestrated by a group of skilled hackers. The hacker group, or the APT, designs the attack with a particular motive ranging from sabotage to corporate espionage. From stealing intellectual property to … Read more
- Ransomware protection: How to keep your data safe in 2023by Zachary PelkaWhat exactly is ransomware? If ransomware or an encryption Trojan gets onto your computer, it encrypts your data or locks your operating system. As ransomware gets hold of a “digital hostage,” such as a file, it demands a ransom for its release. To reduce the likelihood of finding yourself in front of a locked laptop or encrypted file, it’s essential to be prepared. The chances of infection can be … Read more
- The advent of Cyber 4 – Try Hack Me -THM{yours_starts_now}by Zachary Pelkahttps://tryhackme.com/Madscientist/badges/adventofcyber4
- Comcast Xfinity accounts were hacked in widespread 2FA bypass attacks.by Zachary PelkaComcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then used to reset passwords for other services, such as the Coinbase and Gemini crypto exchanges. Starting on December 19th, many Xfinity email users began receiving notifications that their account information had been changed. However, when … Read more
- Computer Fraud and Abuse Act (CFAA)by Zachary PelkaThe Computer Fraud and Abuse Act of 1986 (CFAA) is a United States cybersecurity bill enacted in 1986. The Computer Fraud and Abuse Act of 1986 (CFAA) is a United States cybersecurity bill enacted in 1986 to amend existing computer fraud law (18 U.S.C. § 1030), which had been included in the Comprehensive Crime Control Act of 1984. The law prohibits accessing a computer without authorization or above authorization. Before computer-specific criminal laws, … Read more
- Cyber Security Typesby Zachary PelkaCyber Security is not just one thing; you can focus on one area and be an expert or be a jack of all trades.
- Protecting America’s electric grid from attack | 60 Minutes Archiveby Zachary PelkaPhysical, Natural, Criminal, War, and Cyber Vulnerabilities on America’s Electric Grid 60 Minutes – Security concerns for the nation’s electrical grid are being raised after a substation attack in North Carolina. This past February, Bill Whitaker reported on the vulnerabilities in the system that provides our electricity. “60 Minutes” is the most successful television broadcast … Read more
- Red Team Toolkitby Zachary PelkaRed Team Toolkit Examples of commonly used tools.
- CISA orders agencies to patch exploited Google Chrome bugs by Dec 26thby Zachary PelkaThe Cybersecurity and Infrastructure Security Agency (CISA) has added one more security vulnerability to its list of bugs known to be exploited in attacks. The flaw (tracked as CVE-2022-4262) was patched as an actively exploited zero-day bug in the Google Chrome web browser on Friday for Windows, Mac, and Linux users. In a security advisory published … Read more
- What is Financial Technology (FinTech)? A Beginner’s Guide for 2022by Zachary PelkaFinTech (financial technology) is a catch-all term. FinTech (financial technology) is a catch-all term referring to software, mobile applications, and other technologies created to improve and automate traditional forms of finance for businesses and consumers alike. FinTech can include everything from straightforward mobile payment apps to complex blockchain networks housing encrypted transactions. This guide will … Read more
- Private Key: What It Is, How It Works, Best Ways To Storeby Zachary PelkaWhat Is a Private Key? A private key sometimes called a “Wallet Pass Phrase,” is a secret number or series of words used in cryptography, similar to a password. In cryptocurrency, private keys or Pass Phrases are also used to sign transactions and prove ownership of a blockchain address. A private key is an integral aspect of Bitcoin and Memecoin/Altcoins, and its … Read more
- Difference between Tcpdump vs. Wiresharkby Zachary PelkaWireshark Wireshark is a popular network sniffing tool that provides GUI to decode many protocols and filters. Wireshark is a network traffic monitoring tool that runs on a network interface. It is now the most commonly used network management application. Device operators, network engineers, network security experts, and black hat hackers use Wireshark. Tcpdump Tcpdump … Read more
- Wireshark – Basic Explanation of “Eavesdropping”by Zachary PelkaFunctionality Wireshark is very similar to tcpdump, but has a graphical front-end and integrated sorting and filtering options. Wireshark lets the user put network interface controllers into promiscuous mode (if supported by the network interface controller), so they can see all the traffic visible on that interface, including unicast traffic not sent to that network interface controller’s MAC address. However, when capturing with a packet analyzer in … Read more
- Online Banking Security: How To Protect Your Online Banking Informationby Zachary PelkaDigital banking (online and mobile banking) makes managing finances easy. With digital banking technology, you can pay bills, deposit checks and transfer money from wherever you’re located. Due mainly to their convenience, online and mobile banking are the two most popular ways to bank. More than three-quarters of Americans (78%) prefer to bank digitally. But … Read more
- Cryptography Definitionby Zachary PelkaCryptography studies secure communications techniques that allow only the sender and intended recipient of a message to view its contents. The term is derived from the Greek word “kryptos”, which means hidden. It is closely associated with encryption, which is scrambling ordinary text into what’s known as ciphertext and then back again upon arrival. In addition, cryptography … Read more
