How to Protect Yourself When Shopping Online

Image credit: Pexels Online shopping safety is a pressing issue for both consumers and business users, especially in the holiday season. As customers flock to online stores to cross off their Christmas wish-lists, cyber criminals look to take advantage of the high traffic and customers looking for the best deal. Always remember, the Internet is not a governed, safe environment. It’s the wild west. There … Continue reading How to Protect Yourself When Shopping Online

Advanced attacks on Microsoft Active Directory: detection and mitigation

Attacks on Microsoft Active Directory have been a recurrent topic of reports on Black Hat and Defcon during the last four years. Speakers tell about new vectors, share their inventions, and give recommendations on detection and avoidance of these vectors. I believe that the IT department is capable of creating a secure infrastructure, which can be monitored by the security department. High-quality monitoring, in its … Continue reading Advanced attacks on Microsoft Active Directory: detection and mitigation

How-To: Obtaining Full System Access Via USB

Debugging mechanisms like JTAG (IEEE1149.1)  first appeared in the 1980s . Over time, microchip vendors extended the functionality of these interfaces. This allowed developers to obtain detailed information on power consumption, find bottlenecks in high-performance algorithms, and perform many other useful tasks. Hardware debugging tools are also of interest to security researchers. These tools grant low-lev el system access and bypass important security protections, making … Continue reading How-To: Obtaining Full System Access Via USB

How hackers could negatively impact a country\’s entire economy

Despite enormous efforts, security is always a work in progress because of technical vulnerabilities and the human factor. In the modern digital economy, criminals are becoming ever more creative in ways to make off with millions without having to leave home. And the actions of cybercriminals could actually negatively impact acountry\’s economy. Here are some scenarios of possible attacks. Unchained malware  We’ve already seen this … Continue reading How hackers could negatively impact a country\’s entire economy

Web application attack trends: government, e-commerce, and finance in the spotlight

Positive Technologies has revealed how hackers attacked web applications throughout 2016. The aim of our research was two-fold: to determine which attacks are most commonly used by hackers in the wild, and to find out which industries are being targeted and how. With this data, organizations can be more aware of digital threats and protect themselves accordingly. Statistics Out of the data analyzed, Government was … Continue reading Web application attack trends: government, e-commerce, and finance in the spotlight

Protecting the Perimeter: Old Attacks Work Just as Well as New Ones

When we think about external threats to information security, often our first thoughts are of hacker attacks on the network perimeter—say, advanced persistent threats (APTs) targeting large companies and governments. One example is the compromise of the Equation Group with publication of some of the group\’s tools for breaching the network perimeter. But as it turns out, many of the exploits have been known for … Continue reading Protecting the Perimeter: Old Attacks Work Just as Well as New Ones

Attacking SS7: Mobile Operators Security Analysis

The interception of calls is quite a challenging task, but not only intelligence services can pull it off. A subscriber may become a victim of an average hacker who is familiar with the architecture of signaling networks. Commonly known SS7 vulnerabilities allow for the interception of phone calls and texts, can reveal a subscriber’s location, and can disconnect a mobile device from a network. In … Continue reading Attacking SS7: Mobile Operators Security Analysis