Cybersecurity Tips and Tricks
While cybersecurity is a technical discipline — and we all love technical how-tos and in-depth tool reviews that empower our security toolkits — there are also strategic concepts and security basics we uphold as pillars of the industry.
Whether you’re a security veteran, just starting out in infosec, or simply want to know more about the security concepts and practices that shape the decision-making process in any modern organization, we’re here to help.
In our “Cybersecurity Tips” section you’ll find information about true cybersecurity basics including security automation, threat intelligence, social engineering, ransomware, and indicators of compromise, as well as updates on new attack methods and cybersecurity trends such as quantum computing, DevSecOps, security through obscurity, and more.
Each blog post will lead you through these concepts and their history, and we’ll get down to the nitty gritty on our subjects along with best practices and helpful tips on ensuring protection.
Most Popular Subdomains and MX Records on the Internet
Simply put, today’s internet runs on DNS.
DNS Records and Record Types: Some Commonly Used, and Some You Might Not Know About
Without DNS and domain names, our experience of browsing the web would be quite different. As users, we would have to actually memorize the IP addresses of websites we want to visit, which doesn’t seem like a pleasant user experience at all.
Best Cybercrime Investigation and Digital Forensics Courses and Certifications
Cyber criminals target networks in the private and public sector every day, and their threat is growing. Cyber attacks are becoming more common, more menacing, and in the public sector, can compromise public services and put sensitive data at risk. It happens all the time in the private sector too: companies are attacked for trade secrets, customer information and other confidential details. Individuals aren’t spared either and are falling victim to identity theft, fraud and various other types of cybercrime.
How I Lost the SecurityTrails #ReconMaster Contest, and How You Can Win: Edge-Case Recon Ideas
A while back, SecurityTrails announced that they would be running a contest dubbed “Recon Master”—the aim of which is to find hostnames that resolve to an IPv4 address that haven’t already been found by SecurityTrails. As it had been a while since I flexed my recon muscles, that sounded very interesting to me. These days, the majority of my asset discovery phase is spent literally just using SecurityTrails, so this would force me to think outside of the box and stop being so lazy.
IP Discovery: How to Create a Full IP Map of Your Organization
IP intelligence involves information gathering on the IP addresses used to provide access to web applications and web services within an organization.
Top 40 Shodan Dorks for Finding Sensitive IoT Data
With its ever-growing database and ease of use, Shodan has become one of the most popular tools used by security researchers for gathering IoT intelligence.
Internet Scanning: Definition, Benefits, Brief History and Tools
Since its inception, the concept known as the “Internet” has been shaped and reshaped under a constant barrage of new ideas and architectural improvements. As a result, the distributed network has also endured, with various success rates, a growing influx of forbidding conditions ranging from a dizzying array of malicious artifacts to skillful attacks on its very fabric and functionality. For all its breadth and depth, this established reality should come as no surprise; after all, the internet wades deeper and deeper into the tapestry of human culture, amassing remarkable achievements even amidst the most sophisticated threats.
Dangers of Using Self-Signed Certificates
SSL certificates are an integral part of today’s internet, allowing applications and services such as banking and other financial resources that require maximum security to be accessible from the comfort of one’s home.
10 Backend Security Risks and Tips on How to Prevent Them
With modern web applications’ backends consisting of multiple servers, containers running different applications (often built from templates), and numerous software services being run, including web servers, databases, web proxies, and the like, you can see how vital it is to ensure every single part of the backend. Otherwise, your entire web application’s safety and security is at risk.
Front-End Security: 10 Popular Types of Attacks and Best Practices to Prevent Them
Your web application’s front end is the first part seen everywhere. It’s the first thing that regular users and potential customers looks at but it’s also the first thing that an attacker sees—it’s the main door to your attack surface.