- US Airports’ sites taken down in DDoS attacks by Pro-Russian Hackersby Zachary PelkaThe pro-Russian hacktivist group ‘KillNet’ is claiming large-scale distributed denial-of-service (DDoS) attacks against the websites of several major airports in the U.S., making them inaccessible. The DDoS attacks have overwhelmed the servers hosting these sites with garbage requests, making it impossible for travelers to connect and get updates about their scheduled flights or book airport … Read more
- Ukraine’s IT army: Who are the cyber guerrillas hacking Russia?by Zachary PelkaIn an unprecedented move, Ukraine’s digital transformation minister has called for cyber volunteers around the world to attack targets with links to Russia. Thousands have answered his call. Who are they? Before heading to his day job in “just another city” in Denmark, Jens spends around an hour of the morning defending Ukraine in cyberspace. First, … Read more
- Ransomware attack delays patient care at hospitals across the U.S.by Zachary PelkaCHI Memorial Hospital in Tennessee, some St. Luke’s hospitals in Texas, and Virginia Mason Franciscan Health in Seattle have announced they were affected. One of the largest hospital chains in the U.S. was hit with a suspected ransomware cyberattack this week, leading to delayed surgeries, hold-ups in patient care, and rescheduled doctor appointments across the … Read more
- The Uber Data Breach Conviction Shows Security Execs What Not to Doby Zachary PelkaUBER’S FORMER CHIEF Security Officer (CSO), Joe Sullivan, was found guilty this week of actively hiding a data breach from the US Federal Trade Commission (FTC) and concealing a felony. The case has reverberated through the security and tech worlds because it is seemingly the first time an individual executive has faced criminal prosecution for charges … Read more
- Hackers Can Use ‘App Mode’ in Chromium Browsers for Stealth Phishing Attacksby Zachary PelkaIn what’s a new phishing technique, it has been demonstrated that the Application Mode feature in Chromium-based web browsers can be abused to create “realistic desktop phishing applications.” Application Mode is designed to offer native-like experiences in a manner that causes the website to be launched in a separate browser window while also displaying the … Read more
- Cristy Davis Powerball Donation Lottery Scamby Zachary PelkaA “Cristy Davis ” Powerball Donation Lottery Scam I Googled this text message / SMS I just received today. Wondering what this was all about, and smelled a scam, and sure enough, it was after some quick checks. This scam started to be reported back in March 2021, maybe earlier. The scam persisted and was … Read more
- Russian Sandworm Hackers Impersonate Ukrainian Telecoms to Distribute Malwareby Zachary PelkaNew findings show that a threat cluster linked to the Russian nation-state actor tracked as Sandworm has continued its targeting of Ukraine with commodity malware by masquerading as telecom providers. Recorded Future said it discovered new infrastructure belonging to UAC-0113 that mimics operators like Datagroup and EuroTransTelecom to deliver payloads such as Colibri loader and Warzone RAT. The … Read more
- Common Crypto Scams and How to Avoid Themby Zachary PelkaEver heard of rug pulls and pig butchering? Be more intelligent than the scammers and learn how common crypto scams work in detail. The US Federal Bureau of Investigation (FBI) estimates that, between January and March 2022, more than US$1.3 billion dollars in cryptocurrencies were stolen by cybercriminals. It is a significant amount, given that by … Read more
- Just Open Itby Zachary Pelka“Just open it, you don’t need a password.” What is phishing? Phishing attacks are counterfeit communications that appear to come from a trustworthy source but can compromise all types of data sources. Attacks can facilitate access to your online accounts and personal data, obtain permissions to modify and compromise connected systems–such as point of sale terminals … Read more
- Data Mining – Identity Theft.by Zachary PelkaWarning Signs of Identity Theft What Do Thieves Do With Your Information? Once identity thieves have your personal information, they can drain your bank account, run up charges on your credit cards, open new utility accounts, or get medical treatment on your health insurance. An identity thief can file a tax refund in your name … Read more
- World’s top password manager LastPass says it was hacked.by Zachary PelkaThe CEO of password-manager company LastPass said Thursday that it was recently hacked, but the company sees no evidence the incident exposed any customer data or passwords. “We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code … Read more
- Apple Releases Security Updates for Multiple Productsby Zachary PelkaApple has released security updates to address vulnerabilities in macOS Monterey, iOS and iPadOS, and Safari. An attacker could exploit one of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible: MacOS … Read more
- What is the Internet of Things?by Zachary PelkaDoes your house have a smart thermostat? Or do you wear a fitness tracker to help you stay physically active? If you do, you are part of the Internet of Things, or IoT. It’s become embedded in our lives, as well as in the way organizations operate. IoT uses a variety of technologies to connect … Read more
