Category Archives: Security

12 Sep

Email Header Analysis – Find out Received Email is Genuine or Spoofed

Email is a business critical asset.Altering email header to make the message appear to come from somewhere other than the actual source is a fraudulent email. If the spam filter is bypassed a receiving the mail to inbox can be the critical impact to the organization.This makes an organization open door to attacks like social

Read More
12 Sep

Microsoft Released Security Patch for for 17 Critical Vulnerabilities

Just a few moments ago Microsoft released its latest monthly Patch Tuesday update for September 2018, patching a total of 61 security vulnerabilities, 17 of which are rated as critical, 43 are rated Important, and one Moderate in severity. This month’s security updates patch vulnerabilities in Microsoft Windows, Edge, Internet Explorer, MS Office, ChakraCore, .NET

Read More
10 Sep

Tor Browser Zero-Day Exploit Revealed Online – Patch Now

Zerodium, the infamous exploit vendor that earlier this year offered $1 million for submitting a zero-day exploit for Tor Browser, today publicly revealed a critical zero-day flaw in the anonymous browsing software that could reveal your identity to the sites you visit. In a Tweet, Zerodium shared a zero-day vulnerability that resides in the NoScript

Read More
10 Sep

Exploiting the Obvious: Bluetooth Trust Relationships

Introduction Trust is a tricky thing. If you trust the wrong people or the wrong things, you might get into trouble. That is the reason why it is generally a good idea to reconsider one’s trust relationships from time to time, because the assumptions these trust relationships are based on may not be true anymore,

Read More
07 Sep

Lynis – Linux Auditing Tool

Lynis is an open source security auditing tool. Its main goal is to audit and harden Unix and Linux based systems. It scans the system by performing many security control checks. Examples include searching for installed software and determine possible configuration flaws. Many tests are part of common security guidelines and standards, with on top

Read More
04 Sep

Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic

Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially vulnerable MikroTik routers, more than 7,500 devices have been compromised to enable Socks4 proxy maliciously, allowing attackers to actively eavesdrop on the targeted network traffic since mid-July. The vulnerability in question is Winbox Any Directory File Read (CVE-2018-14847) in MikroTik routers

Read More
31 Aug

Maltego

Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet. Maltego uses the idea of transforms to automate the process of querying different data sources. This information is then displayed

Read More
30 Aug

Telegram updated its policy

on Tuesday, the company published a new privacy policy in which it stated: “If Telegram receives a court order that confirms you’re a terror suspect, we may disclose your IP address and phone number to the relevant authorities.” “So far, this has never happened,” the policy noted. “When it does, we will include it in

Read More
10 Aug

Darik’s Boot and Nuke (DBAN)

Darik’s Boot and Nuke (“DBAN”) is a self-contained boot image that securely wipes the hard disks of most computers. DBAN is appropriate for bulk or emergency data destruction.

Read More