A quick Saturday digest of cybersecurity news articles from other sources.In late 2022, Mandiant responded to a disruptive cyber physical incident in which the Russia-linked threat actor Sandworm targeted a Ukrainian critical infrastructure organization. This incident was a ...
Continue Reading →By James Wilson
Software development is a very careful and intricate process that requires planning, execution, and security measures. But the thing is that today’s digital landscape is riddled with cyber threats and challenges in every corner.
Enter artificial intelligence. By leveraging the power of AI, software development teams can proactively identify and address potential security risks, ensuring the creation of secure and robust software solutions.
In this article, we will explore the capabilities of AI and ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.I finally figured it out. For those who are having a hard time trying to figure out the network, first/last host, broadcast, next subnet, and number of addresses in a subnet, ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.45 years ago Cheri became my bride. Its been a long run, thanks for the many happy years
It’s tax season and scammers are looking to make a quick ...
Continue Reading →By Bob Weiss
Many of the cybersecurity certifications that I teach have content that involves the uses of encoding, code injection, directory transversal, and scripting. These concepts can be difficult to grasp, and the exam questions can be challenging to answer correctly. This series of articles is designed to help you understand the basic concepts, and how these get used both securely and maliciously. I am planning to show examples to help you identify these types of use cases or ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Original release date: February 8, 2023
Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory, ESXiArgs Ransomware Virtual Machine Recovery Guidance. This advisory describes ...
Continue Reading →This post is for my cybersecurity students, and anyone else taking a cybersecurity class or studying for a certification exam.
From Jason Dion: “The most common type of code injection is SQL injection. An SQL injection attempts to modify one or more of an SQL query’s four basic functions: select, insert, delete, or update. Two common methods of performing an SQL injection are either using a single apostrophe (‘) or submitting an always true statement like 1=1. As a penetration tester, you ...
Continue Reading →Managing a project is not for the faint hearted, as there is potentially so much that could go wrong and many things you will need to monitor – some of which will be entirely out of your control. In situations like this, nobody would blame you for throwing in the towel and not bothering – but all is not lost.
By using certain tools and services, you can sidestep some of the pitfalls that could easily cause you to fail – ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.Developers who contribute code to the popular repository will have to implement two-factor authentication by the end of 2023.
Identity theft ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.Original release date: April 7, 2022
CISA’s Sharing Cyber Event Information Fact Sheet provides our stakeholders with clear guidance and information about what to share, who should share, and how to share information about unusual cyber incidents or activity.
CISA uses this information from partners to build a common understanding ...
Continue Reading →