- Researchers Hacked SpaceX Operated Starlink Satellite Using a $25 Modchip.by Zachary PelkaIn a hacking attempt carried out by a security researcher, Lennert Wouters, at the Belgian university KU Leuven, the Starlink satellite-based internet system operated by SpaceX was successfully hacked. The most shocking thing is that it cost him approx 25 dollars only to make a homemade circuit board to hack the system. A series of … Read more
- Multi-Factor Authentication: Who Has It and How to Set It Upby Zachary PelkaDon’t let scammers get their hands on your sensitive information. Here’s how to secure your online accounts with multi-factor authentication (MFA), and two-factor authentication (2FA). The 2014 Heartbleed bug exposed millions of internet logins to scammers thanks to one itty-bitty piece of code. Our security nightmares have only gotten progressively worse in the years since. What’s the … Read more
- Security Domainsby Zachary PelkaDefinition(s): A domain that implements a security policy and is administered by a single authority.Source(s):CNSSI 4009-2015 from CNSSP 24, CNSSI 1253F Attachment 3NIST SP 800-137 under Security Domain from CNSSI 4009NIST SP 800-172 from CNSSI 4009-2015 – AdaptedNIST SP 800-172A from CNSSI 4009-2015 – AdaptedNIST SP 800-53 Rev. 5 from CNSSI 4009-2015NIST SP 800-171 Rev. 2 from CNSSI 4009 – Adapted An environment or context includes a set of system resources and … Read more
- Network Monitoringby Zachary PelkaStop! Hey! What’s that sound? THERE’S SOMETHING HAPPENING HERE WHAT IT IS AIN’T EXACTLY CLEAR THERE’S A MAN WITH A GUN OVER THERE TELLING ME I GOT TO BEWARE I THINK IT’S TIME WE STOP, CHILDREN, WHAT’S THAT SOUND EVERYBODY LOOK WHAT’S GOING DOWN THERE’S BATTLE LINES BEING DRAWN NOBODY’S RIGHT IF EVERYBODY’S WRONG YOUNG … Read more
- Yanluowang Ransomware Operators hacked Cisco to Steal Internal Databy Zachary PelkaRecent reports indicate that Cisco’s corporate network was infected with ransomware from the Yanluowang group in late May. Under the threat of leaking stolen files to the online world, the threat actor attempted to intimidate the victims into making a financial sacrifice: ransom. An employee’s Box folder linked to a compromised account was only accessible … Read more
- Top 19 Kali Linux tools for vulnerability assessmentsby Zachary PelkaKali Linux is a free operating system and helps conduct vulnerability assessments and penetration tests. Kali Linux has many tools that can help with vulnerability assessment and network discovery. There are 19 great tools in Kali Linux for conducting vulnerability assessments and finding security loopholes across various environments. What is a vulnerability assessment tool? A vulnerability … Read more
- Random phone callers – Waste of our timeby Zachary PelkaI don’t know about you, but my phone number gets scammed, fake calls, all illegitimate calls to say the least. I just got five today. I am a professional, so I need to pick up random phone numbers that call for business. But it is a waste of time. SERIOUSLY. This spam Robo killer “stuff” … Read more
- What is Remote Access Trojan (RAT)?by Zachary PelkaRemote access trojans (RATs) are malware designed to allow an attacker to remotely control an infected computer. Once the RAT runs on a compromised system, the attacker can send commands to it and receive data back in response. 2022 Security ReportDemo Endpoint RAT Protection How Does a Remote Access Trojan Work? RATS can infect computers … Read more
- 20JUL2022 – Apple Security Updates Released.by Zachary PelkaNearly every operating system update contains fixes for security vulnerabilities, and the latest releases are no exception. Find out what has been patched by iOS 15.6, macOS 12.5, and others. Apple doesn’t disclose or confirm security issues until an investigation has occurred and patches are made available. On Wednesday, Apple released a slew of updates for its devices … Read more
- What is Smishing and How to Defend Against it?by Zachary PelkaSmishing meaning and definition Smishing is a phishing cybersecurity attack carried out over mobile text messaging, also known as SMS phishing. As a variant of phishing, victims are deceived into giving sensitive information to a disguised attacker. SMS phishing can be assisted by malware or fraudulent websites. It occurs on many mobile text messaging platforms, … Read more
- Ongoing ‘Roaming Mantis’ Smishing Campaign Hits Over 70,000 Users in Franceby Zachary PelkaA Chinese threat actor named Roaming Mantis has been targeting Android users in France with the MoqHao malware in a new smishing campaign, security researchers with Sekoia warn. The campaign uses phishing SMS messages containing an embedded malicious link to trick unsuspecting victims into downloading malware on their Android devices or accessing a phishing page … Read more
- Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Serverby Zachary PelkaA new ransomware family dubbed ‘HavanaCrypt’ disguises itself as a Google software update app, using a Microsoft web hosting service IP address as its command and control server to circumvent detection. Detailed by security researchers at Trend Micro in a report, the ransomware is the latest in a series of malware that poses as a legitimate … Read more
- Lithuanian Energy Firm Disrupted by DDoS Attackby Zachary PelkaLithuanian energy company Ignitis Group was hit by what it described as its “biggest cyber-attack in a decade” on Saturday when numerous distributed denial of service (DDoS) attacks were aimed at it, disrupting its digital services and websites. Pro-Russian hacking group Killnet claimed responsibility for the attack on its Telegram channel on Saturday, making this … Read more









